5,378
社区成员
发帖
与我相关
我的任务
分享
unit Service;
interface
uses
Windows, Messages, SysUtils, Classes, JclRegistry, JclHelpUtils, JclWin32, JclMiscel, JclSysInfo,
Graphics, Controls, SvcMgr, Dialogs, TLHelp32,
Unit1 {Main};
function WTSGetActiveConsoleSessionId: DWORD; stdcall; external 'Kernel32.dll';
function WTSQueryUserToken(SessionID: DWORD; phToken: PDWORD): BOOL; stdcall; external 'wtsapi32.dll' name 'WTSQueryUserToken';
function CreateEnvironmentBlock(var lpEnvironment: Pointer; hToken: THANDLE; bInherit: Boolean): Boolean; stdcall; external 'userenv.dll';
type
TYiFenService = class(TService)
procedure ServiceStart(Sender: TService; var Started: Boolean);
private
{ Private declarations }
public
function GetServiceController: TServiceController; override;
{ Public declarations }
end;
var
YiFenService: TYiFenService;
implementation
{$R *.DFM}
procedure ServiceController(CtrlCode: DWord); stdcall;
begin
YiFenService.Controller(CtrlCode);
end;
function TYiFenService.GetServiceController: TServiceController;
begin
Result := ServiceController;
end;
procedure TYiFenService.ServiceStart(Sender: TService;
var Started: Boolean);
var
hToken: thandle;
ph: thandle;
si: STARTUPINFO;
pi: PROCESS_INFORMATION;
SecMem: SECURITY_ATTRIBUTES;
aSD: SECURITY_DESCRIPTOR;
hNewToken: THandle;
dwSessionID: Integer;
pEnv: Pointer;
begin
InitializeSecurityDescriptor(@aSD, SECURITY_DESCRIPTOR_REVISION);
SetSecurityDescriptorDacl(@aSD, True, nil, False);
SecMem.nLength := SizeOf(SECURITY_ATTRIBUTES);
SecMem.lpSecurityDescriptor := @aSD;
SecMem.bInheritHandle := False;
ph := openprocess(PROCESS_ALL_ACCESS,
false,
GetCurrentProcessID());
if ph <= 0 then exit;
dwSessionId := WTSGetActiveConsoleSessionId;
WTSQueryUserToken(dwSessionId, @hToken);
openprocesstoken(ph, TOKEN_ALL_ACCESS, hToken); //去当前进程Token等同于取当前帐户Token
DuplicateTokenEx(hToken, MAXIMUM_ALLOWED, @SecMem, SecurityIdentification, TokenPrimary, hNewToken);
pEnv := nil;
CreateEnvironmentBlock(pEnv, hNewToken, True);
// if CreateEnvironmentBlock(pEnv,hNewToken,False) then
// dwCreationFlags := dwCreationFlags or CREATE_UNICODE_ENVIRONMENT;
try
ZeroMemory(@si, sizeof(STARTUPINFO));
si.cb := sizeof(STARTUPINFO);
Si.lpDesktop := PChar('Winsta0\Default');
si.wShowWindow := SW_SHOWNORMAL;
ZeroMemory(@pi, sizeof(pi));
CreateProcessAsUser(hToken, pchar('c:\windows\notepad.exe'), //程序名pchar(para), //参数 nil,nil,FALSE,
'',
@SecMem,
@SecMem,
false,
NORMAL_PRIORITY_CLASS,
nil,
nil,
si,
pi);
finally
closehandle(ph);
Started := true;
end;
end;
end.