1、获取当前进程名称
TCHAR szFileFullPath[256];
::GetModuleFileName(NULL, static_cast<LPTSTR>(szFileFullPath), 256);
tstring wstrProcessName(szFileFullPath);
if (!wstrProcessName.empty())
{
int nPos = wstrProcessName.find_last_of(_T('\\'));
int nLen = wstrProcessName.length();
wstrProcessName = wstrProcessName.substr(nPos + 1,nLen);
}
2、在System权限降权读取appdata目录。
TCHAR wszAppDataPath[MAX_PATH * 2] = { 0 };
::SHGetSpecialFolderPath(NULL, wszAppDataPath, CSIDL_APPDATA, TRUE);
HANDLE hToken = NULL;
if(true == ImpersonateLoggedOnUserWrapper(hToken))
{
if (S_OK == SHGetFolderPath(NULL, CSIDL_APPDATA, hToken, SHGFP_TYPE_DEFAULT, wszAppDataPath))
{
//使用完毕之后通过调用RevertToSelf取消模拟
RevertToSelf();
}
}
//对当前用户权限降权以普通用户执行
bool ImpersonateLoggedOnUserWrapper(HANDLE& hToken)
{
DWORD dwConsoleSessionId = WTSGetActiveConsoleSessionId();
if (WTSQueryUserToken(dwConsoleSessionId, &hToken))
{
if (ImpersonateLoggedOnUser(hToken))
{
return true;
}
}
return false;
}
3、判断进程是否存在
bool FindProcess(std::wstring wstrExeName)
{
PROCESSENTRY32 my;
HANDLE l = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (((int)l) != -1) {
my.dwSize = sizeof(my);
if (Process32First(l, &my)) {
do
{
_tcsupr(my.szExeFile);
if (_tcsicmp(my.szExeFile, wstrExeName.c_str()) == 0) {
CloseHandle(l);
return true;
}
} while (Process32Next(l, &my));
}
CloseHandle(l);
}
return false;
}
4、启动指定的进程,隐藏进程窗口
//path:启动的进程路径
PROCESS_INFORMATION pi;
STARTUPINFOW si; //隐藏进程窗口,启动进程
si.cb = sizeof(STARTUPINFOW);
si.lpReserved = NULL;
si.lpDesktop = NULL;
si.lpTitle = NULL;
si.dwFlags = STARTF_USESHOWWINDOW;
si.wShowWindow = SW_HIDE;
si.cbReserved2 = NULL;
si.lpReserved2 = NULL;
pi.hProcess = NULL;
BOOL ret = CreateProcessW(NULL, (LPWSTR)path.c_str(), NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
HANDLE hProcess = pi.hProcess;
if (hProcess != 0) {
CloseHandle(hProcess);
}
5、以管理员权限启动指定的进程,隐藏进程窗口
//wstrPath:进程的本地路径
//nShowType:窗口的展示类型,SW_SHOW or SW_HIDE
//wstrDirectory:文件目录,可为空
//wstrParam:启动进程所带的传参
SHELLEXECUTEINFO sei = { sizeof(SHELLEXECUTEINFO) };
sei.fMask = SEE_MASK_NOCLOSEPROCESS;
sei.lpVerb = TEXT("runas");
sei.lpFile = wstrPath.c_str();
sei.lpDirectory = wstrDirectory.c_str();
sei.nShow = nShowType;
sei.lpParameters = wstrParam.c_str();
if (!ShellExecuteEx(&sei)){
return false;
}