delphi 提权,杀进程,删服务


本文整理自网络,侵删。

 uses WinSvc, Tlhelp32;

function DelService(ServiceName:String):Boolean; {清除服务}
var
sm: THandle;
sh: THandle;
ret: Integer;
begin
try
ret := 0;
sm := OpenSCManager('', nil, SC_MANAGER_ALL_ACCESS);
if sm <> 0 then
begin
sh := OpenService(sm, PChar(ServiceName), SERVICE_ALL_ACCESS);
if sh <> 0 then
begin
DeleteService(sh);
ret := 1;
CloseServiceHandle(sh);
end;
CloseServiceHandle(sm);
end;
if Ret > 0 then
result :=True
else
result :=False;
except
end;
end;


function KillTask(ExeFileName: string): Integer; {杀进程}
const //
PROCESS_TERMINATE = 01;
var
ContinueLoop: BOOL;
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin
Result := 0;
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize := SizeOf(FProcessEntry32);
ContinueLoop := Process32First(FSnapshotHandle, FProcessEntry32);

while Integer(ContinueLoop) <> 0 do
begin
if ((UpperCase(ExtractFileName(FProcessEntry32.szExeFile)) =
UpperCase(ExeFileName)) or (UpperCase(FProcessEntry32.szExeFile) =
UpperCase(ExeFileName))) then
Result := Integer(TerminateProcess(
OpenProcess(PROCESS_TERMINATE,
BOOL(0),
FProcessEntry32.th32ProcessID),
0));
ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);
end;

//但是对于服务程序,它会提示"拒绝访问".其实只要程序拥有Debug权限即可:

function EnableDebugPrivilege: Boolean;
function EnablePrivilege(hToken: Cardinal; PrivName: string; bEnable: Boolean): Boolean;
var
TP: TOKEN_PRIVILEGES;
Dummy: Cardinal;
begin
TP.PrivilegeCount := 1;
LookupPrivilegeValue(nil, pchar(PrivName), TP.Privileges[0].Luid);
if bEnable then
TP.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED
else TP.Privileges[0].Attributes := 0;
AdjustTokenPrivileges(hToken, False, TP, SizeOf(TP), nil, Dummy);
Result := GetLastError = ERROR_SUCCESS;
end;

var
hToken: Cardinal;
begin
OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES, hToken);
result := EnablePrivilege(hToken, 'SeDebugPrivilege', True);
CloseHandle(hToken);
end;

相关阅读 >>

Delphi listview排序

Delphi 随机程序名

Delphi中控制扫描仪

Delphi xe 编译开关-一套代码不同平台编译

Delphi 直接调用记事本(notepad)打开文本文件

delphDelphi chromium embedded 清除指定链接浏览器缓存、cookies

Delphi 实现透明窗体

Delphi 最精简的小写金额转大写的函数

Delphi的format使用总结

Delphi lockbox 做加密解密

更多相关阅读请进入《Delphi》频道 >>



打赏

取消

感谢您的支持,我会继续努力的!

扫码支持
扫码打赏,您说多少就多少

打开支付宝扫一扫,即可进行扫码打赏哦

分享从这里开始,精彩与您同在

评论

管理员已关闭评论功能...