64,654
社区成员
发帖
与我相关
我的任务
分享
#include "stdafx.h"
#define _AFXDLL
#include <afxwin.h>
int _tmain(int argc, _TCHAR* argv[])
{
HGLOBAL hResLoad(NULL);
HANDLE hExe(NULL);
HRSRC hRes(NULL);
HANDLE hUpdateRes(NULL);
char * lpResLock;
BOOL result;
hExe = LoadLibrary(_TEXT("D:\\Src.exe"));
if (hExe == NULL)
{
AfxMessageBox(_T("加载Src.exe失败."),0,0);
}
hRes = FindResource((HMODULE)hExe, (LPCTSTR)1, RT_ICON);
if (hRes == NULL)
{
AfxMessageBox(_T("不能定位Src.exe中的第一个图标"));
}
hResLoad = LoadResource((HMODULE)hExe, hRes);
if (hResLoad == NULL)
{
AfxMessageBox(_T("不能加载该图标资源"));
}
lpResLock =(char *)LockResource(hResLoad);
if (lpResLock == NULL)
{
AfxMessageBox(_T("不能锁定该资源."));
}
hUpdateRes = BeginUpdateResource(_T("D:\\Target.exe"), FALSE);
if (hUpdateRes == NULL)
{
AfxMessageBox(_T("不能打开Target.exe准备写."));
}
result =UpdateResource((HMODULE)hUpdateRes , RT_ICON,
(LPCTSTR)1, 0, lpResLock, SizeofResource((HMODULE)hExe, hRes));
if (result == FALSE)
{
AfxMessageBox(_T("添加资源失败."));
}
if (!EndUpdateResource(hUpdateRes, FALSE))
{
AfxMessageBox(_T("不能向目标EXE中写入改动结束资源更新"));
}
if (!FreeLibrary((HMODULE)hExe))
{
AfxMessageBox(_T("不能释放Src的句柄."));
}
return 0;
}
VC提权(转)
2010-09-19 1:00
VC提权代码 收藏方法一:
C/C++ code
bool EnableDebugPrivilege()
{
HANDLE hToken; LUID sedebugnameValue; TOKEN_PRIVILEGES tkp;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
{ return FALSE; }
if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &sedebugnameValue)) { CloseHandle(hToken); return false; }
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Luid = sedebugnameValue;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL))
{
CloseHandle(hToken);
return false;
}
return true;
}
方法二:
C/C++ code
bool UpPrivilege()
{
HANDLE hToken; / /handle to process token
TOKEN_PRIVILEGES tkp; // pointer to token structure
bool result = OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY, &hToken);
if(!result) //打开进程错误 return result;
result = LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &tkp.Privileges[0].Luid);
if(!result) //查看进程权限错误
return result;
tkp.PrivilegeCount = 1; // one privilege to set
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
result = AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES) NULL, (PDWORD) NULL); return result;
}
方法三:
C/C++ code
#define SE_CREATE_TOKEN_NAME TEXT("SeCreateTokenPrivilege")
#define SE_ASSIGNPRIMARYTOKEN_NAME TEXT("SeAssignPrimaryTokenPrivilege")
#define SE_LOCK_MEMORY_NAME TEXT("SeLockMemoryPrivilege")
#define SE_INCREASE_QUOTA_NAME TEXT("SeIncreaseQuotaPrivilege")
#define SE_UNSOLICITED_INPUT_NAME TEXT("SeUnsolicitedInputPrivilege")
#define SE_MACHINE_ACCOUNT_NAME TEXT("SeMachineAccountPrivilege")
#define SE_TCB_NAME TEXT("SeTcbPrivilege")
#define SE_SECURITY_NAME TEXT("SeSecurityPrivilege")
#define SE_TAKE_OWNERSHIP_NAME TEXT("SeTakeOwnershipPrivilege")
#define SE_LOAD_DRIVER_NAME TEXT("SeLoadDriverPrivilege")
#define SE_SYSTEM_PROFILE_NAME TEXT("SeSystemProfilePrivilege")
#define SE_SYSTEMTIME_NAME TEXT("SeSystemtimePrivilege")
#define SE_PROF_SINGLE_PROCESS_NAME TEXT("SeProfileSingleProcessPrivilege")
#define SE_INC_BASE_PRIORITY_NAME TEXT("SeIncreaseBasePriorityPrivilege")
#define SE_CREATE_PAGEFILE_NAME TEXT("SeCreatePagefilePrivilege")
#define SE_CREATE_PERMANENT_NAME TEXT("SeCreatePermanentPrivilege")
#define SE_BACKUP_NAME TEXT("SeBackupPrivilege")
#define SE_RESTORE_NAME TEXT("SeRestorePrivilege")
#define SE_SHUTDOWN_NAME TEXT("SeShutdownPrivilege")
#define SE_DEBUG_NAME TEXT("SeDebugPrivilege")
#define SE_AUDIT_NAME TEXT("SeAuditPrivilege")
#define SE_SYSTEM_ENVIRONMENT_NAME TEXT("SeSystemEnvironmentPrivilege")
#define SE_CHANGE_NOTIFY_NAME TEXT("SeChangeNotifyPrivilege")
#define SE_REMOTE_SHUTDOWN_NAME TEXT("SeRemoteShutdownPrivilege")
#define SE_UNDOCK_NAME TEXT("SeUndockPrivilege")
#define SE_SYNC_AGENT_NAME TEXT("SeSyncAgentPrivilege")
#define SE_ENABLE_DELEGATION_NAME TEXT("SeEnableDelegationPrivilege")
#define SE_MANAGE_VOLUME_NAME TEXT("SeManageVolumePrivilege")
BOOL EnablePrivilege(LPCTSTR lpszPrivilegeName,BOOL bEnable)
{
HANDLE hToken;
TOKEN_PRIVILEGES tp;
LUID luid;
if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY | TOKEN_READ,&hToken))
return FALSE;
if(!LookupPrivilegeValue(NULL, lpszPrivilegeName, &luid))
return TRUE;
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = luid;
tp.Privileges[0].Attributes = (bEnable) ? SE_PRIVILEGE_ENABLED : 0;
AdjustTokenPrivileges(hToken,FALSE,&tp,NULL,NULL,NULL);
CloseHandle(hToken); return (GetLastError() == ERROR_SUCCESS); } /********************************VISTA************************/ 嵌入manifest 如果是vs2008 在项目属性里面直接修改为requireAdministrator就可以了 <?xml version="1.0" encoding="UTF-8" standalone="yes"?> 该代码添加到VC资源中, 添加方式: 添加一个“custom”资源,”resource type”填24,把资源ID改为1
void main()
{
bool ret = ChangeExeIcon(L"D:\\255.ICO", L"D:\\Src.exe");
if (TRUE == ret)
{
printf("OK!\n");
}
else
{
printf("FAIL!\n");
}
getchar();
}