|
Code #include <windows.h> #include <tlhelp32.h> BOOL CALLBACK EnumChildWindowProc(HWND hWnd,LPARAM lParam);//枚举记事本中的子窗口 char mess[999999]; int WINAPI WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nShowCmd) { HWND nphWnd=::FindWindow("notepad",NULL); if(nphWnd) { char temp[1024]; PROCESSENTRY32 pe32; pe32.dwSize=sizeof(pe32); HANDLE hProcessSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);//获得进程列表的快照,第一个参数可以有其他选项,详细请参考MSDN if(hProcessSnap==INVALID_HANDLE_VALUE) { ::MessageBox(NULL,"CreateToolhelp32Snapshot error","error",MB_OK); return 0; } HANDLE hProcess; HANDLE hToken; BOOL bMore; TOKEN_PRIVILEGES tkp; //获得本进程的句柄,并提升其权限 bMore=::Process32First(hProcessSnap,&pe32); while(bMore) { ::wsprintf(temp,"%s",pe32.szExeFile); if(!::strcmp(temp,"upprocess.exe"))//找到本进程 { //提升权限 //获得debug权限的LUID if(!::LookupPrivilegeValue(NULL,"SeDebugPrivilege",&tkp.Privileges[0].Luid)) { ::MessageBox(NULL,"LookupPrivilegeValue error","error",MB_OK); return 0; } tkp.PrivilegeCount=1; tkp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED; //打开进程的令牌环 if(!::OpenProcessToken(::GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,&hToken)) { ::MessageBox(NULL,"OpenProcessToken error","error",MB_OK); return 0; } //修改进程权限 if(!::AdjustTokenPrivileges(hToken,FALSE,&tkp,0,(PTOKEN_PRIVILEGES)NULL, 0)) { ::MessageBox(NULL,"AdjustTokenPrivileges error","error",MB_OK); return 0; } break; } bMore=::Process32Next(hProcessSnap,&pe32); } //获得本进程的句柄,并提升其权限 bMore=::Process32First(hProcessSnap,&pe32);//获得第一url temilitary,www.7788001.com,overhead in进程的信息 while(bMore) { ::wsprintf(temp,"%s%s%s%d%s","\r\n进程名: ",pe32.szExeFile," 进程ID: ",pe32.th32ProcessID,"\r\n"); ::strcat(mess,temp); hProcess=::OpenProcess(PROCESS_ALL_ACCESS,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄 ::wsprintf(temp,"%s","PROCESS_ALL_ACCESS权限: "); ::strcat(mess,temp); if(hProcess==NULL) { ::wsprintf(temp,"%s","失败\r\n"); ::strcat(mess,temp); ::CloseHandle(hProcess); } else { ::wsprintf(temp,"%s","成功\r\n"); ::strcat(mess,temp); ::CloseHandle(hProcess); } HANDLE hProcess=::OpenProcess(PROCESS_CREATE_PROCESS,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄 ::wsprintf(temp,"%s","PROCESS_CREATE_PROCESS权限: "); ::strcat(mess,temp); if(hProcess==NULL) { ::wsprintf(temp,"%s","失败\r\n"); ::strcat(mess,temp); } else { ::wsprintf(temp,"%s","成功\r\n"); ::strcat(mess,temp); ::CloseHandle(hProcess); } hProcess=::OpenProcess(PROCESS_CREATE_THREAD,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄 ::wsprintf(temp,"%s","PROCESS_CREATE_THREAD权限: "); ::strcat(mess,temp); if(hProcess==NULL) { ::wsprintf(temp,"%s","失败\r\n"); ::strcat(mess,temp); } else { ::wsprintf(temp,"%s","成功\r\n"); ::strcat(mess,temp); ::CloseHandle(hProcess); } hProcess=::OpenProcess(PROCESS_DUP_HANDLE,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄 ::wsprintf(temp,"%s","PROCESS_DUP_HANDLE权限: "); ::strcat(mess,temp); if(hProcess==NULL) { ::wsprintf(temp,"%s","失败\r\n"); ::strcat(mess,temp); } else { ::wsprintf(temp,"%s","成功\r\n"); ::strcat(mess,temp); ::CloseHandle(hProcess); } hProcess=::OpenProcess(PROCESS_QUERY_INFORMATION,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄 ::wsprintf(temp,全讯网1,"%s","PROCESS_QUERY_INFORMATION权限: "); ::strcat(mess,temp); if(hProcess==NULL) { ::wsprintf(temp,"%s","失败\r\n"); ::strcat(mess,temp); } else { ::wsprintf(temp,"%s","成功\r\n"); ::strcat(mess,temp); ::CloseHandle(hProcess); } hProcess=::OpenProcess(PROCESS_SET_INFORMATION,false,最新全讯网,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄 ::wsprintf(temp,"%s","PROCESS_SET_INFORMATION权限: "); ::strcat(mess,temp); if(hProcess==NULL) { ::wsprintf(temp,"%s","失败\r\n"); ::strcat(mess,temp); } else { ::wsprintf(temp,"%s","成功\r\n"); ::strcat(mess,temp); ::CloseHandle(hProcess); } hProcess=::OpenProcess(PROCESS_TERMINATE,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄 ::wsprintf(temp,"%s","PROCESS_TERMINATE权限: "); ::strcat(mess,temp); if(hProcess==NULL) { ::wsprintf(temp,"%s","失败\r\n"); ::strcat(mess,temp); } else { ::wsprintf(temp,"%s","成功\r\n"); ::strcat(mess,temp); ::CloseHandle(hProcess); } hProcess=::OpenProcess(PROCESS_VM_OPERATION,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄 ::wsprintf(temp,"%s","PROCESS_VM_OPERATION权限: "); ::strcat(mess,temp); ,足球比分 www.188zqw.com if(hProcess==NULL) { ::wsprintf(temp,"%s","失败\r\n"); ::strcat(mess,temp); } else { ::wsprintf(temp,"%s","成功\r\n"); ::strcat(mess,temp); ::CloseHandle(hProcess); } hProcess=::OpenProcess(PROCESS_VM_READ,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄 ::wsprintf(temp,"%s","PROCESS_VM_READ权限: "); ::strcat(mess,temp); if(hProcess==NULL) { ::wsprintf(temp,"%s","失败\r\n"); ::strcat(mess,temp); } else { ::wsprintf(temp,"%s","成功\r\n"); ::strcat(mess,temp); ::CloseHandle(hProcess); } hProcess=::OpenProcess(PROCESS_VM_WRITE,false,博彩通,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄 ::wsprintf(temp,"%s","PROCESS_VM_WRITE权限: "); ::strcat(mess,temp); if(hProcess==NULL) { ::wsprintf(temp,"%s","失败\r\n"); ::strcat(mess,temp); } else { ::wsprintf(temp,"%s","成功\r\n"); ::strcat(mess,temp); ::CloseHandle(hProcess); } bMore=::Process32Next(hProcessSnap,&pe32);//获得其他进程信息 } ::EnumChildWindows(nphWnd,EnumChildWindowProc,0);//获得记事本的edit窗口,打印进程信息 return 0; } else { ::MessageBox(NULL,"please open notepad","error",MB_OK); return 0; } } BOOL CALLBACK EnumChildWindowProc(HWND hWnd,LPARAM lParam) { char temp1[256]; if(hWnd) { ::GetClassName(hWnd,temp1,255); if(!::strcmp(temp1,"Edit"))//得到edit子窗口句柄 { ::SendMessage(hWnd,WM_SETTEXT,0,(LPARAM)mess); return 0; } } return true; } (责任编辑:admin) |