提升进程的特权级别(源码)
//提升进程权限
BOOL UpdateProcessPrivilege( HANDLE hProcess, LPCTSTR lpPrivilegeName = SE_DEBUG_NAME )
// hProcess [in] : 要提升的进程,目标进程
// lpPrivilegeName [in] : 要提升到的特权,目标特权
// 返回值 : TRUE : 成功; FALSE : 失败
{
HANDLE hToken;
if ( ::OpenProcessToken( hProcess, TOKEN_ALL_ACCESS, &hToken ) ) {
LUID destLuid;
if ( ::LookupPrivilegeValue( NULL, lpPrivilegeName, &destLuid ) ) {
TOKEN_PRIVILEGES TokenPrivileges;
TokenPrivileges.PrivilegeCount = 1;
TokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
TokenPrivileges.Privileges[0].Luid = destLuid;
int iResult;
if ( iResult = ::AdjustTokenPrivileges( hToken, FALSE, &TokenPrivileges,
0, NULL, NULL ) ) {
return TRUE;
}
}
}
return FALSE;
}
------------------------------------------------------------------------------------------------------------------------------------------
其他关于进程的代码
BOOL EnableDebugPrivilege()
{
HANDLE hToken;
BOOL fOk=FALSE;
if(OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&hToken))
{
TOKEN_PRIVILEGES tp;
tp.PrivilegeCount=1;
if(!LookupPrivilegeValue(NULL,SE_DEBUG_NAME,&tp.Privileges[0].Luid))
printf("Can't lookup privilege value./n");
tp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
if(!AdjustTokenPrivileges(hToken,FALSE,&tp,sizeof(tp),NULL,NULL))
printf("Can't adjust privilege value./n");
fOk=(GetLastError()==ERROR_SUCCESS);
CloseHandle(hToken);
}
return fOk;
}
获得DEBUG权限后,应该能满足楼主的要求了吧~,大部分进程都可以杀掉,嘿嘿~