第一个(应该是比较简单),就是STOP [Terminal Services] 本地服务(当然是提权了,我要代码).
第二个(这个是那难的)是我用WNetAddConnection2(&nr, "", "administrator", 0)成功连接后,发现权限不够,基本什么都不能做(例如 建立共享,复制文件,连枚举用户名都做不到..),希望前辈拿代码来,小弟不胜感激!!!
第二个(这个是那难的)是我用WNetAddConnection2(&nr, "", "administrator", 0)成功连接后,发现权限不够,基本什么都不能做(例如 建立共享,复制文件,连枚举用户名都做不到..),希望前辈拿代码来,小弟不胜感激!!!
基本上不会拿到代码的
bool AquirePrivileges(LPSTR pPrivilege)
{
HANDLE hToken = NULL;
bool bOK = bool(OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &hToken));
if( bOK )
{
bOK = false;
TOKEN_PRIVILEGES tokenNew,
tokenPrev;
LUID luid;
DWORD dwSize = sizeof(tokenPrev),
dwNew = 0; if( LookupPrivilegeValue(NULL, pPrivilege, &luid) )
{
tokenNew.PrivilegeCount = 1;
tokenNew.Privileges[0].Luid = luid;
tokenNew.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; bOK = bool(AdjustTokenPrivileges(hToken, FALSE, &tokenNew, dwSize, &tokenPrev, &dwNew));
}
} DWORD dwErr = GetLastError(); return bOK;
}
http://topic.csdn.net/t/20050614/22/4082649.html
SC_HANDLE hServices; hServices = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
AquirePrivileges(SE_LOAD_DRIVER_NAME);
cout<<OpenService(hServices, "Terminal Services", SC_MANAGER_ALL_ACCESS);
CloseServiceHandle(hServices);
返回的是零.7楼提供的没看明白.
SC_HANDLE hServices; hServices = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
AquirePrivileges(SE_LOAD_DRIVER_NAME);
cout < <OpenService(hServices, "TermService", SC_MANAGER_ALL_ACCESS);
CloseServiceHandle(hServices);
返回的是零. 年轻人: 服务管理器中只是服务的显示名称,而不是服务在API中的名称!!!!!!看看我列的活动服务的API名称和显示名称: API 中传入的参数名称 服务管理器中显示的名称: ALG; Application Layer Gateway Service
AsiServer; Automated Software Installer Server
AudioSrv; Windows Audio
BITS; Background Intelligent Transfer Service
Browser; Computer Browser
CryptSvc; Cryptographic Services
DcomLaunch; DCOM Server Process Launcher
Dhcp; DHCP Client
dmserver; Logical Disk Manager
Dnscache; DNS Client
ERSvc; Error Reporting Service
Eventlog; Event Log
EventSystem; COM+ Event System
FastUserSwitchingCompatibility; Fast User Switching Compatibility
helpsvc; Help and Support
lanmanserver; Server
lanmanworkstation; Workstation
LmHosts; TCP/IP NetBIOS Helper
MDM; Machine Debug Manager
MSSQL$SQLEXPRESS; SQL Server (SQLEXPRESS)
Netman; Network Connections
Nla; Network Location Awareness (NLA)
NOD32krn; NOD32 Kernel Service
PlugPlay; Plug and Play
PolicyAgent; IPSEC Services
ProtectedStorage; Protected Storage
RasMan; Remote Access Connection Manager
RemoteRegistry; Remote Registry
RpcSs; Remote Procedure Call (RPC)
SamSs; Security Accounts Manager
Schedule; Task Scheduler
seclogon; Secondary Logon
SENS; System Event Notification
SharedAccess; Windows Firewall/Internet Connection Sharing (ICS)
ShellHWDetection; Shell Hardware Detection
Spooler; Print Spooler
srservice; System Restore Service
SSDPSRV; SSDP Discovery Service
TapiSrv; Telephony
TermService; Terminal Services // 这是你要的!!
Themes; Themes
TrkWks; Distributed Link Tracking Client
W32Time; Windows Time
WebClient; WebClient
winmgmt; Windows Management Instrumentation
wscsvc; Security Center
wuauserv; Automatic Updates
WZCSVC; Wireless Zero Configuration