15,471
社区成员
发帖
与我相关
我的任务
分享
CreateProcess
ShellExecute
BOOL WINAPI EnablePrivileges()
{
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
if (!OpenProcessToken(GetCurrentProcess(),
TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
return( FALSE );
LookupPrivilegeValue(NULL, SE_DEBUG_NAME,
&tkp.Privileges[0].Luid);
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, FALSE, &tkp, 0,
(PTOKEN_PRIVILEGES)NULL, 0);
if (GetLastError() != ERROR_SUCCESS)
return FALSE;
return TRUE;
}
int APIENTRY _tWinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPTSTR lpCmdLine, int nShowCmd)
{
HANDLE hProcess = 0;
DWORD Pid = 2068;
EnablePrivileges(); //提权
hProcess = ::OpenProcess(PROCESS_ALL_ACCESS, NULL, Pid); //打开进程。
::WaitForSingleObject(hProcess, INFINITE); //等待进程结束;
::ShellExecute(NULL, TEXT("open"), TEXT("NOTEPAD.EXE"), TEXT("1.txt"), NULL, SW_NORMAL); //执行自己的代码,我这以创建一个记事本为例
return 1;
}