如何提升进程的权限

最新推荐文章于 2023-11-24 23:35:05 发布
最新推荐文章于 2023-11-24 23:35:05 发布
阅读量191 收藏
点赞数
原文链接:http://www.cnblogs.com/feiyucq/archive/2009/10/22/1588122.html
版权
我们可以通过WriteProcessMemory函数直接修改其他进程的内存从而实现内存补丁或者游戏修改之类的功能,但是,有个问题,并不是所有的程序都是能够被写内存的,这从前面的日志 通过CreateToolhelp32Snapshot函数获得系统中当前运行的进程信息2 可以看出来,好多程序的打开状态是失败的。所以,提升当前进程的权限非常非常必要。程序实现的代码如下:
ContractedBlock.gif ExpandedBlockStart.gif Code
#include <windows.h>
#include <tlhelp32.h>
BOOL CALLBACK EnumChildWindowProc(HWND hWnd,LPARAM lParam);//枚举记事本中的子窗口
char mess[999999];
int WINAPI WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nShowCmd)
{
    HWND nphWnd=::FindWindow("notepad",NULL);
    if(nphWnd)
    {
        char temp[1024];
        PROCESSENTRY32 pe32;
        pe32.dwSize=sizeof(pe32);
        HANDLE hProcessSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);//获得进程列表的快照,第一个参数可以有其他选项,详细请参考MSDN
        if(hProcessSnap==INVALID_HANDLE_VALUE)
        {
            ::MessageBox(NULL,"CreateToolhelp32Snapshot error","error",MB_OK);
            return 0;
        }
        HANDLE hProcess;
        HANDLE hToken;
        BOOL bMore;
        TOKEN_PRIVILEGES tkp;
        //获得本进程的句柄,并提升其权限
        bMore=::Process32First(hProcessSnap,&pe32);
        while(bMore)
        {
            ::wsprintf(temp,"%s",pe32.szExeFile);
            if(!::strcmp(temp,"upprocess.exe"))//找到本进程
            {
                //提升权限
                //获得debug权限的LUID
                if(!::LookupPrivilegeValue(NULL,"SeDebugPrivilege",&tkp.Privileges[0].Luid))
                {
                    ::MessageBox(NULL,"LookupPrivilegeValue error","error",MB_OK);
                    return 0;
                }
                tkp.PrivilegeCount=1;
                tkp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
                //打开进程的令牌环
                if(!::OpenProcessToken(::GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,&hToken))
                {
                    ::MessageBox(NULL,"OpenProcessToken error","error",MB_OK);
                    return 0;
                }
                //修改进程权限
                if(!::AdjustTokenPrivileges(hToken,FALSE,&tkp,0,(PTOKEN_PRIVILEGES)NULL, 0))
                {
                    ::MessageBox(NULL,"AdjustTokenPrivileges error","error",MB_OK);
                    return 0;
                }
                break;
            }
            bMore=::Process32Next(hProcessSnap,&pe32);
        }
        //获得本进程的句柄,并提升其权限
        bMore=::Process32First(hProcessSnap,&pe32);//获得第一个进程的信息
        while(bMore)
        {
            ::wsprintf(temp,"%s%s%s%d%s","\r\n进程名: ",pe32.szExeFile," 进程ID: ",pe32.th32ProcessID,"\r\n");
            ::strcat(mess,temp);

            hProcess=::OpenProcess(PROCESS_ALL_ACCESS,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄
            ::wsprintf(temp,"%s","PROCESS_ALL_ACCESS权限: ");
            ::strcat(mess,temp);
            if(hProcess==NULL)
            {
                ::wsprintf(temp,"%s","失败\r\n");
                ::strcat(mess,temp);
                ::CloseHandle(hProcess);
            }
            else
            {
                ::wsprintf(temp,"%s","成功\r\n");
                ::strcat(mess,temp);
                ::CloseHandle(hProcess);
            }

