最近在做一个小程序,获取当前系统运行的每个进程的全路径,大部分进程的全路径都可以获取到,但是有个audiodg.exe的全路径获取不到,用AdjustTokenPrivileges提权也不行,OpenProcess总是失败,用GetLastError得到的错误码是5,权限不够,但是为啥提权之后也不够呢。
。
代码如下:
int _tmain(int argc, _TCHAR* argv[])
{
BOOL bRet = FALSE;
HANDLE hToken;
LUID sedebugnameValue;
TOKEN_PRIVILEGES tkp;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
{
printf("OpenProcessToken Fail!\r\n");
return 0;
}
if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &sedebugnameValue))
{
printf("LookupPrivilegeValue Fail!\r\n");
CloseHandle(hToken);
return 0;
}
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Luid = sedebugnameValue;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL))
{
printf("AdjustTokenPrivileges Fail!\r\n");
CloseHandle(hToken);
return 0;
}
char szLog[256] = {0};
char szProcessName[1024] = {0};
HANDLE hProcess = OpenProcess( PROCESS_ALL_ACCESS,FALSE,processID);
if (NULL != hProcess)
{
bRet = EnumProcessModules(hProcess,&pHmod,sizeof(pHmod),&cbNeeded);
if(!bRet)
{
return 0;
}
if(!GetModuleFileNameEx(hProcess,pHmod,szProcessName,1024))
{
return 0;
}
char szTmpPath[1024] = {0};
sprintf_s(szTmpPath,1024,"The Path of Process is %s",szProcessName);
printf(szTmpPath);
}
else
{
ZeroMemory(szLog,256);
sprintf_s(szLog,256,"OpenProcess Fail!PID is %d,错误码:0x%08X\r\n",processID,GetLastError());
printf(szLog);
}
}