关于进程的拒绝访问

进程拒绝访问怎么办?


hModuleSnap   =   CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,   dwPID);  

int   err=GetLastError();
        if   (hModuleSnap   ==   INVALID_HANDLE_VALUE)  
{
printf("创建失败:%d/n   ",err);
                return   (FALSE);  
}
代码在这里总是出错,查错误为5,拒绝访问,怎么解决?
问题点数:50、回复次数:4
2楼  Carapee   (山豆根) 五级用户 该版得分小于等于5000分,大于2000分  回复于 2003-07-21 14:48:28  得分 25

提升权限试试。(没有验证)

if   (AdjustProcessPrivilege((HANDLE)NULL,   SE_DEBUG_NAME,   SE_PRIVILEGE_ENABLED)   ==   FALSE   ||  
AdjustProcessPrivilege((HANDLE)NULL,   SE_TAKE_OWNERSHIP_NAME,   SE_PRIVILEGE_ENABLED)   ==   FALSE   ||  
AdjustProcessPrivilege((HANDLE)NULL,   SE_SECURITY_NAME,   SE_PRIVILEGE_ENABLED)   ==   FALSE   ||  
AdjustProcessPrivilege((HANDLE)NULL,   SE_AUDIT_NAME,   SE_PRIVILEGE_ENABLED)   ==   FALSE)
{
_tprintf(_T("Adjust   process   privilege   failed!/n"));
return   -1;
}

hModuleSnap   =   CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,   dwPID);  

int   err=GetLastError();
        if   (hModuleSnap   ==   INVALID_HANDLE_VALUE)  
{
printf("创建失败:%d/n   ",err);
                return   (FALSE);  
}


BOOL   AdjustProcessPrivilege(HANDLE   hProcess,   LPCTSTR   lpPrivilegeName,   DWORD   dwPrivilegeAttribute)
{
BOOL   bRetValue   =   FALSE;

//   如果hProcess是NULL,说明调用者想要调整当前进程的权限,使用GetCurrentProcess获得的进程句柄无需关闭
HANDLE   hOpenProcess   =   (hProcess   !=   NULL)   ?   hProcess   :   GetCurrentProcess();
HANDLE   hProcessToken;
//   打开进程令牌,期望的权限为可以调整权限和查询,得到进程令牌句柄
        if   (OpenProcessToken(hOpenProcess,   TOKEN_ADJUST_PRIVILEGES   |   TOKEN_QUERY,   &hProcessToken)   !=   FALSE)
{
LUID   stPrivilegeLuid;
//   通过权限名称,查找指定的权限的LUID值
if   (LookupPrivilegeValue(NULL,   lpPrivilegeName,   &stPrivilegeLuid)   !=   FALSE)
{
//   设置新的权限
TOKEN_PRIVILEGES   stNewTokenPrivilege;
stNewTokenPrivilege.PrivilegeCount   =   1;
stNewTokenPrivilege.Privileges[0].Luid   =   stPrivilegeLuid;
stNewTokenPrivilege.Privileges[0].Attributes   =   dwPrivilegeAttribute;
//   调整权限
if   (AdjustTokenPrivileges(hProcessToken,   FALSE,   &stNewTokenPrivilege,   sizeof(stNewTokenPrivilege),   NULL,   NULL)   !=   FALSE)
{
bRetValue   =   TRUE;
}
}

//   关闭进程令牌句柄
CloseHandle(hProcessToken);
}

return   bRetValue;
}
Top
4楼  daineng   (纸玉鸢尾) 一级用户 该版得分小于等于100分  回复于 2003-07-21 17:40:49  得分 25

以验证:
BOOL   EnableDebugPrivilege(BOOL   fEnable)
{
//   Enabling   the   debug   privilege   allows   the   application   to   see
//   information   about   service   applications
BOOL   fOk   =   FALSE; //   Assume   function   fails
HANDLE   hToken;

