- uses Tlhelp32;
- procedure SetPrivilege;//DEBUG提权
- var
- OldTokenPrivileges, TokenPrivileges: TTokenPrivileges;
- ReturnLength: dword;
- hToken: THandle;
- Luid: int64;
- begin
- OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES, hToken);
- LookupPrivilegeValue(nil, 'SeDebugPrivilege', Luid);
- TokenPrivileges.Privileges[0].luid := Luid;
- TokenPrivileges.PrivilegeCount := 1;
- TokenPrivileges.Privileges[0].Attributes := 0;
- AdjustTokenPrivileges(hToken, False, TokenPrivileges, SizeOf(TTokenPrivileges), OldTokenPrivileges, ReturnLength);
- OldTokenPrivileges.Privileges[0].luid := Luid;
- OldTokenPrivileges.PrivilegeCount := 1;
- OldTokenPrivileges.Privileges[0].Attributes := TokenPrivileges.Privileges[0].Attributes or SE_PRIVILEGE_ENABLED;
- AdjustTokenPrivileges(hToken, False, OldTokenPrivileges, ReturnLength, PTokenPrivileges(nil)^, ReturnLength);
- end;
- procedure TForm1.FormCreate(Sender: TObject);
- begin
- SetPrivilege;
- end;
- procedure TForm1.ProcessEnum(Sender: TObject);
- var
- ProcessList :Thandle;
- pe :TPROCESSENTRY32;
- node :TTreenode;
- processnumber :integer;
- procedure ModuleEnum(processid:Dword);
- var
- ModuleList :Thandle;
- pm :TMODULEENTRY32;
- begin
- ModuleList:=CreateToolhelp32Snapshot
- (TH32CS_SNAPMODULE,processID);
- pm.dwSize:=sizeof(TMODULEENTRY32);
- if module32first(ModuleList,pm)
- then begin
- treeview1.Items.addchild(node,pm.szexepath);
- while module32next(ModuleList,pm) do
- treeview1.items.addchild(node,pm.szexepath);
- end;
- closehandle(ModuleList);
- end; // ModuleEnum
- begin // ProcessEnum
- processnumber:=0;
- treeview1.Items.Clear;
- ProcessList:=CreateToolhelp32Snapshot
- (TH32CS_SNAPPROCESS,0);
- pe.dwSize:=sizeof(TPROCESSENTRY32);
- if process32first(ProcessList,pe) then
- begin
- node:=treeview1.Items.Add(nil,pe.szexefile);
- ModuleEnum(pe.th32ProcessID);
- inc(processnumber);
- while process32next(ProcessList,pe) do
- begin
- node:=treeview1.Items.Add(nil,pe.szexefile);
- ModuleEnum(pe.th32ProcessID);
- inc(processnumber);
- end;
- end;
- edit1.text:='系统进程:'+inttostr(processnumber);
- closehandle(ProcessList);
- end;
Delphi 枚举系统进程以及模块文件名
最新推荐文章于 2019-06-04 11:21:09 发布