delphi 提权，杀进程，删服务-木庄网络博客

本文整理自网络，侵删。
 uses WinSvc, Tlhelp32;

function DelService(ServiceName:String):Boolean; {清除服务}
var
sm: THandle;
sh: THandle;
ret: Integer;
begin
try
ret := 0;
sm := OpenSCManager('', nil, SC_MANAGER_ALL_ACCESS);
if sm <> 0 then
begin
sh := OpenService(sm, PChar(ServiceName), SERVICE_ALL_ACCESS);
if sh <> 0 then
begin
DeleteService(sh);
ret := 1;
CloseServiceHandle(sh);
end;
CloseServiceHandle(sm);
end;
if Ret > 0 then
result :=True
else
result :=False;
except
end;
end;


function KillTask(ExeFileName: string): Integer; {杀进程}
const //
PROCESS_TERMINATE = 01;
var
ContinueLoop: BOOL;
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin
Result := 0;
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize := SizeOf(FProcessEntry32);
ContinueLoop := Process32First(FSnapshotHandle, FProcessEntry32);

while Integer(ContinueLoop) <> 0 do
begin
if ((UpperCase(ExtractFileName(FProcessEntry32.szExeFile)) =
UpperCase(ExeFileName)) or (UpperCase(FProcessEntry32.szExeFile) =
UpperCase(ExeFileName))) then
Result := Integer(TerminateProcess(
OpenProcess(PROCESS_TERMINATE,
BOOL(0),
FProcessEntry32.th32ProcessID),
0));
ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);
end;

//但是对于服务程序,它会提示"拒绝访问".其实只要程序拥有Debug权限即可:

function EnableDebugPrivilege: Boolean;
function EnablePrivilege(hToken: Cardinal; PrivName: string; bEnable: Boolean): Boolean;
var
TP: TOKEN_PRIVILEGES;
Dummy: Cardinal;
begin
TP.PrivilegeCount := 1;
LookupPrivilegeValue(nil, pchar(PrivName), TP.Privileges[0].Luid);
if bEnable then
TP.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED
else TP.Privileges[0].Attributes := 0;
AdjustTokenPrivileges(hToken, False, TP, SizeOf(TP), nil, Dummy);
Result := GetLastError = ERROR_SUCCESS;
end;

var
hToken: Cardinal;
begin
OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES, hToken);
result := EnablePrivilege(hToken, 'SeDebugPrivilege', True);
CloseHandle(hToken);
end;
delphi 提权，杀进程，删服务

相关推荐

评论