//   Try   to   open   this   process's   access   token
if(OpenProcessToken(GetCurrentProcess(),   TOKEN_ADJUST_PRIVILEGES,   &hToken))
{
//   Attempt   to   modify   the   "Debug"   privilege
TOKEN_PRIVILEGES   tp;
tp.PrivilegeCount   =   1;
LookupPrivilegeValue(NULL,   SE_DEBUG_NAME,   &tp.Privileges[0].Luid);
tp.Privileges[0].Attributes   =   fEnable   ?   SE_PRIVILEGE_ENABLED   :   0;
AdjustTokenPrivileges(hToken,   FALSE,   &tp,   sizeof(tp),   NULL,   NULL);
fOk   =   (GetLastError()   ==   ERROR_SUCCESS);
CloseHandle(hToken);
}
return(fOk);
}
在你需要的时候使用EnableDebugPrivilege(TRUE);
结束后再调用EnableDebugPrivilege
--------------------------------------------------------------------------------------------------------------------------------
  #include <windows.h>
#include<stdio.h>
#include<string.h>
#include <commdlg.h>
#include <Commctrl.h>
#include "resource.h"
#include <Tlhelp32.h>
//使用视图列表
#pragma comment(lib,"comctl32.lib")
#define ID_TIMER 1
#define IDC_STATUS 1003
void Refresh(HWND);
BOOL CALLBACK  Test(HWND,UINT,WPARAM,LPARAM);
BOOL UpPrivilege(HANDLE,LPCTSTR);
HINSTANCE hinst;
int WINAPI WinMain(HINSTANCE hinstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nCmdShow)
{
char privilege[]=SE_DEBUG_NAME;
HANDLE hprocess;
hinst=hinstance;
hprocess=GetCurrentProcess();
if(!UpPrivilege(hprocess,privilege))
MessageBox(NULL,"提升进程特权失败!","错误",MB_OK|MB_IConERROR);
InitCommonControls();
DialogBox(hinstance,(LPCTSTR)IDD_tianj03,NULL,(DLGPROC)Test);
return 1;
}
BOOL CALLBACK  Test(HWND hdlg , UINT message , WPARAM wParam , LPARAM lParam)
{
int i=0,index=0,id=0,n=0,iPart=0,uType=0;
int parts[]={75,160,-1};
char addstring[260],curid[32],idnum[5]={0},statutext[10]={"进程数:"};
char *psztext[]={"进程映象名","进程ID"};
char privilege[]="SE_SHUTDOWN_NAME";
char memstatus[15]={"内存使用:"},memuse[5]={0};
HANDLE hsnapshot,hprocess;
HICON hicon;
BOOL repeat;
NOTIFYICONDATA nid;
MEMORYSTATUS memstatu;
memstatu.dwLength=sizeof(MEMORYSTATUS);
PROCESSENTRY32 pe;
pe.dwSize=sizeof(PROCESSENTRY32);
LV_COLUMN lc;
LV_ITEM lt;
//  初始化 lc,lt
lc.mask=LVCF_WIDTH|LVCF_FMT|LVCF_TEXT|LVCF_SUBITEM;
lc.fmt=LVCFMT_LEFT;
lc.cx=110;
lc.pszText="";
lc.iSubItem=0;
lt.mask=LVIF_TEXT;
lt.iItem=0;
lt.iSubItem=0;
lt.pszText=psztext[1];
//  初始化 nid
nid.cbSize=sizeof(NOTIFYICONDATA);
   hicon=LoadIcon(hinst,(LPSTR)IDI_ICON);
nid.hIcon=hicon;
nid.hWnd=hdlg;
//nid.szTip=;
//nid.uCallbackMessage=;
nid.uFlags=NIF_ICON;
nid.uID=IDI_ICON;
switch(message)
{
case WM_INITDIALOG:
SendDlgItemMessage(hdlg,IDC_LISTVIEW_tianj03,LVM_SETEXTENDEDLISTVIEWstyle,0,(LPARAM)LVS_EX_FULLROWSELECT);
Shell_NotifyIcon(NIM_ADD,&nid);
