VC提权代码
来源:互联网 发布:王者荣耀网络检测出错 编辑:程序博客网 时间:2024/05/17 22:16
方法一:
- C/C++ code
- bool EnableDebugPrivilege() { HANDLE hToken; LUID sedebugnameValue; TOKEN_PRIVILEGES tkp; if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) { return FALSE; } if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &sedebugnameValue)) { CloseHandle(hToken); return false; } tkp.PrivilegeCount = 1; tkp.Privileges[0].Luid = sedebugnameValue; tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL)) { CloseHandle(hToken); return false; } return true; }
方法二:
- C/C++ code
- bool UpPrivilege() { HANDLE hToken; // handle to process token TOKEN_PRIVILEGES tkp; // pointer to token structure bool result = OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY, &hToken); if(!result) //打开进程错误 return result; result = LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &tkp.Privileges[0].Luid); if(!result) //查看进程权限错误 return result; tkp.PrivilegeCount = 1; // one privilege to set tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; result = AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES) NULL, (PDWORD) NULL); return result; }
方法三:
- C/C++ code
#define SE_CREATE_TOKEN_NAME TEXT("SeCreateTokenPrivilege")#define SE_ASSIGNPRIMARYTOKEN_NAME TEXT("SeAssignPrimaryTokenPrivilege")#define SE_LOCK_MEMORY_NAME TEXT("SeLockMemoryPrivilege")#define SE_INCREASE_QUOTA_NAME TEXT("SeIncreaseQuotaPrivilege")#define SE_UNSOLICITED_INPUT_NAME TEXT("SeUnsolicitedInputPrivilege")#define SE_MACHINE_ACCOUNT_NAME TEXT("SeMachineAccountPrivilege")#define SE_TCB_NAME TEXT("SeTcbPrivilege")#define SE_SECURITY_NAME TEXT("SeSecurityPrivilege")#define SE_TAKE_OWNERSHIP_NAME TEXT("SeTakeOwnershipPrivilege")#define SE_LOAD_DRIVER_NAME TEXT("SeLoadDriverPrivilege")#define SE_SYSTEM_PROFILE_NAME TEXT("SeSystemProfilePrivilege")#define SE_SYSTEMTIME_NAME TEXT("SeSystemtimePrivilege")#define SE_PROF_SINGLE_PROCESS_NAME TEXT("SeProfileSingleProcessPrivilege")#define SE_INC_BASE_PRIORITY_NAME TEXT("SeIncreaseBasePriorityPrivilege")#define SE_CREATE_PAGEFILE_NAME TEXT("SeCreatePagefilePrivilege")#define SE_CREATE_PERMANENT_NAME TEXT("SeCreatePermanentPrivilege")#define SE_BACKUP_NAME TEXT("SeBackupPrivilege")#define SE_RESTORE_NAME TEXT("SeRestorePrivilege")#define SE_SHUTDOWN_NAME TEXT("SeShutdownPrivilege")#define SE_DEBUG_NAME TEXT("SeDebugPrivilege")#define SE_AUDIT_NAME TEXT("SeAuditPrivilege")#define SE_SYSTEM_ENVIRONMENT_NAME TEXT("SeSystemEnvironmentPrivilege")#define SE_CHANGE_NOTIFY_NAME TEXT("SeChangeNotifyPrivilege")#define SE_REMOTE_SHUTDOWN_NAME TEXT("SeRemoteShutdownPrivilege")#define SE_UNDOCK_NAME TEXT("SeUndockPrivilege")#define SE_SYNC_AGENT_NAME TEXT("SeSyncAgentPrivilege")#define SE_ENABLE_DELEGATION_NAME TEXT("SeEnableDelegationPrivilege")#define SE_MANAGE_VOLUME_NAME TEXT("SeManageVolumePrivilege")BOOL EnablePrivilege(LPCTSTR lpszPrivilegeName,BOOL bEnable){ HANDLE hToken; TOKEN_PRIVILEGES tp; LUID luid; if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY | TOKEN_READ,&hToken)) return FALSE; if(!LookupPrivilegeValue(NULL, lpszPrivilegeName, &luid)) return TRUE; tp.PrivilegeCount = 1; tp.Privileges[0].Luid = luid; tp.Privileges[0].Attributes = (bEnable) ? SE_PRIVILEGE_ENABLED : 0; AdjustTokenPrivileges(hToken,FALSE,&tp,NULL,NULL,NULL); CloseHandle(hToken); return (GetLastError() == ERROR_SUCCESS); }
/********************************VISTA************************/嵌入manifest 如果是vs2008 在项目属性里面直接修改为requireAdministrator就可以了
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="test.exe.manifest" type="win32" /> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"> <security> <requestedPrivileges> <requestedExecutionLevel level="requireAdministrator" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo> </assembly> 该代码添加到VC资源中, 添加方式: 添加一个“custom”资源,”resource type”填24,把资源ID改为1
0 0
- VC提权代码
- VC提权代码
- VC代码收集
- vc 代码文档生成
- vc常用代码
- VC代码连接PostgreSql
- vc++ 文件操作代码
- vc文件操作代码
- VC代码收集
- VC代码收集
- VC代码收集
- VC常用代码
- VC常用代码段
- VC超强代码集合
- VC#代码调试
- VC的代码格式化。
- vc常用代码总结
- VC常用代码
- Java实现分页查询
- 让Ubuntu 14.04“保存”屏幕亮度值
- nyoj364田忌赛马
- 【cocos2dx 3.2】一个都不能死2 人物层
- lcd驱动程序
- VC提权代码
- android TP实现距离感应
- 怎么使用jquery来突出加亮鼠标所停留在的表格行记录?
- 制度的重要性
- sql 多表连接查询(详细实例)
- VC++6.0注释快捷键设置
- 关于JS制作时钟的那些事儿
- HashMap里的hash、indexFor方法
- 数据结构——栈的动态实现(brk/sbrk)(Unix C语言实现)