我向services.exe注入自己的dll,但奇怪的是OpenProcess成功了,VirtualAllocEx失败了,错误是5,拒绝访问。几天以前是可以的,现在突然不行了,很奇怪。请各位帮忙分析分析吧。提升权限代码是成功的:
HANDLE hToken;
LUID sedebugnameValue;
TOKEN_PRIVILEGES tkp; if (!OpenProcessToken(GetCurrentProcess(), /*TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY*/TOKEN_ALL_ACCESS, &hToken))
{
return;
} if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &sedebugnameValue))
{
CloseHandle(hToken);
return;
} tkp.PrivilegeCount = 1;
tkp.Privileges[0].Luid = sedebugnameValue;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL))
{
//AfxMessageBox(_T("提升权限失败"));
CloseHandle(hToken);
}打开进程也是成功的:
hProcess = OpenProcess(
PROCESS_QUERY_INFORMATION |
PROCESS_CREATE_THREAD |
PROCESS_VM_OPERATION |
PROCESS_VM_WRITE |
PROCESS_VM_READ,
FALSE, processId);出错在开辟内存的时候:
pszLibFileRemote = (PWSTR)
::VirtualAllocEx(hProcess, NULL, cb, MEM_COMMIT, PAGE_READWRITE);对winlogon.exe进行注入时是成功的,但这个services.exe不知为何。
HANDLE hToken;
LUID sedebugnameValue;
TOKEN_PRIVILEGES tkp; if (!OpenProcessToken(GetCurrentProcess(), /*TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY*/TOKEN_ALL_ACCESS, &hToken))
{
return;
} if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &sedebugnameValue))
{
CloseHandle(hToken);
return;
} tkp.PrivilegeCount = 1;
tkp.Privileges[0].Luid = sedebugnameValue;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL))
{
//AfxMessageBox(_T("提升权限失败"));
CloseHandle(hToken);
}打开进程也是成功的:
hProcess = OpenProcess(
PROCESS_QUERY_INFORMATION |
PROCESS_CREATE_THREAD |
PROCESS_VM_OPERATION |
PROCESS_VM_WRITE |
PROCESS_VM_READ,
FALSE, processId);出错在开辟内存的时候:
pszLibFileRemote = (PWSTR)
::VirtualAllocEx(hProcess, NULL, cb, MEM_COMMIT, PAGE_READWRITE);对winlogon.exe进行注入时是成功的,但这个services.exe不知为何。
应该是没有权限导致的
回sandyandy(songwenchao):
应该是权限问题,但事实是我已经提高到Debug权限了,所以才到这问的。
回sandyandy(songwenchao):
应该是权限问题,但事实是我已经提高到Debug权限了,所以才到这问的。