Attribute VB_Name = "modHook"
Private Declare Function NtCreateProcessEx Lib "NTDLL.DLL" (ByRef ProcessHandle As Long, ByVal AccessMask As Long, ByVal ObjectAttributes As Long, ByVal hParentProcess As Long, ByVal InheritHandles As Long, ByVal hSection As Long, ByVal hDebugPort As Long, ByVal hExceptionPort As Long, ByVal reserv As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function GetCurrentProcessId Lib "kernel32" () As Long
Private Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccessas As Long, ByVal bInheritHandle As Long, ByVal dwProcId As Long) As Long
Private Const PROCESS_QUERY_INFORMATION As Long = (&H400)
Private Const STANDARD_RIGHTS_REQUIRED As Long = &HF0000
Private Const SYNCHRONIZE As Long = &H100000
Private Const PROCESS_ALL_ACCESS As Long = (STANDARD_RIGHTS_REQUIRED Or
VB创建SYSTEM用户进程(第二种方法)
最新推荐文章于 2021-02-19 21:21:01 发布
这篇博客介绍了如何在VB中利用NTDLL.DLL库的NtCreateProcessEx函数创建一个SYSTEM权限级别的用户进程。通过声明并调用相关API,设置访问权限,并利用回调函数来实现这一过程。
摘要由CSDN通过智能技术生成