            HANDLE hProcess=::OpenProcess(PROCESS_CREATE_PROCESS,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄
            ::wsprintf(temp,"%s","PROCESS_CREATE_PROCESS权限: ");
            ::strcat(mess,temp);
            if(hProcess==NULL)
            {
                ::wsprintf(temp,"%s","失败\r\n");
                ::strcat(mess,temp);
            }
            else
            {
                ::wsprintf(temp,"%s","成功\r\n");
                ::strcat(mess,temp);
                ::CloseHandle(hProcess);
            }

            hProcess=::OpenProcess(PROCESS_CREATE_THREAD,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄
            ::wsprintf(temp,"%s","PROCESS_CREATE_THREAD权限: ");
            ::strcat(mess,temp);
            if(hProcess==NULL)
            {
                ::wsprintf(temp,"%s","失败\r\n");
                ::strcat(mess,temp);
            }
            else
            {
                ::wsprintf(temp,"%s","成功\r\n");
                ::strcat(mess,temp);
                ::CloseHandle(hProcess);
            }

            hProcess=::OpenProcess(PROCESS_DUP_HANDLE,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄
            ::wsprintf(temp,"%s","PROCESS_DUP_HANDLE权限: ");
            ::strcat(mess,temp);
            if(hProcess==NULL)
            {
                ::wsprintf(temp,"%s","失败\r\n");
                ::strcat(mess,temp);
            }
            else
            {
                ::wsprintf(temp,"%s","成功\r\n");
                ::strcat(mess,temp);
                ::CloseHandle(hProcess);
            }

            hProcess=::OpenProcess(PROCESS_QUERY_INFORMATION,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄
            ::wsprintf(temp,"%s","PROCESS_QUERY_INFORMATION权限: ");
            ::strcat(mess,temp);
            if(hProcess==NULL)
            {
                ::wsprintf(temp,"%s","失败\r\n");
                ::strcat(mess,temp);
            }
            else
            {
                ::wsprintf(temp,"%s","成功\r\n");
                ::strcat(mess,temp);
                ::CloseHandle(hProcess);
            }

            hProcess=::OpenProcess(PROCESS_SET_INFORMATION,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄
            ::wsprintf(temp,"%s","PROCESS_SET_INFORMATION权限: ");
            ::strcat(mess,temp);
            if(hProcess==NULL)
            {
                ::wsprintf(temp,"%s","失败\r\n");
                ::strcat(mess,temp);
            }
            else
            {
                ::wsprintf(temp,"%s","成功\r\n");
                ::strcat(mess,temp);
                ::CloseHandle(hProcess);
            }

            hProcess=::OpenProcess(PROCESS_TERMINATE,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄
            ::wsprintf(temp,"%s","PROCESS_TERMINATE权限: ");
            ::strcat(mess,temp);
            if(hProcess==NULL)
            {
                ::wsprintf(temp,"%s","失败\r\n");
                ::strcat(mess,temp);
            }
            else
            {
                ::wsprintf(temp,"%s","成功\r\n");
                ::strcat(mess,temp);
                ::CloseHandle(hProcess);
            }

            hProcess=::OpenProcess(PROCESS_VM_OPERATION,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄
            ::wsprintf(temp,"%s","PROCESS_VM_OPERATION权限: ");
            ::strcat(mess,temp);
            if(hProcess==NULL)
            {
                ::wsprintf(temp,"%s","失败\r\n");
                ::strcat(mess,temp);
            }
            else
            {
                ::wsprintf(temp,"%s","成功\r\n");
                ::strcat(mess,temp);
                ::CloseHandle(hProcess);
            }

            hProcess=::OpenProcess(PROCESS_VM_READ,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄
            ::wsprintf(temp,"%s","PROCESS_VM_READ权限: ");
            ::strcat(mess,temp);
            if(hProcess==NULL)
            {
                ::wsprintf(temp,"%s","失败\r\n");
                ::strcat(mess,temp);
            }
            else
            {
                ::wsprintf(temp,"%s","成功\r\n");
                ::strcat(mess,temp);
                ::CloseHandle(hProcess);
            }

