#include "stdafx.h"

#include <windows.h>

#include <iostream>

#include <COMDEF.H>

#include <stdio.h>

#include <Tlhelp32.h>

using namespace std;

typedef struct _UNICODE_STRING {

    USHORT Length;

    USHORT MaximumLength;

    PWSTR   Buffer;

} UNICODE_STRING, * PUNICODE_STRING;

//SystemProcessInformation

typedef struct _SYSTEM_PROCESS_INFORMATION

{

    DWORD             dwNextEntryOffset;

    DWORD             dwNumberOfThreads;

    LARGE_INTEGER     qSpareLi1;

    LARGE_INTEGER     qSpareLi2;

    LARGE_INTEGER     qSpareLi3;

    LARGE_INTEGER     qCreateTime;

    LARGE_INTEGER     qUserTime;

    LARGE_INTEGER     qKernelTime;

    UNICODE_STRING     ImageName;

    int                 nBasePriority;

    DWORD             dwProcessId;

    DWORD             dwInheritedFromUniqueProcessId;

    DWORD             dwHandleCount;

    DWORD             dwSessionId;

    ULONG             dwSpareUl3;

    SIZE_T             tPeakVirtualSize;

    SIZE_T             tVirtualSize;

    DWORD             dwPageFaultCount;

    DWORD             dwPeakWorkingSetSize;

    DWORD             dwWorkingSetSize;

    SIZE_T             tQuotaPeakPagedPoolUsage;

    SIZE_T             tQuotaPagedPoolUsage;

    SIZE_T             tQuotaPeakNonPagedPoolUsage;

    SIZE_T             tQuotaNonPagedPoolUsage;

    SIZE_T             tPagefileUsage;

    SIZE_T             tPeakPagefileUsage;

    SIZE_T             tPrivatePageCount;

    LARGE_INTEGER     qReadOperationCount;

    LARGE_INTEGER     qWriteOperationCount;

    LARGE_INTEGER     qOtherOperationCount;

    LARGE_INTEGER     qReadTransferCount;

    LARGE_INTEGER     qWriteTransferCount;

    LARGE_INTEGER     qOtherTransferCount;

}SYSTEM_PROCESS_INFORMATION;

/*----------------------------------------------------

       函数说明: 动态加载动库文件

           输入参数: pDllName 库文件名称,pProcName导出函数名字

           输出参数: 无

           返回值   : 返回函数的的地址

----------------------------------------------------*/

VOID* GetDllProc(const TCHAR* pDllName, const CHAR* pProcName)

{

    HMODULE         hMod;

    hMod = LoadLibrary(pDllName);

    if (hMod == NULL)

        return NULL;

    return GetProcAddress(hMod, pProcName);

}

//宏定义函数的指针

typedef LONG(WINAPI* Fun_NtQuerySystemInformation) (int   SystemInformationClass,

    OUT PVOID SystemInformation,

    IN ULONG SystemInformationLength,

    OUT ULONG* pReturnLength OPTIONAL);

typedef BYTE(WINAPI* Fun_WinStationGetProcessSid)(HANDLE hServer, DWORD   ProcessId,

    FILETIME   ProcessStartTime, PBYTE pProcessUserSid, PDWORD dwSidSize);

typedef VOID(WINAPI* Fun_CachedGetUserFromSid)(PSID pSid, PWCHAR pUserName, PULONG cbUserName);

#define STATUS_INFO_LENGTH_MISMATCH         ((LONG)0xC0000004L)

#define SystemProcessInformation         5 

/*------------------------------------------------------------------

     函数说明: 获取系统进程的信息

         输入参数: SYSTEM_PROCESS_INFORMATION

         输出参数: 无

--------------------------------------------------------------------*/

BOOL GetSysProcInfo(SYSTEM_PROCESS_INFORMATION * *ppSysProcInfo)

{

    Fun_NtQuerySystemInformation     _NtQuerySystemInformation;

    _NtQuerySystemInformation = (Fun_NtQuerySystemInformation)::GetDllProc(TEXT("NTDLL.DLL"), "NtQuerySystemInformation");

    if (_NtQuerySystemInformation == NULL)

        return FALSE;

    DWORD         dwSize =  * ;

    VOID* pBuf = NULL;

    LONG         lRetVal;

    while(true)

    {

        if (pBuf)

            free(pBuf);

        pBuf = (VOID*)malloc(dwSize);

        lRetVal = _NtQuerySystemInformation(SystemProcessInformation,pBuf, dwSize, NULL);

        if (STATUS_INFO_LENGTH_MISMATCH != lRetVal)

            break;

        dwSize *= ;

    }

    if (lRetVal == )

