1 #include <Psapi.h> 2 3 //#pragma comment(lib, "psapi.lib") 4 5 BOOL UpdateProcessPrivilege(HANDLE hProcess, LPCTSTR lpRivilegeName = SE_DEBUG_NAME); 6 7 //枚举进程中的所有 8 void fun16(int argc, char *argv[]) { 9 //提升当前进程的权限 10 UpdateProcessPrivilege(GetCurrentProcess()); 11 12 DWORD PID[1024];//保存所有进程的ID 13 DWORD cbNeeded;//系统当前实际进程数量 14 //获取所有进程的ID 15 if (!EnumProcesses(PID, sizeof(PID), &cbNeeded)) { 16 printf("获取所有进程ID失败 "); 17 return; 18 } 19 DWORD processcount = cbNeeded / sizeof(DWORD);//计算进程个数 20 printf("当前共有%d个进程 ", processcount); 21 HANDLE hProcess; 22 HMODULE hModules[1024];//模块 23 for (DWORD i = 0; i < processcount; ++i) { 24 hProcess = OpenProcess( 25 PROCESS_QUERY_INFORMATION|PROCESS_VM_READ,//打开进程 查询信息 读取信息 26 FALSE, 27 PID[i]); 28 if (hProcess) { 29 printf("PID: %d ", PID[i]); 30 if (EnumProcessModules(hProcess, hModules, sizeof(hModules), &cbNeeded)) { 31 for (int j = 0; j < (cbNeeded / sizeof(HMODULE)); ++j) { 32 TCHAR szFilename[MAX_PATH]; 33 DWORD nSize; 34 if (GetModuleFileNameEx(hProcess, hModules[j], szFilename, MAX_PATH)) { 35 printf(" %d %s (0x%08x) ", j, szFilename, hModules[j]); 36 } 37 } 38 } 39 else { 40 printf("模块打开失败 "); 41 } 42 } 43 else { 44 printf("PID: %d 打开进程失败 ", PID[i]); 45 } 46 CloseHandle(hProcess); 47 } 48 49 } 50 //提升进程权限 51 BOOL UpdateProcessPrivilege(HANDLE hProcess, LPCTSTR lpRivilegeName) { 52 HANDLE hToken; 53 TOKEN_PRIVILEGES TokenPrivileges; 54 if (OpenProcessToken(hProcess, TOKEN_ALL_ACCESS, &hToken)) { 55 printf("OpenProcessToken 成功 "); 56 LUID destLuid; 57 if (LookupPrivilegeValue(NULL, lpRivilegeName, &destLuid)) { 58 printf("LookupPrivilegeValue 成功 "); 59 TokenPrivileges.PrivilegeCount = 1; 60 TokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; 61 TokenPrivileges.Privileges[0].Luid = destLuid; 62 if (AdjustTokenPrivileges(hToken, FALSE, &TokenPrivileges,0,NULL,NULL)) { 63 printf("AdjustTokenPrivileges 成功 "); 64 return TRUE; 65 } 66 } 67 } 68 return FALSE; 69 }
不知道为什么提升进程权限没用
用管理员身份运行CMD,用CMD去执行程序,能打开一些,但还有很多程序无法打开。