            hProcess=::OpenProcess(PROCESS_VM_WRITE,false,(DWORD)pe32.th32ProcessID);//根据进程ID获得进程句柄
            ::wsprintf(temp,"%s","PROCESS_VM_WRITE权限: ");
            ::strcat(mess,temp);
            if(hProcess==NULL)
            {
                ::wsprintf(temp,"%s","失败\r\n");
                ::strcat(mess,temp);
            }
            else
            {
                ::wsprintf(temp,"%s","成功\r\n");
                ::strcat(mess,temp);
                ::CloseHandle(hProcess);
            }
            bMore=::Process32Next(hProcessSnap,&pe32);//获得其他进程信息
        }
        ::EnumChildWindows(nphWnd,EnumChildWindowProc,0);//获得记事本的edit窗口,打印进程信息
        return 0;
    }
    else
    {
        ::MessageBox(NULL,"please open notepad","error",MB_OK);
        return 0;
    }
}
BOOL CALLBACK EnumChildWindowProc(HWND hWnd,LPARAM lParam)
{
    char temp1[256];
    if(hWnd)
    {
        ::GetClassName(hWnd,temp1,255);
        if(!::strcmp(temp1,"Edit"))//得到edit子窗口句柄
        {
            ::SendMessage(hWnd,WM_SETTEXT,0,(LPARAM)mess);
            return 0;
        }
    }
    return true;
}

这段代码就是在 通过CreateToolhelp32Snapshot函数获得系统中当前运行的进程信息2 基础上做了修改,在检测当前进程的权限之前加上了提升当前进程权限的过程,权限提升之前进程权限如下所示:

ContractedBlock.gif ExpandedBlockStart.gif Code

进程名: [System Process] 进程ID: 0
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 失败
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 失败
PROCESS_VM_WRITE权限: 失败

进程名: System 进程ID: 4
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: smss.exe 进程ID: 852
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: csrss.exe 进程ID: 912
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 失败
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 失败
PROCESS_VM_WRITE权限: 失败

进程名: winlogon.exe 进程ID: 904
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: services.exe 进程ID: 980
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: lsass.exe 进程ID: 992
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: ati2evxx.exe 进程ID: 1172
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: svchost.exe 进程ID: 1188
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: svchost.exe 进程ID: 1256
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 失败
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 失败
PROCESS_VM_WRITE权限: 失败

进程名: svchost.exe 进程ID: 1920
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: svchost.exe 进程ID: 584
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 失败
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 失败
PROCESS_VM_WRITE权限: 失败

进程名: svchost.exe 进程ID: 756
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 失败
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 失败
PROCESS_VM_WRITE权限: 失败

进程名: ati2evxx.exe 进程ID: 876
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: ccSetMgr.exe 进程ID: 1452
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: ccEvtMgr.exe 进程ID: 580
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: spoolsv.exe 进程ID: 1332
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: scardsvr.exe 进程ID: 1376
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 失败
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 失败
PROCESS_VM_WRITE权限: 失败

进程名: explorer.exe 进程ID: 512
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: smax4pnp.exe 进程ID: 1656
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: QLBCtrl.exe 进程ID: 1664
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: SynTPEnh.exe 进程ID: 1696
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: HPWAMain.exe 进程ID: 1720
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: accrdsub.exe 进程ID: 740
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: ccApp.exe 进程ID: 1800
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: VPTray.exe 进程ID: 1828
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: GooglePinyinDaemon.exe 进程ID: 1992
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: svchost.exe 进程ID: 224
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 失败
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 失败
PROCESS_VM_WRITE权限: 失败

