头文件声明:
#pragma once
#if !defined SW_WINDOW_PRIVILEGE
#define SW_WINDOW_PRIVILEGE
#include <Windows.h>
// Windows提权类
class CSWWindowPrivilege
{
public:
CSWWindowPrivilege(void);
~CSWWindowPrivilege(void);
// 提升关机权限
static BOOL EnableShutdownPrivileges(BOOL fEnable);
// 关机
static VOID Shutdown();
// 重启
static VOID Reboot();
// 提升结束进程的权限
static BOOL EnableTermProcessPrivileges(BOOL fEnable);
// 提升加载驱动的权限
static BOOL EnableLoadDriverPrivileges(BOOL fEnable);
// 提升管理员的权限
static BOOL EnableDebugPrivilege(BOOL fEnable);
};
#endif
源码实现:
#include "StdAfx.h"
#include "SWWindowPrivilege.h"
CSWWindowPrivilege::CSWWindowPrivilege(void)
{
}
CSWWindowPrivilege::~CSWWindowPrivilege(void)
{
}
BOOL CSWWindowPrivilege::EnableShutdownPrivileges(VOID)
{
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
BOOL bResult = FALSE;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
return bResult;
LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &(tkp.Privileges[0].Luid));
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, 0);
bResult = (GetLastError() != ERROR_NOT_ALL_ASSIGNED);
CloseHandle(hToken);
return bResult;
}
VOID CSWWindowPrivilege::Shutdown()
{
ExitWindowsEx(EWX_SHUTDOWN | EWX_FORCE, 0);
}
VOID CSWWindowPrivilege::Reboot()
{
ExitWindowsEx(EWX_REBOOT, 0);
}
BOOL CSWWindowPrivilege::EnableTermProcessPrivileges(BOOL fEnable)
{
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
BOOL bResult = FALSE;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
return bResult;
LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &(tkp.Privileges[0].Luid));
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = fEnable ? SE_PRIVILEGE_ENABLED : 0;
AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, 0);
bResult = (GetLastError() != ERROR_NOT_ALL_ASSIGNED);
CloseHandle(hToken);
return bResult;
}
BOOL CSWWindowPrivilege::EnableLoadDriverPrivileges(BOOL fEnable)
{
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
BOOL Result = FALSE;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
return FALSE;
LookupPrivilegeValue(NULL, SE_LOAD_DRIVER_NAME, &(tkp.Privileges[0].Luid));
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = fEnable ? SE_PRIVILEGE_ENABLED : 0;
AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, 0);
bResult = (GetLastError() != ERROR_NOT_ALL_ASSIGNED);
CloseHandle(hToken);
return bResult;
}
BOOL CSWWindowPrivilege::EnableDebugPrivilege(BOOL fEnable)
{
BOOL bResult = FALSE;
HANDLE hToken;
// 打开本进程访问信令
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken))
return bResult;
// 查询本进程权限
TOKEN_PRIVILEGES tkp;
tkp.PrivilegeCount = 1;
LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tkp.Privileges[0].Luid);
tkp.Privileges[0].Attributes = fEnable ? SE_PRIVILEGE_ENABLED : 0;
// 通知系统已修改
AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, NULL);
bResult = (GetLastError() != ERROR_NOT_ALL_ASSIGNED);
CloseHandle(hToken);
return (bResult);
}
![VC++ Dump文件生成&分析[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)