attributes.Length = sizeof(OBJECT_ATTRIBUTES);
attributes.RootDirectory = NULL;
attributes.ObjectName = &physmemString;
attributes.Attributes = 0;
attributes.SecurityDescriptor = NULL;
attributes.SecurityQualityOfService = NULL;
VOID SetPhyscialMemorySectionCanBeWrited(HANDLE hSection)
{
PACL pDacl = NULL;
PSECURITY_DESCRIPTOR pSD = NULL;
PACL pNewDacl = NULL;
DWORD dwRes = GetSecurityInfo(hSection, SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &pDacl, NULL, &pSD); if(ERROR_SUCCESS != dwRes)
{ if(pSD)
LocalFree(pSD);
if(pNewDacl)
LocalFree(pNewDacl);
} EXPLICIT_ACCESS ea;
RtlZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
ea.grfAccessPermissions = SECTION_MAP_WRITE;
ea.grfAccessMode = GRANT_ACCESS;
ea.grfInheritance= NO_INHERITANCE;
ea.Trustee.TrusteeForm = TRUSTEE_IS_NAME;
ea.Trustee.TrusteeType = TRUSTEE_IS_USER;
ea.Trustee.ptstrName = "CURRENT_USER"; dwRes = SetEntriesInAcl(1,&ea,pDacl,&pNewDacl);
if(ERROR_SUCCESS != dwRes)
{ if(pSD)
LocalFree(pSD);
if(pNewDacl)
LocalFree(pNewDacl);
}
dwRes = SetSecurityInfo(hSection,SE_KERNEL_OBJECT,DACL_SECURITY_INFORMATION,NULL,NULL,pNewDacl,NULL);
if(ERROR_SUCCESS != dwRes)
{ if(pSD)
LocalFree(pSD);
if(pNewDacl)
LocalFree(pNewDacl);
}} status = NtOpenSection(&g_hMPM, SECTION_MAP_READ|SECTION_MAP_WRITE, &attributes); if(status == STATUS_ACCESS_DENIED)
{
status = NtOpenSection(&g_hMPM, READ_CONTROL|WRITE_DAC, &attributes);
SetPhyscialMemorySectionCanBeWrited(g_hMPM);
CloseHandle(g_hMPM);
DWORD test=GetLastError();
status = NtOpenSection(&g_hMPM, SECTION_MAP_READ|SECTION_MAP_WRITE, &attributes);
//这里返回的值始终是拒绝访问,这是什么原因 } if(!NT_SUCCESS(status))
return NULL; g_pMapPhysicalMemory = MapViewOfFile(g_hMPM, FILE_MAP_READ|FILE_MAP_WRITE, 0, PhyDirectory, 0x1000); if( g_pMapPhysicalMemory == NULL )
return NULL;
attributes.RootDirectory = NULL;
attributes.ObjectName = &physmemString;
attributes.Attributes = 0;
attributes.SecurityDescriptor = NULL;
attributes.SecurityQualityOfService = NULL;
VOID SetPhyscialMemorySectionCanBeWrited(HANDLE hSection)
{
PACL pDacl = NULL;
PSECURITY_DESCRIPTOR pSD = NULL;
PACL pNewDacl = NULL;
DWORD dwRes = GetSecurityInfo(hSection, SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &pDacl, NULL, &pSD); if(ERROR_SUCCESS != dwRes)
{ if(pSD)
LocalFree(pSD);
if(pNewDacl)
LocalFree(pNewDacl);
} EXPLICIT_ACCESS ea;
RtlZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
ea.grfAccessPermissions = SECTION_MAP_WRITE;
ea.grfAccessMode = GRANT_ACCESS;
ea.grfInheritance= NO_INHERITANCE;
ea.Trustee.TrusteeForm = TRUSTEE_IS_NAME;
ea.Trustee.TrusteeType = TRUSTEE_IS_USER;
ea.Trustee.ptstrName = "CURRENT_USER"; dwRes = SetEntriesInAcl(1,&ea,pDacl,&pNewDacl);
if(ERROR_SUCCESS != dwRes)
{ if(pSD)
LocalFree(pSD);
if(pNewDacl)
LocalFree(pNewDacl);
}
dwRes = SetSecurityInfo(hSection,SE_KERNEL_OBJECT,DACL_SECURITY_INFORMATION,NULL,NULL,pNewDacl,NULL);
if(ERROR_SUCCESS != dwRes)
{ if(pSD)
LocalFree(pSD);
if(pNewDacl)
LocalFree(pNewDacl);
}} status = NtOpenSection(&g_hMPM, SECTION_MAP_READ|SECTION_MAP_WRITE, &attributes); if(status == STATUS_ACCESS_DENIED)
{
status = NtOpenSection(&g_hMPM, READ_CONTROL|WRITE_DAC, &attributes);
SetPhyscialMemorySectionCanBeWrited(g_hMPM);
CloseHandle(g_hMPM);
DWORD test=GetLastError();
status = NtOpenSection(&g_hMPM, SECTION_MAP_READ|SECTION_MAP_WRITE, &attributes);
//这里返回的值始终是拒绝访问,这是什么原因 } if(!NT_SUCCESS(status))
return NULL; g_pMapPhysicalMemory = MapViewOfFile(g_hMPM, FILE_MAP_READ|FILE_MAP_WRITE, 0, PhyDirectory, 0x1000); if( g_pMapPhysicalMemory == NULL )
return NULL;
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货