SetWindowPos(hdlg,HWND_TOPMOST,100,10,230,330,SWP_NOSENDCHANGING);
SetTimer(hdlg,ID_TIMER,100,NULL);
CreateStatusWindow(WS_VISIBLE|WS_CHILD|SBS_SIZEGRIP,NULL,hdlg,IDC_STATUS);
       SendDlgItemMessage(hdlg,IDC_STATUS,SB_SETPARTS,3,(LPARAM)parts);
for(i=0;i<=1;i++)
{
lc.pszText=psztext[i];
lc.iSubItem=i;
if(i==1)
lc.cx=80;
SendDlgItemMessage(hdlg,IDC_LISTVIEW_tianj03,LVM_INSERTCOLUMN,(WPARAM)i,(LPARAM)&lc);
}
hsnapshot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
repeat=Process32First(hsnapshot,&pe);
lt.pszText=pe.szExeFile;
SendDlgItemMessage(hdlg,IDC_LISTVIEW_tianj03,LVM_INSERTITEM,(WPARAM)i,(LPARAM)<);
lt.iSubItem=1;
sprintf(addstring,"%i",pe.th32ProcessID);
lt.pszText=addstring;
SendDlgItemMessage(hdlg,IDC_LISTVIEW_tianj03,LVM_SETITEM,0,(LPARAM)<);
for(i=1;repeat;i++)
{
repeat=Process32Next(hsnapshot,&pe);
if(!repeat)
break;
lt.iItem=i;
lt.iSubItem=0;
lt.pszText=pe.szExeFile;
SendDlgItemMessage(hdlg,IDC_LISTVIEW_tianj03,LVM_INSERTITEM,0,(LPARAM)<);
           sprintf(addstring,"%i",pe.th32ProcessID);
lt.iSubItem=1;
lt.pszText=addstring;
SendDlgItemMessage(hdlg,IDC_LISTVIEW_tianj03,LVM_SETITEM,0,(LPARAM)<);
}
n=i;
CloseHandle(hsnapshot);
sprintf(idnum,"%i",n);
strcat(statutext,idnum);
       SendDlgItemMessage(hdlg,IDC_STATUS,SB_SETTEXT,iPart|uType,(LPARAM)statutext);
GlobalMemoryStatus(&memstatu);
   sprintf(memuse,"%i%%",memstatu.dwMemoryLoad);
   strcat(memstatus,memuse);
iPart=1;
SendDlgItemMessage(hdlg,IDC_STATUS,SB_SETTEXT,iPart|uType,(LPARAM)memstatus);
return TRUE;
case WM_TIMER:
Refresh(hdlg);
return TRUE;
case WM_COMMAND:
switch(wParam)
{
case IDTERMINATEPROCESS:
UpPrivilege(GetCurrentProcess(),privilege);
index=SendDlgItemMessage(hdlg,IDC_LISTVIEW_tianj03,LVM_GETNEXTITEM,(WPARAM)-1,LVNI_SELECTED);
           lt.iItem=index;
lt.iSubItem=1;
lt.cchTextMax=32;
lt.pszText=curid;
           SendDlgItemMessage(hdlg,IDC_LISTVIEW_tianj03,LVM_GETITEMTEXT,(WPARAM)index,(LPARAM)<);
id=atol(curid);
hprocess=OpenProcess(PROCESS_TERMINATE,0,id);
if(hprocess==NULL)
{
MessageBox(hdlg,"进程拒绝访问","错误",MB_OK|MB_IConERROR);
}
else
{
if(!TerminateProcess(hprocess,0))
{
MessageBox(NULL,"不能结束","Message",MB_OK);
}
else
{
SendDlgItemMessage(hdlg,IDC_LISTVIEW_tianj03,LVM_DELETEITEM,(WPARAM)index,0);
}
}
return TRUE;
case IDEXIT:
           UpPrivilege(GetCurrentProcess(),privilege);
ExitWindows(EWX_SHUTDOWN,0);
return TRUE;
}
case WM_CLOSE:
       Shell_NotifyIcon(NIM_DELETE,&nid);
KillTimer(hdlg,ID_TIMER);
EndDialog(hdlg,0);
PostQuitMessage(0);
}
return FALSE;
}
//刷新列表(自己感觉是对的,但实际运行会出现一点问题(不影响大局):就是本进程会在列表中出现两次,不知道那儿错了,如果找到了告诉我。)
