69,382
社区成员
发帖
与我相关
我的任务
分享hook进程,提权后不管用????
使用环境:
普通用户下未提权可以HOOK住。但提权为admin后就不能hook住普通用户下启动的进程,此时能在任务管理器中kill
掉。调试发现不能进入自己定义的函数中。
高手能指点指点吗????
普通用户下未提权可以HOOK住。但提权为admin后就不能hook住普通用户下启动的进程,此时能在任务管理器中kill
掉。调试发现不能进入自己定义的函数中。
高手能指点指点吗????
...全文
请发表友善的回复…
发表回复
赵4老师 2014-12-31
- 打赏
- 举报
CreateProcessAsUser
The CreateProcessAsUser function creates a new process and its primary thread. The new process then executes a specified executable file. The CreateProcessAsUser function is similar to the CreateProcess function, except that the new process runs in the security context of the user represented by the hToken parameter. By default, the new process is non-interactive, that is, it runs on a desktop that is not visible and cannot receive user input. Also, by default, the new process inherits the environment of the calling process, rather than the environment associated with the specified user.
BOOL CreateProcessAsUser(
HANDLE hToken, // handle to a token representing the logged-on user
LPCTSTR lpApplicationName, // pointer to name of executable module
LPTSTR lpCommandLine, // pointer to command line string
LPSECURITY_ATTRIBUTES lpProcessAttributes, // process security attributes
LPSECURITY_ATTRIBUTES lpThreadAttributes, // thread security attributes
BOOL bInheritHandles, // whether new process inherits handles
DWORD dwCreationFlags, // creation flags
LPVOID lpEnvironment, // pointer to new environment block
LPCTSTR lpCurrentDirectory, // pointer to current directory name
LPSTARTUPINFO lpStartupInfo, // pointer to STARTUPINFO
LPPROCESS_INFORMATION lpProcessInformation // pointer to PROCESS_INFORMATION
);
