64,683
社区成员
发帖
与我相关
我的任务
分享
#define FILTER_SERVICE_NAME L"NDISLWF"
// Obtain a filter driver handle
printf("Opening a Filter Driver device handle...\n");
m_hFilter = CreateFileW(
FILTER_DEVICE_NAME,
GENERIC_READ | GENERIC_WRITE,
0,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
INVALID_HANDLE_VALUE);
if (m_hFilter == INVALID_HANDLE_VALUE)
{
printf("Failed to open a handle to ndislwf: 0x%x\n", GetLastError());
goto Exit;
}
bool System::GetPrivileges()
{
// 取得当前进程的[Token](标识)句柄
Handle handle;
if (!::OpenProcessToken(::GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &handle.Get()))
return false;
// 取得关闭系统的[LUID](本地唯一的标识符)值
TOKEN_PRIVILEGES tokenPrivilege;
if (!::LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &tokenPrivilege.Privileges[0].Luid))
return false;
// 设置特权数组的元素个数
tokenPrivilege.PrivilegeCount = 1;
// 设置[LUID]的属性值
tokenPrivilege.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
// 为当前进程取得DEBUG权限
if (!::AdjustTokenPrivileges(handle, FALSE, &tokenPrivilege, 0, NULL, NULL))
return false;
return true;
}
#define FILTER_DEVICE_NAME L"\\\\.\\NDISLWF"