进程名: acevents.exe 进程ID: 228
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: peer.exe 进程ID: 536
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: accoca.exe 进程ID: 1752
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: agrsmsvc.exe 进程ID: 1792
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: DefWatch.exe 进程ID: 1816
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: ctfmon.exe 进程ID: 1856
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: PPLiveVA.exe 进程ID: 1876
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: svchost.exe 进程ID: 1976
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: Rtvscan.exe 进程ID: 2204
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: PPSAP.exe 进程ID: 2268
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: PPAP.exe 进程ID: 2656
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: vmware-authd.exe 进程ID: 2872
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: CNAB4RPK.EXE 进程ID: 3280
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: vmount2.exe 进程ID: 3936
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: vmnat.exe 进程ID: 3972
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: vmnetdhcp.exe 进程ID: 320
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: hpqWmiEx.exe 进程ID: 2516
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: wmiprvse.exe 进程ID: 2884
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 失败
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 失败
PROCESS_VM_WRITE权限: 失败

进程名: alg.exe 进程ID: 1536
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 失败
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 失败
PROCESS_VM_WRITE权限: 失败

进程名: Com4QLBEx.exe 进程ID: 4024
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 失败

进程名: HpqToaster.exe 进程ID: 3484
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: taskmgr.exe 进程ID: 2936
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: QQ.exe 进程ID: 3900
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: TXPlatform.exe 进程ID: 1576
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: FetionFx.exe 进程ID: 1760
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: conime.exe 进程ID: 2436
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: PPLive.exe 进程ID: 4896
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: QQMusic.exe 进程ID: 2308
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: Maxthon.exe 进程ID: 4888
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: NOTEPAD.EXE 进程ID: 312
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: MSDEV.EXE 进程ID: 4464
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: War3.exe 进程ID: 5628
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 失败
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 失败
PROCESS_VM_WRITE权限: 失败

进程名: upprocess.exe 进程ID: 4536
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

魔兽争霸3的进程竟然什么权限都没有,郁闷啊,在提升了当前进程的权限以后,结果如下:

ContractedBlock.gif ExpandedBlockStart.gif Code

进程名: [System Process] 进程ID: 0
PROCESS_ALL_ACCESS权限: 失败
PROCESS_CREATE_PROCESS权限: 失败
PROCESS_CREATE_THREAD权限: 失败
PROCESS_DUP_HANDLE权限: 失败
PROCESS_QUERY_INFORMATION权限: 失败
PROCESS_SET_INFORMATION权限: 失败
PROCESS_TERMINATE权限: 失败
PROCESS_VM_OPERATION权限: 失败
PROCESS_VM_READ权限: 失败
PROCESS_VM_WRITE权限: 失败

进程名: System 进程ID: 4
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: smss.exe 进程ID: 852
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: csrss.exe 进程ID: 912
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: winlogon.exe 进程ID: 904
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: services.exe 进程ID: 980
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: lsass.exe 进程ID: 992
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: ati2evxx.exe 进程ID: 1172
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: svchost.exe 进程ID: 1188
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: svchost.exe 进程ID: 1256
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: svchost.exe 进程ID: 1920
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: svchost.exe 进程ID: 584
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: svchost.exe 进程ID: 756
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: ati2evxx.exe 进程ID: 876
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: ccSetMgr.exe 进程ID: 1452
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: ccEvtMgr.exe 进程ID: 580
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: spoolsv.exe 进程ID: 1332
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: scardsvr.exe 进程ID: 1376
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: explorer.exe 进程ID: 512
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: smax4pnp.exe 进程ID: 1656
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: QLBCtrl.exe 进程ID: 1664
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: SynTPEnh.exe 进程ID: 1696
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: HPWAMain.exe 进程ID: 1720
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: accrdsub.exe 进程ID: 740
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: ccApp.exe 进程ID: 1800
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: VPTray.exe 进程ID: 1828
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: GooglePinyinDaemon.exe 进程ID: 1992
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: svchost.exe 进程ID: 224
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: acevents.exe 进程ID: 228
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: peer.exe 进程ID: 536
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: accoca.exe 进程ID: 1752
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: agrsmsvc.exe 进程ID: 1792
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: DefWatch.exe 进程ID: 1816
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: ctfmon.exe 进程ID: 1856
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: PPLiveVA.exe 进程ID: 1876
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: svchost.exe 进程ID: 1976
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: Rtvscan.exe 进程ID: 2204
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: PPSAP.exe 进程ID: 2268
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: PPAP.exe 进程ID: 2656
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: vmware-authd.exe 进程ID: 2872
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: CNAB4RPK.EXE 进程ID: 3280
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: vmount2.exe 进程ID: 3936
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: vmnat.exe 进程ID: 3972
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: vmnetdhcp.exe 进程ID: 320
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: hpqWmiEx.exe 进程ID: 2516
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: wmiprvse.exe 进程ID: 2884
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: alg.exe 进程ID: 1536
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: Com4QLBEx.exe 进程ID: 4024
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: HpqToaster.exe 进程ID: 3484
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: taskmgr.exe 进程ID: 2936
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: QQ.exe 进程ID: 3900
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: TXPlatform.exe 进程ID: 1576
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: FetionFx.exe 进程ID: 1760
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: conime.exe 进程ID: 2436
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: PPLive.exe 进程ID: 4896
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: QQMusic.exe 进程ID: 2308
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: Maxthon.exe 进程ID: 4888
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: NOTEPAD.EXE 进程ID: 312
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: MSDEV.EXE 进程ID: 4464
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: War3.exe 进程ID: 5628
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