    {

        *ppSysProcInfo = (SYSTEM_PROCESS_INFORMATION*)pBuf;

        return TRUE;

    }

    free(pBuf);

    return FALSE;

}

BOOL GetProcessUser(DWORD dwPid, _bstr_t* pbStrUser)

{

    Fun_WinStationGetProcessSid         _WinStationGetProcessSid;

    Fun_CachedGetUserFromSid         _CachedGetUserFromSid;

    _WinStationGetProcessSid = (Fun_WinStationGetProcessSid)

        GetDllProc(TEXT("Winsta.dll"), "WinStationGetProcessSid");

    _CachedGetUserFromSid = (Fun_CachedGetUserFromSid)

        GetDllProc(TEXT("utildll.dll"), "CachedGetUserFromSid");

    if (_WinStationGetProcessSid == NULL || _CachedGetUserFromSid == NULL)

        return FALSE;

    BYTE         cRetVal;

    FILETIME     ftStartTime;

    DWORD         dwSize;

    BYTE* pSid;

    BOOL         bRetVal, bFind;

    SYSTEM_PROCESS_INFORMATION* pProcInfo, * pCurProcInfo;

    bRetVal = GetSysProcInfo(&pProcInfo);

    if (bRetVal == FALSE || pProcInfo == NULL)

        return FALSE;

    bFind = FALSE;

    pCurProcInfo = pProcInfo;

    for (;;)

    {

        if (pCurProcInfo->dwProcessId == dwPid)

        {

            memcpy(&ftStartTime, &pCurProcInfo->qCreateTime, sizeof(ftStartTime));

            bFind = TRUE;

            break;

        }

        if (pCurProcInfo->dwNextEntryOffset == )

            break;

        pCurProcInfo = (SYSTEM_PROCESS_INFORMATION*)((BYTE*)pCurProcInfo +

            pCurProcInfo->dwNextEntryOffset);

    }

    if (bFind == FALSE)

    {

        free(pProcInfo);

        return FALSE;

    }

    cRetVal = _WinStationGetProcessSid(NULL, dwPid, ftStartTime, NULL, &dwSize);

    if (cRetVal != )

        return FALSE;

    pSid = new BYTE[dwSize];

    cRetVal = _WinStationGetProcessSid(NULL, dwPid, ftStartTime, pSid, &dwSize);

    if (cRetVal == )

    {

        delete[] pSid;

        return FALSE;

    }

    WCHAR   szUserName[];

    _CachedGetUserFromSid(pSid, szUserName, &dwSize);

    delete[] pSid;

    if (dwSize == )

        return FALSE;

    *pbStrUser = szUserName;

    return TRUE;

}

void AdjustPrivilege()

{

    HANDLE hToken;

    if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&hToken))

    {

        printf("OpenProcessToken error\n");

        return;

    }

    LUID myLUID;

    LookupPrivilegeValue(NULL,SE_DEBUG_NAME, &myLUID);

    TOKEN_PRIVILEGES tp={sizeof(tp)};

    tp.PrivilegeCount=;

    tp.Privileges[].Luid=myLUID;

    tp.Privileges[].Attributes=SE_PRIVILEGE_ENABLED;

    if(AdjustTokenPrivileges(hToken,FALSE,&tp,sizeof(tp),NULL,NULL))

    {

        /*MessageBox(NULL,TEXT("权限提升成功"),TEXT(""),0);*/

    }

    CloseHandle(hToken);

}

int main()

{

    TCHAR szProcessName[] = TEXT("services.exe");

    BOOL bFind = FALSE;

    TCHAR ch[] = {  };

    _bstr_t bs;

    memcpy(&bs, ch, sizeof(bs));

    PROCESSENTRY32 pe32;

    pe32.dwSize = sizeof(pe32);

    HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,);//获取进程快照

    if(hProcessSnap == INVALID_HANDLE_VALUE)

        return false;

    BOOL bResult = Process32First(hProcessSnap,&pe32);

    AdjustPrivilege();

    while (bResult)

    {

          GetProcessUser(, &bs);

          bResult = Process32Next(hProcessSnap,&pe32);

    }    

        //    GetProcessUser(pi.th32ProcessID, &bs); //第一个参数写的是你的进程ID 

}

获取服务进程server.exe的pid(0号崩溃)的更多相关文章

  1. 怎样在windows下和linux下获取文件(如exe文件)的具体信息和属性

    版权声明:本文为博主原创文章.未经博主同意不得转载. https://blog.csdn.net/xmt1139057136/article/details/25620685 程序猿都非常懒.你懂的! ...

