|
[求助]XP关闭SFC出错
#define WIN32_LEAN_AND_MEAN #include <windows.h> #include <Shlwapi.h> #include <sfc.h> #include <stdlib.h> #include <stdio.h> #include <iostream> #include <tlhelp32.h> #pragma comment(lib,"sfc.lib") #pragma comment(lib,"shlwapi.lib") #pragma check_stack (off) DWORD thread_func (FARPROC sfc_terminate) { sfc_terminate(); return 0; } void after_thread_func(void) { } #pragma check_stack //调整权限 int AdjustPrivileges(void) { HANDLE token_handle; int ret=0; if(OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &token_handle)) { LUID luid; if(LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid)) { TOKEN_PRIVILEGES tk_priv; tk_priv.PrivilegeCount=1; tk_priv.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED; tk_priv.Privileges[0].Luid=luid; if(AdjustTokenPrivileges(token_handle,FALSE,&tk_priv,0,NULL,NULL)) ret=1; } CloseHandle(token_handle); } return ret; } //根据取得进程号 DWORD GetProcessID(const char* pname) { HANDLE hProcessSnap = NULL; DWORD bRet = 0; PROCESSENTRY32 pe32 = {0}; hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if (hProcessSnap == INVALID_HANDLE_VALUE) return (FALSE); pe32.dwSize = sizeof(PROCESSENTRY32); if (Process32First(hProcessSnap, &pe32)) { do { if (stricmp(pe32.szExeFile, pname) == 0) { bRet = pe32.th32ProcessID; break; } }while (Process32Next(hProcessSnap, &pe32)); } CloseHandle (hProcessSnap); return (bRet); } //关闭windows文件保护 void TerminateSfc() { DWORD wpid = 0; wpid = GetProcessID("winlogon.exe"); HANDLE remote_thread; HMODULE sfc=LoadLibrary("SFC_OS.DLL"); FARPROC sfc_terminate=GetProcAddress(sfc, (char *) 2); if (!AdjustPrivileges()) { MessageBox(NULL, "调整权限错误", "", MB_OK); exit(0); } HANDLE process=OpenProcess(PROCESS_ALL_ACCESS, FALSE, wpid); if(!process) { exit(0); } LPVOID remote_mem=VirtualAllocEx(process,NULL,(SIZE_T) ((char *)after_thread_func-(char *)thread_func),MEM_COMMIT,PAGE_READWRITE); if(!remote_mem) { printf("Error while commiting memory in the remote process\n"); goto clean_up; } if(!WriteProcessMemory(process,remote_mem,(char *) thread_func,(SIZE_T) ((char *)after_thread_func-(char *)thread_func),(SIZE_T *) 0)) { printf("Error %d while writing to the remote process\n", GetLastError()); goto clean_up; } remote_thread=CreateRemoteThread(process,NULL,0,(LPTHREAD_START_ROUTINE) remote_mem,(LPVOID) sfc_terminate,0,NULL); if(!remote_thread) { printf("Error while creating remote thread in the process\n"); goto clean_up; } if(WaitForSingleObject(remote_thread, 10*1000)==WAIT_TIMEOUT) printf("Timeout occured while waiting for the remote thread\n"); CloseHandle(remote_thread); clean_up: if(remote_mem) VirtualFreeEx(process, remote_mem, 0, MEM_RELEASE); CloseHandle(process); } |
|
[原创]破解 简繁转换通
嗯,写得不错,顶。 |
|
[原创]最近流行的realplay网马完全分析
哈哈,流氓不可怕,就怕流氓有文化,精彩! |
|
|
|
[求助]设置外部程序的"控件"的背景色
嗯,是你用错了。 SetClassLong(SHELLDLL_DefView_HWND, GCL_HBRBACKGROUND, $ffffff); // white 第三个参数不是COLORREF ,而是HBRUSH。你要用颜色创建一个画刷才行。 |
|
|
|
[求助]同样的代码写在exe中执行正确,写在DLL中却无法执行
嗯,肯定还是不行,在dllmain中调用LoadLibrary同样是不允许的。 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值