void Refresh(HWND hwnd)
{
int i=0,j=0,maxitem=0,n=0,iPart=0,uType=0;
BOOL repeat=FALSE;
LV_ITEM lt;
char listid[50][34],processid[50][34],idnum[5]={0},statutext[10]={"进程数:"},memstatus[15]={"内存使用:"},memuse[5]={0};
char buffer[34];
HANDLE hsnapshot;
PROCESSENTRY32 pe[50];
MEMORYSTATUS memstatu;
memstatu.dwLength=sizeof(MEMORYSTATUS);
for(i=0;i<50;i++)
{
pe[i].dwSize=sizeof(PROCESSENTRY32);
}
maxitem=SendDlgItemMessage(hwnd,IDC_LISTVIEW_tianj03,LVM_GETITEMCOUNT,0,0);
for(i=0;i<maxitem;i++)
{
lt.pszText=listid[i];
lt.cchTextMax=33;
lt.iItem=i;
lt.iSubItem=1;
SendDlgItemMessage(hwnd,IDC_LISTVIEW_tianj03,LVM_GETITEMTEXT,(WPARAM)i,(LPARAM)<);
*listid[i]=*(lt.pszText);
}
hsnapshot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
repeat=Process32First(hsnapshot,&pe[0]);
sprintf(processid[0],"%i",pe[0].th32ProcessID);
for(i=1;repeat;i++)
{
repeat=Process32Next(hsnapshot,&pe[i]);
if(!repeat)
break;
sprintf(processid[i],"%i",pe[i].th32ProcessID);
n=i;
}
CloseHandle(hsnapshot);
sprintf(idnum,"%i",n+1);
strcat(statutext,idnum);
   SendDlgItemMessage(hwnd,IDC_STATUS,SB_SETTEXT,iPart|uType,(LPARAM)statutext);
GlobalMemoryStatus(&memstatu);
sprintf(memuse,"%i%%",memstatu.dwMemoryLoad);
strcat(memstatus,memuse);
//MessageBox(NULL,memuse,"",MB_OK);
iPart=1;
   SendDlgItemMessage(hwnd,IDC_STATUS,SB_SETTEXT,iPart|uType,(LPARAM)memstatus);
for(i=0;i<maxitem;i++)
{
for(j=0;j<=n;j++)
{
if(strcmp(listid[i],processid[j])==0)
break;
else
{
if(j==n)
SendDlgItemMessage(hwnd,IDC_LISTVIEW_tianj03,LVM_DELETEITEM,(WPARAM)i,0);
}
}
}
maxitem=SendDlgItemMessage(hwnd,IDC_LISTVIEW_tianj03,LVM_GETITEMCOUNT,0,0);
for(j=0;j<=n;j++)
{
for(i=0;i<=maxitem;i++)
{
if(strcmp(processid[j],listid[i])==0)
break;
else
{
if(i==maxitem)
{
lt.iItem=maxitem;
lt.iSubItem=0;
lt.pszText=pe[i].szExeFile;
SendDlgItemMessage(hwnd,IDC_LISTVIEW_tianj03,LVM_INSERTITEM,0,(LPARAM)<);
lt.iSubItem=1;
sprintf(buffer,"%i",pe[i].th32ProcessID);
lt.pszText=buffer;
SendDlgItemMessage(hwnd,IDC_LISTVIEW_tianj03,LVM_SETITEM,0,(LPARAM)<);
}
}
}
}
}
//提升进程权限,Nt下一些系统进程和服务的进程需要一定的特权才能结束。
BOOL UpPrivilege(HANDLE hprocess,LPCTSTR lpname)
{
HANDLE hToken;
TOKEN_PRIVILEGES Privileges;
   LUID luid;
//  下面为打开当前进程对话
   OpenProcessToken(hprocess,TOKEN_ADJUST_PRIVILEGES,&hToken);
   Privileges.PrivilegeCount=1;
   LookupPrivilegevalue(NULL,lpname,&luid);
   Privileges.Privileges[0].Luid=luid;
   Privileges.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
   if(AdjustTokenPrivileges(hToken,FALSE,&Privileges,NULL,NULL,NULL))
return TRUE;
return FALSE;
}

    

【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/mtcnn/p/9410245.html