  2. vs2010旗舰版后,运行调试一个项目时调试不了,提示的是:无法使用“pc”附加到应用程序“webdev.webserver40.exe(PID:2260”

    具体问题描述: vs2010旗舰版后,运行调试一个项目时调试不了,能编译,按ctrl+f5 可以运行,但是就是调试就不行,提示的是:无法使用“pc”附加到应用程序“webdev.webserver40 ...

  3. Windows Server 2003服务器.net4.0+IIS6.0的服务器,IE11浏览器访问的不兼容性

    工作中发生了一件诡异的事情: 程序在Win7+.NET4.0+IIS7.5的服务器部署,IE8和IE11请求时,响应的样式都正常. 但是在美的同事反映说,Windows Server 2003服务器. ...

  4. Linux下0号进程的前世(init_task进程)今生(idle进程)----Linux进程的管理与调度(五)【转】

    前言 Linux下有3个特殊的进程,idle进程(PID = 0), init进程(PID = 1)和kthreadd(PID = 2) idle进程由系统自动创建, 运行在内核态 idle进程其pi ...

  5. linux的0号进程和1号进程

    linux的 0号进程 和 1 号进程 Linux下有3个特殊的进程,idle进程(PID = 0), init进程(PID = 1)和kthreadd(PID = 2) * idle进程由系统自动创 ...

  6. nfs mount 故障 mount.nfs: access denied by server while mounting 10.0.100.208:/backup_usb

    生产环境: 服务端centos7.2,客户端:ubuntu16.04 挂载出现的故障: root@HDCtrl100:/mnt# mount -t nfs 10.0.100.208:/backup_u ...

  7. 创建1M-1T的虚拟磁盘(内存盘)——使用破解版 Primo Ramdisk Server Edition v5.6.0

    破解版 Primo Ramdisk Server Edition v5.6.0下载: https://pan.lanzou.com/i0sgcne 步骤: 下载并解压后安装“Primo.Ramdisk ...

  8. 【java异常】org.springframework.web.util.NestedServletException: Handler processing failed;Can't connect to X11 window server using 'localhost:10.0' as the value of th

    tomcat工程中创建二维码失败.抛出异常Can't connect to X11 window server using 'localhost:10.0' as the value of th 因为 ...

  9. [转]HTTP Error 500.21 - Internal Server Error Handler "ExtensionlessUrlHandler-Integrated-4.0" has a bad module "ManagedPipelineHandler" in its module list

    1.错误 HTTP Error 500.21 - Internal Server Error Handler "ExtensionlessUrlHandler-Integrated-4.0& ...

随机推荐

  1. Linux基础命令及使用帮助

    一.内部命令 内置命令(builtin):由shell程序自带的命令 help:查看内部命令 enable -n command 禁用某内部命令 enable -n 查看全部被禁用的命令 enable ...

  2. Linux新增用户,并设置Root(管理员)权限

    在使用Linux过程中,Root账号拥有最大的操作权限.为保证Root账号安全,一般不直接使用Root账号,而是直接创建一个拥有Root权限的其它账号来使用.详细操作步骤如下 第一步,创建用户,如下图 ...

  3. css简单实现带箭头的边框

    原文地址 https://tianshengjie.cn/artic... css简单实现带箭头的边框 普通边框 <style> .border { width: 100px; heigh ...

  4. andriod\iphone视频禁止全屏播放

    x-webkit-airplay="true" x5-playsinline="true" webkit-playsinline="true" ...

  5. 使用Git上传本地项目到http://git.oschina.net

    本文前言,因倡导开源精神,我也把代码传上了开源社区,可是,当初使用http://git.oschina.net 网站上传代码的时候不知道使用工具.我竟然一个文件一个文件复制粘贴,可费了我好大一个劲儿, ...

  6. canvas 方块旋转案例

    <!doctype html><html><head> <meta charset="UTF-8"> <meta name=& ...

  7. 【tensorflow使用笔记二】:tensorflow中input_data.py代码有问题的解决方法

    由于input_data网页打不开,因此从博客找到代码copy: https://blog.csdn.net/weixin_43159628/article/details/83241345 将代码放 ...

  8. 使用Dockerfile封装Django镜像

    第一步: 在/opt下建立了docker目录,下载一个django-2.1.7的源码包, touch Dockerfile和run.sh,其中run.sh是用来执行Django的bash脚本,Dock ...

  9. (一)Maven之使用入门

    目录 今天是端午节哦,昨天大学同学举个了会.鱼头泡饼贼拉香,嗯哼,有点跑题了:之后去了同学家里坐了坐:发现同我有一样的书,即:<maven实战>:记得是从二手网店淘到的,已经买了有小半年, ...

  10. 阶段1 语言基础+高级_1-3-Java语言高级_06-File类与IO流_09 序列化流_6_练习_序列化集合