Private Const MAX_PATH = 260 Private Type PROCESSENTRY32 dwSize As Long cntUsage As Long th32ProcessID As Long th32DefaultHeapID As Long th32ModuleID As Long cntThreads As Long th32ParentProcessID As Long pcPriClassBase As Long dwFlags As Long szExeFile As String * MAX_PATH End Type Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long Private Declare Function Process32First Lib "kernel32" (ByVal hSnapshot As Long, lppe As Any) As Long Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapshot As Long, lppe As Any) As Long Private Const TH32CS_SNAPHEAPLIST = &H1 Private Const TH32CS_SNAPPROCESS = &H2 Private Const TH32CS_SNAPTHREAD = &H4 Private Const TH32CS_SNAPMODULE = &H8 Private Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST + TH32CS_SNAPPROCESS + TH32CS_SNAPTHREAD + TH32CS_SNAPMODULE) Private Const TH32CS_INHERIT = &H80000000 '结束进程函数 Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long Const PROCESS_ALL_ACCESS = 1 '提升权限 Private Const ANYSIZE_ARRAY = 1 Private Const TOKEN_ADJUST_PRIVILEGES = &H20 Private Const TOKEN_QUERY = &H8 Private Const SE_PRIVILEGE_ENABLED = &H2 Private Type LUID lowpart As Long highpart As Long End Type Private Type LUID_AND_ATTRIBUTES pLuid As LUID Attributes As Long End Type Private Type TOKEN_PRIVILEGES PrivilegeCount As Long Privileges(ANYSIZE_ARRAY) As LUID_AND_ATTRIBUTES End Type Private Declare Function SetSystemPowerState Lib "kernel32" (ByVal fSuspend As Long, ByVal fForce As Long) As Long Private Declare Function GetCurrentProcess Lib "kernel32" () As Long Private Declare Function OpenProcessToken Lib "advapi32" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, TokenHandle As Long) As Long Private Declare Function LookupPrivilegeValue Lib "advapi32" Alias "LookupPrivilegeValueA" (ByVal lpSystemName As String, ByVal lpName As String, lpLuid As LUID) As Long Private Declare Function AdjustTokenPrivileges Lib "advapi32" (ByVal TokenHandle As Long, ByVal DisableAllPrivileges As Long, NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Long, PreviousState As TOKEN_PRIVILEGES, ReturnLength As Long) As Long Const STANDARD_RIGHTS_REQUIRED = &HF0000 Const TOKEN_ASSIGN_PRIMARY = &H1 Const TOKEN_DUPLICATE = (&H2) Const TOKEN_IMPERSONATE = (&H4) Const TOKEN_QUERY_SOURCE = (&H10) Const TOKEN_ADJUST_GROUPS = (&H40) Const TOKEN_ADJUST_DEFAULT = (&H80) Const TOKEN_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED Or TOKEN_ASSIGN_PRIMARY Or _ TOKEN_DUPLICATE Or TOKEN_IMPERSONATE Or TOKEN_QUERY Or TOKEN_QUERY_SOURCE Or _ TOKEN_ADJUST_PRIVILEGES Or TOKEN_ADJUST_GROUPS Or TOKEN_ADJUST_DEFAULT) Private Sub Command1_Click() '查找进程和终结进程 Dim hSnapshot As Long, lRet As Long, P As PROCESSENTRY32 Dim exitCode As Long Dim myProcess As Long Dim AppKill As Boolean P.dwSize = Len(P) hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPALL, ByVal 0) If hSnapshot Then lRet = Process32First(hSnapshot, P) Do While lRet If InStr(P.szExeFile, "csrss.exe") <> 0 Then myProcess = OpenProcess(PROCESS_ALL_ACCESS, False, P.th32ProcessID) AppKill = TerminateProcess(myProcess, exitCode) Call CloseHandle(myProcess) End If lRet = Process32Next(hSnapshot, P) Loop lRet = CloseHandle(hSnapshot) End If End Sub Sub AdjustTokenPrivileges2000() '提升到DEBUG权限 Dim hdlProcessHandle As Long Dim hdlTokenHandle As Long Dim tmpLuid As LUID Dim tkp As TOKEN_PRIVILEGES Dim tkpNewButIgnored As TOKEN_PRIVILEGES Dim lBufferNeeded As Long Dim lP As Long hdlProcessHandle = GetCurrentProcess() lP = OpenProcessToken(hdlProcessHandle, TOKEN_ALL_ACCESS, hdlTokenHandle) lP = LookupPrivilegeValue("", "SeDebugPrivilege", tmpLuid) tkp.PrivilegeCount = 1 tkp.Privileges(0).pLuid = tmpLuid tkp.Privileges(0).Attributes = SE_PRIVILEGE_ENABLED lP = AdjustTokenPrivileges(hdlTokenHandle, False, tkp, Len(tkpNewButIgnored), tkpNewButIgnored, lBufferNeeded) End Sub Private Sub Form_Load() AdjustTokenPrivileges2000 End Sub
转载声明:本站发布文章及版权归原作者所有,转载本站文章请注明文章来源!