欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

查看进程权限

程序员文章站 2022-04-12 12:21:10
仿PwoerTool的查看进程权限功能。 给测试程序提权到Debug后的测试效果图: ......

仿PwoerTool的查看进程权限功能。

  1 #include <iostream>
  2 #include <Windows.h>
  3 #include <TlHelp32.h>
  4 
  5 using namespace std;
  6 
  7 DWORD Pro_NameGetPid(char *pName, BOOL isCase);
  8 
  9 DWORD Pro_GetPrivileges(HANDLE hPro, char ***pPowers);
 10 
 11 int main(void)
 12 {
 13     HANDLE hPro = NULL;
 14     char **a = NULL;
 15 
 16     hPro = OpenProcess(PROCESS_ALL_ACCESS, FALSE, Pro_NameGetPid("测试程序.exe", FALSE));
 17     if (!hPro)
 18     {
 19         printf("进程打开失败:%d\n", GetLastError());
 20         return 1;
 21     }
 22     DWORD dwLen = Pro_GetPrivileges(hPro, &a);
 23     for (DWORD i = 0; i < dwLen; i++)
 24     {
 25         cout << a[i] << endl;
 26     }
 27     CloseHandle(hPro);
 28     return 0;
 29 }
 30 
 31 DWORD Pro_NameGetPid(char *pName, BOOL isCase)
 32 {
 33     PROCESSENTRY32 proInfo = { 0 };
 34     HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
 35     BOOL bOk = FALSE;
 36     DWORD dwPid = 0;
 37 
 38     proInfo.dwSize = sizeof(proInfo);
 39     if (!hSnap)
 40         return 0;
 41     bOk = Process32First(hSnap, &proInfo);
 42     if (isCase)
 43     {
 44         while (bOk)
 45         {
 46             if (!strcmp(proInfo.szExeFile, pName))
 47             {
 48                 dwPid = proInfo.th32ProcessID;
 49                 break;
 50             }
 51             bOk = Process32Next(hSnap, &proInfo);
 52         }
 53     }
 54     else {
 55         while (bOk)
 56         {
 57             char s1[MAX_PATH] = { 0 }, s2[MAX_PATH] = { 0 };
 58             lstrcpyn(s1, proInfo.szExeFile, strlen(proInfo.szExeFile));
 59             lstrcpyn(s2, pName, strlen(pName));
 60             _strupr_s(s1, strlen(s1) + 1);
 61             _strupr_s(s2, strlen(s2) + 1);
 62 
 63             if (!strcmp(s1, s2))
 64             {
 65                 dwPid = proInfo.th32ProcessID;
 66                 break;
 67             }
 68             bOk = Process32Next(hSnap, &proInfo);
 69         }
 70     }
 71     CloseHandle(hSnap);
 72     return dwPid;
 73 }
 74 
 75 DWORD Pro_GetPrivileges(HANDLE hPro, char ***pPowers)
 76 {
 77     HANDLE hToken = NULL;
 78     PTOKEN_PRIVILEGES pTp = NULL;
 79     DWORD dwNeededSize = 0, dwI = 0;
 80 
 81     if (!OpenProcessToken(hPro, TOKEN_ALL_ACCESS, &hToken))
 82     {
 83         printf("进程Token提取失败:%d\n", GetLastError());
 84         return -1;
 85     }
 86     // 试探一下需要分配多少内存
 87     GetTokenInformation(hToken, TokenPrivileges, NULL, dwNeededSize, &dwNeededSize);
 88     // 分配所需内存大小
 89     pTp = (PTOKEN_PRIVILEGES)malloc(dwNeededSize);
 90     if (!GetTokenInformation(hToken, TokenPrivileges, pTp, dwNeededSize, &dwNeededSize))
 91     {
 92         free(pTp);
 93         printf("获取进程权限失败!");
 94         return -2;
 95     }
 96     else
 97     {
 98         // 先计数权限
 99         for (DWORD i = 0; i < pTp->PrivilegeCount; i++)
100         {
101             if (pTp->Privileges[i].Attributes == SE_PRIVILEGE_ENABLED)
102             {
103                 dwI++;
104                 break;
105             }
106         }
107         /////////////////////////////////////////////////////////
108         // 枚举进程权限
109         /////////////////////////////////////////////////////////
110         *pPowers = (char **)malloc(dwI);
111         for (DWORD i = 0; i < pTp->PrivilegeCount; i++)
112         {
113             char *pUidName = NULL;    // 存权限名的指针
114             DWORD dwNameLen = 0;    // 权限名字长度
115 
116             // 试探uidName所需内存大小
117             LookupPrivilegeName(NULL, &pTp->Privileges[i].Luid, NULL, &dwNameLen);
118             // 分配需要的内存
119             pUidName = (char *)malloc(dwNameLen);
120             // 获取权限名
121             LookupPrivilegeName(NULL, &pTp->Privileges[i].Luid, pUidName, &dwNameLen);
122             // 如果该权限是启用状态就记录
123             if (pTp->Privileges[i].Attributes == SE_PRIVILEGE_ENABLED)
124             {
125                 *(*pPowers++) = pUidName;
126                 pUidName = NULL;
127                 break;
128             }
129             free(pUidName);
130         }
131     }
132     free(pTp);
133     CloseHandle(hToken);
134     return dwI;
135 }

 

给测试程序提权到Debug后的测试效果图:

查看进程权限