俺的天呢。楼上的代码,,,我没大看,这个问题说明一下,分两种情况,98系统和XP/2K以上系统
98比较简单了,直接改注册表,网上不少说的,不过也有简洁办法:
Const SPI_SCREENSAVERRUNNING = 97
Private Declare Function SystemParametersInfo Lib "User32" Alias _
"SystemParametersInfoA" (ByVal uAction As Long, ByVal uParam As Long, lpvParam As _
Any, ByVal fuWinIni As Long) As Long
Private Sub Command1_Click()
Dim pOld As Boolean
Call SystemParametersInfo(SPI_SCREENSAVERRUNNING, True, pOld, 0)
End Sub
Private Sub Command2_Click()
Dim pOld As Boolean
Call SystemParametersInfo(SPI_SCREENSAVERRUNNING, False, pOld, 0)
End Sub
Private Sub Form_Load()
Command2.Caption = "可用"
Command1.Caption = "不可用"
End Sub
以上就是了。
对于2K以上系统,由于这个组合键是系统级的,也就是和操作系统内核相关,所以以上代码是不行的,包括修改注册表。实现的办法呢,有不少,介绍一种思路。
背景知识:
1、Winlogon是Windows 2000/NT操作系统提供交互式登录支持的组件
2、Winlogon有三个组成部分:可执行文件winlogon.exe,提供图形界面认证功能的动态库Gina Dll,以及一些网络服务提供动态库Network Provider Dll
3、Microsoft提供了一个默认的Gina Dll--Winnt\system32\msgina.dll,提供了标准的用户名、密码认证模式。Gina Dll是可替换的,用户可以设计自己的Gina Dll,以提供其他如智能卡、视网膜、指纹或其他一些认证机制。
思路:
修改Winlogon进程中Msgina.dll导出的WlxLoggedOnSAS函数里的一个跳转指令。
跳转指令的偏移可以反汇编Msgina.dll的WlxLoggedOnSAS或用SoftIce跟踪出来。
也就是查找一个内存地址,而后修改,这里把调用改为不调用就可以了。JN→JNE
实现过程主要用到以下API
Private Declare Function GetLastError Lib "kernel32" () As Long
Private Declare Function GetCurrentProcess Lib "kernel32" () As Long
Private Declare Function OpenProcessToken Lib "advapi32" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, TokenHandle As Long) As Long
Private Declare Function LookupPrivilegevalue Lib "advapi32" Alias "LookupPrivilegevalueA" (ByVal lpSystemName As String, ByVal lpName As String, lpLuid As LUID) As Long
Private Declare Function AdjustTokenPrivileges Lib "advapi32" (ByVal TokenHandle As Long, ByVal DisableAllPrivileges As Long, NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Long, PreviousState As TOKEN_PRIVILEGES, ReturnLength As Long) As Long
Private Declare Sub SetLastError Lib "kernel32" (ByVal dwErrCode As Long)
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Declare Function FreeLibrary Lib "kernel32" (ByVal hLibModule As Long) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
===============================================================
'**注册表操作声明
===============================================================
Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal HKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
Declare Function RegCloseKey Lib "advapi32.dll" _
(ByVal HKey As Long) _
As Long
Declare Function RegCreateKey Lib "advapi32.dll" _
Alias "RegCreateKeyA" _
(ByVal HKey As Long, _
ByVal lpSubKey As String, _
phkResult As Long) _
As Long
Declare Function RegOpenKeyEx Lib "advapi32.dll" _
Alias "RegOpenKeyExA" _
(ByVal HKey As Long, _
ByVal lpSubKey As String, _
ByVal ulOptions As Long, _
ByVal samDesired As Long, _
phkResult As Long) _
As Long
================================================================
'****注册表操作过程
================================================================
Public Sub CreateKey(ByVal EnmHive As Long, ByVal StrSubKey As String, ByVal strValueName As String, ByVal LngData As Long, Optional ByVal EnmType As RegistryLongTypes = REG_DWORD_LITTLE_ENDIAN)
Dim HKey As Long 'Holds a pointer to the registry key
'创建注册键
Call CreateSubKey(EnmHive, StrSubKey)
'打开
HKey = GetSubKeyHandle(EnmHive, StrSubKey, KEY_ALL_ACCESS)
'设置注册表值
RegSetValueEx HKey, strValueName, 0, EnmType, LngData, 4
'关闭
RegCloseKey HKey
End Sub
Public Sub CreateSubKey(ByVal EnmHive As RegistryHives, ByVal StrSubKey As String)
Dim HKey As Long 'Holds the handle from the created key.
'创建键
RegCreateKey EnmHive, StrSubKey & Chr(0), HKey
'关闭键
RegCloseKey HKey
End Sub
Private Function GetSubKeyHandle(ByVal EnmHive As RegistryHives, ByVal StrSubKey As String, Optional ByVal EnmAccess As RegistryKeyAccess = KEY_READ) As Long
Dim HKey As Long '控制指定键的句柄
Dim RetVal As Long '从注册表键值中返回数据
'打开
RetVal = RegOpenKeyEx(EnmHive, StrSubKey, 0, EnmAccess, HKey)
If RetVal <> ERROR_SUCCESS Then
'撤销
HKey = 0
End If
GetSubKeyHandle = HKey
End Function
================================================================
'******下面过程是怎样在对话框中禁止按钮
================================================================
Public Sub WinSecurity(ByVal regSET As regKey, ByVal Enabled As Boolean)
'变量声明
Dim Command As String
'选择键
Select Case regSET
Case Logoff: Command = "NoLogoff"
Case Shutdown: Command = "NoClose"
Case ChangePassword: Command = "DisableChangePassword"
Case TaskMgr: Command = "DisableTaskMgr"
Case LockWorkstation: Command = "DisabeLockWorkstation"
End Select
'写入值
If Command = "NoLogoff" Then Call CreateKey(HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\Policies\Explorer", Command, Not Enabled): GoTo SKIPOUT
If Command = "NoClose" Then Call CreateKey(HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\Policies\Explorer", Command, Not Enabled): GoTo SKIPOUT
Call CreateKey(HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\Policies\System", Command, Not Enabled)
Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
Private Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, lParam As Any) As Long
Private Const WM_CLOSE = &H10
Private Sub Command1_Click()
Dim hwnd As Long ' 储存 FindWindow 函数返回的句柄
hwnd = FindWindow(vbNullString, "windows 任务管理器")
If hwnd = 0 Then
Else
a = SendMessage(hwnd, WM_CLOSE, 0, 0)
End If
End Sub
see the Gina Hooks sample in the \Samples\security\GINA\GinaHook directory of a windows Platform SDK installation.
Reference:
http://msdn.microsoft.com/msdnmag/issues/02/09/CQA/
see the Gina Hooks sample in the \Samples\security\GINA\GinaHook directory of a windows Platform SDK installation.
Reference:
http://msdn.microsoft.com/msdnmag/issues/02/09/CQA/