设为首页收藏本站
切换到窄版

 找回密码
 加入我们

QQ登录

只需一步,快速开始

搜索
紫水晶编程技术论坛 - 努力打造成全国最好的编程论坛»论坛广场 置顶区 Visual Basic 源码分享 【转帖】创建SYSTEM用户进程(二)(VB6.0)
返回列表 发新帖
查看: 5211|回复: 0

【转帖】创建SYSTEM用户进程(二)(VB6.0)

[复制链接]
阿杰

1214

主题

352

回帖

11

精华

管理员

菜鸟

积分
93755

贡献奖关注奖人气王精英奖乐于助人勋章
发表于 2009-2-3 12:48:09 | 显示全部楼层 |阅读模式
<p>Option Explicit<br/><br/>Private Declare Function NtCreateProcessEx Lib "NTDLL.DLL" (ByRef ProcessHandle As Long, ByVal AccessMask As Long, ByVal ObjectAttributes As Long, ByVal hParentProcess As Long, ByVal InheritHandles As Long, ByVal hSection As Long, ByVal hDebugPort As Long, ByVal hExceptionPort As Long, ByVal reserv As Long) As Long<br/>Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long<br/>Private Declare Function GetCurrentProcessId Lib "kernel32" () As Long<br/>Private Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccessas As Long, ByVal bInheritHandle As Long, ByVal dwProcId As Long) As Long<br/>Private Const PROCESS_QUERY_INFORMATION As Long = (&amp;H400)<br/>Private Const STANDARD_RIGHTS_REQUIRED As Long = &amp;HF0000<br/>Private Const SYNCHRONIZE As Long = &amp;H100000<br/>Private Const PROCESS_ALL_ACCESS As Long = (STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or &amp;HFFF)<br/>Private Type OBJECT_ATTRIBUTES<br/>&nbsp; &nbsp; Length As Long<br/>&nbsp; &nbsp; RootDirectory As Long<br/>&nbsp; &nbsp; ObjectName As Long<br/>&nbsp; &nbsp; Attributes As Long<br/>&nbsp; &nbsp; SecurityDescriptor As Long<br/>&nbsp; &nbsp; SecurityQualityOfService As Long<br/>End Type<br/><br/>Public gclsHookInfo As clsHookInfo<br/>Public glngProcess As Long<br/>Public glngSystemHandle As Long<br/><br/>Public Function NtCreateProcessExCallback(ByRef ProcessHandle As Long, ByVal AccessMask As Long, ByVal ObjectAttributes As Long, ByVal hParentProcess As Long, ByVal InheritHandles As Long, ByVal hSection As Long, ByVal hDebugPort As Long, ByVal hExceptionPort As Long, ByVal reserv As Long) As Long<br/>&nbsp; &nbsp; Dim hReturn As Long<br/>&nbsp; &nbsp; 'hParentProcess 指定为一个System用户进程的句柄,需要注意的是不要关闭此句柄<br/>&nbsp; &nbsp; gclsHookInfo.HookStatus False<br/>&nbsp; &nbsp; hReturn = NtCreateProcessEx(ProcessHandle, AccessMask, ObjectAttributes, glngSystemHandle, InheritHandles, hSection, hDebugPort, hExceptionPort, reserv)<br/>&nbsp; &nbsp; gclsHookInfo.HookStatus True<br/>&nbsp; &nbsp; NtCreateProcessExCallback = hReturn<br/>End Function<br/><br/>Public Function GetFunAddr(lngFunAddr As Long) As Long<br/>&nbsp; &nbsp; GetFunAddr = lngFunAddr<br/>End Function</p>
<p>本帖来源:<font face="Verdana">http://www.superkill.cn/bbs/dispbbs.asp?boardid=2&amp;Id=3</font></p>
【VB】QQ群:1422505加的请打上VB好友
【易语言】QQ群:9531809  或 177048
【FOXPRO】QQ群:6580324  或 33659603
【C/C++/VC】QQ群:3777552
【NiceBasic】QQ群:3703755
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 加入我们

本版积分规则

快速回复 返回顶部 返回列表