頭檔案聲明:
#pragma once
#if !defined SW_WINDOW_PRIVILEGE
#define SW_WINDOW_PRIVILEGE
#include <Windows.h>
// Windows提權類
class CSWWindowPrivilege
{
public:
CSWWindowPrivilege(void);
~CSWWindowPrivilege(void);
// 提升關機權限
static BOOL EnableShutdownPrivileges(BOOL fEnable);
// 關機
static VOID Shutdown();
// 重新開機
static VOID Reboot();
// 提升結束程序的權限
static BOOL EnableTermProcessPrivileges(BOOL fEnable);
// 提升加載驅動的權限
static BOOL EnableLoadDriverPrivileges(BOOL fEnable);
// 提升管理者的權限
static BOOL EnableDebugPrivilege(BOOL fEnable);
};
#endif
源碼實作:
#include "StdAfx.h"
#include "SWWindowPrivilege.h"
CSWWindowPrivilege::CSWWindowPrivilege(void)
{
}
CSWWindowPrivilege::~CSWWindowPrivilege(void)
{
}
BOOL CSWWindowPrivilege::EnableShutdownPrivileges(VOID)
{
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
BOOL bResult = FALSE;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
return bResult;
LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &(tkp.Privileges[0].Luid));
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, 0);
bResult = (GetLastError() != ERROR_NOT_ALL_ASSIGNED);
CloseHandle(hToken);
return bResult;
}
VOID CSWWindowPrivilege::Shutdown()
{
ExitWindowsEx(EWX_SHUTDOWN | EWX_FORCE, 0);
}
VOID CSWWindowPrivilege::Reboot()
{
ExitWindowsEx(EWX_REBOOT, 0);
}
BOOL CSWWindowPrivilege::EnableTermProcessPrivileges(BOOL fEnable)
{
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
BOOL bResult = FALSE;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
return bResult;
LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &(tkp.Privileges[0].Luid));
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = fEnable ? SE_PRIVILEGE_ENABLED : 0;
AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, 0);
bResult = (GetLastError() != ERROR_NOT_ALL_ASSIGNED);
CloseHandle(hToken);
return bResult;
}
BOOL CSWWindowPrivilege::EnableLoadDriverPrivileges(BOOL fEnable)
{
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
BOOL Result = FALSE;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
return FALSE;
LookupPrivilegeValue(NULL, SE_LOAD_DRIVER_NAME, &(tkp.Privileges[0].Luid));
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = fEnable ? SE_PRIVILEGE_ENABLED : 0;
AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, 0);
bResult = (GetLastError() != ERROR_NOT_ALL_ASSIGNED);
CloseHandle(hToken);
return bResult;
}
BOOL CSWWindowPrivilege::EnableDebugPrivilege(BOOL fEnable)
{
BOOL bResult = FALSE;
HANDLE hToken;
// 打開本程序通路信令
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken))
return bResult;
// 查詢本程序權限
TOKEN_PRIVILEGES tkp;
tkp.PrivilegeCount = 1;
LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tkp.Privileges[0].Luid);
tkp.Privileges[0].Attributes = fEnable ? SE_PRIVILEGE_ENABLED : 0;
// 通知系統已修改
AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, NULL);
bResult = (GetLastError() != ERROR_NOT_ALL_ASSIGNED);
CloseHandle(hToken);
return (bResult);
}
![VC++ Dump檔案生成&分析[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)