1、进程提权:
- BOOL CProgressInfo::AdjustPrivileges()
- {
- HANDLE hToken = NULL;
- TOKEN_PRIVILEGES tp = {0};
- TOKEN_PRIVILEGES oldtp = {0};
- DWORD dwSize = sizeof(TOKEN_PRIVILEGES);
- LUID luid = {0};
- if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) {
- if (GetLastError()==ERROR_CALL_NOT_IMPLEMENTED)
- return TRUE;
- else
- return FALSE;
- }
- if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid)) {
- CloseHandle(hToken);
- return FALSE;
- }
- tp.PrivilegeCount=1;
- tp.Privileges[0].Luid = luid;
- tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
- /* Adjust Token Privileges */
- if (!AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), &oldtp, &dwSize)) {
- CloseHandle(hToken);
- return FALSE;
- }
- // close handles
- CloseHandle(hToken);
- return TRUE;
- }
2、获取进程列表(提权后可获取基本所有的进程路径):
- BOOL CProgressInfo::GetProgressList()
- {
- BOOL bResult = FALSE;
- HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
- if ( hSnap == INVALID_HANDLE_VALUE )
- return FALSE;
- HANDLE hProcess = NULL;
- PROCESSENTRY32 info = {0};
- info.dwSize = sizeof(PROCESSENTRY32);
- BOOL bRet = Process32First(hSnap, &info);
- while(bRet) {
- hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, info.th32ProcessID);
- if (hProcess) {
- GetModuleFileNameEx(hProcess, NULL, /*缓冲区指针*/, MAX_PATH);//获取进程路径
- }
- bRet = Process32Next(hSnap, &info);
- }
- return TRUE;
- }
3、根据进程的PID,结束此进程:
- void CProgressInfo::DeleteProgress(DWORD pUID)
- {
- HANDLE hProcessHandle;
- hProcessHandle = ::OpenProcess(PROCESS_TERMINATE, FALSE,pUID);
- if(hProcessHandle)
- {
- TerminateProcess(hProcessHandle,-1);
- CloseHandle(hProcessHandle);
- }
- else
- {
- //......
- }
- }
来源:http://blog.csdn.net/u012372584/article/details/61912606