本文整理自网络,侵删。
program SmallExe;
uses
SysUtils,
Windows,
tlhelp32;
type
TWin = record
Msg:TMsg;
wClass:TWndClass;
hMain:integer;
end;
var
Win:TWin;
Msg: TMsg;
type
TDbgUiDebugActiveProcess = function(ProcessHandle: THANDLE): Cardinal; stdcall;
TDbgUiConnectToDbg = function:Cardinal; stdcall;
function findprocess(TheProcName: string): DWORD;
var
isOK: Boolean;
ProcessHandle: Thandle;
ProcessStruct: TProcessEntry32;
begin
ProcessHandle := createtoolhelp32snapshot(Th32cs_snapprocess, 0);
processStruct.dwSize := sizeof(ProcessStruct);
isOK := process32first(ProcessHandle, ProcessStruct);
Result := 0;
while isOK do
begin
if Trim(UpperCase(TheProcName)) = Trim(UpperCase(ProcessStruct.szExeFile)) then
begin
Result := ProcessStruct.th32ProcessID;
CloseHandle(ProcessHandle);
exit;
end;
isOK := process32next(ProcessHandle, ProcessStruct);
end;
CloseHandle(ProcessHandle);
end;
procedure SetPrivilege;
var
TPPrev, TP: TTokenPrivileges;
TokenHandle: THandle;
dwRetLen: DWORD;
lpLuid: TLargeInteger;
begin
OpenProcessToken(GetCurrentProcess, TOKEN_ALL_ACCESS, TokenHandle);
if (LookupPrivilegeValue(nil, 'SeDebugPrivilege', lpLuid)) then
begin
TP.PrivilegeCount := 1;
TP.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
TP.Privileges[0].Luid := lpLuid;
AdjustTokenPrivileges(TokenHandle, False, TP, SizeOf(TPPrev), TPPrev, dwRetLen);
end;
CloseHandle(TokenHandle);
end;
procedure protectme;
var
MyDbgUiDebugActiveProcess: TDbgUiDebugActiveProcess;
MyDbgUiConnectToDbg: TDbgUiConnectToDbg;
dllhandle: dword;
dwret:dword;
ProcessHandle: dword;
begin
dllhandle := LoadLibrary('ntdll.dll');
if dllhandle <> 0 then
begin
MyDbgUiConnectToDbg := GetProcAddress(dllhandle, 'DbgUiConnectToDbg');
MyDbgUiDebugActiveProcess := GetProcAddress(dllhandle, 'DbgUiDebugActiveProcess');
MyDbgUiConnectToDbg;
ProcessHandle:=OpenProcess(process_all_access, False, findprocess('winlogon.exe'));
//messagebox(0,pchar(inttohex(ProcessHandle,8)),'aa',0);
dwret:=MyDbgUiDebugActiveProcess(ProcessHandle);
if dwret<>0 then messagebox(0,pchar('保护失败'),'提示',0) else
messagebox(0,pchar('保护成功,来结束我吧!'),'提示',0)
end;
CloseHandle(dllhandle);
end;
begin
GetInputState();
PostThreadMessage(GetCurrentThreadId(), 0, 0, 0);
GetMessage(Msg, 0, 0, 0);
SetPrivilege;
protectme;
while(GetMessage(win.Msg,win.hmain,0,0))do
begin
TranslateMessage(win.Msg);
DispatchMessage(win.Msg);
end;
end.
http://hi.baidu.com/9908006/blog/item/2b2c4110d418b40d203f2e90.html
相关阅读 >>
更多相关阅读请进入《Delphi》频道 >>