进程名: upprocess.exe 进程ID: 456
PROCESS_ALL_ACCESS权限: 成功
PROCESS_CREATE_PROCESS权限: 成功
PROCESS_CREATE_THREAD权限: 成功
PROCESS_DUP_HANDLE权限: 成功
PROCESS_QUERY_INFORMATION权限: 成功
PROCESS_SET_INFORMATION权限: 成功
PROCESS_TERMINATE权限: 成功
PROCESS_VM_OPERATION权限: 成功
PROCESS_VM_READ权限: 成功
PROCESS_VM_WRITE权限: 成功

全部都成功了,哈哈!如果没有钩子或者保护程序存在的话,下面就可以直接修改魔兽争霸了,哈哈哈!!

 

转载于:https://www.cnblogs.com/feiyucq/archive/2009/10/22/1588122.html

weixin_34380781
关注
通过进程id获取进程句柄_深入剖析线程与进程句柄泄露漏洞(下)
weixin_39820173的博客
12-18 440
(接上文)PROCESS_VM_*这涵盖了VM访问权限的三种类型:WRITE/READ/OPERATION。前两个权限应该是不言自明的,第三个权限允许操作虚拟地址空间本身,例如修改页面保护(VirtualProtectEx)或分配内存(VirtualAllocEx)。本文不打算介绍这三种权限的排列组合情况,但我认为`PROCESS_VM_WRITE`是必要的前置条件。虽然`PROCESS...
如何提升进程权限
oldmtn的专栏
02-14 986
<br />HANDLE hToken;<br />LUID sedebugnameValue;<br />TOKEN_PRIVILEGES tp;<br />BOOL EnableDebugPrivilages()<br />{<br /> if (!::OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))<br /> {<br />  return FALSE;<br /> }<br
win32api之进程的创建与使用(二)
xf555er的博客
03-19 1647
在计算机操作系统中,进程是正在运行中的程序的实例。进程是操作系统进行资源分配和管理的基本单位,包括内存、文件句柄、系统状态等。每个进程都有自己的独立内存空间和运行状态,因此它们不会互相干扰,也不会互相影响。多个进程可以在操作系统上同时运行,每个进程都在自己的空间里执行自己的代码。
dllzhuru.rar_dllzhuru_提升权限_提升进程权限_进程 注入
09-24
在IT领域,尤其是系统编程和逆向工程中,"dllzhuru.rar_dllzhuru_提升权限_提升进程权限_进程 注入"这个标题涉及到的是Windows操作系统中的动态链接库(DLL)注入技术和权限提升的技巧。DLL注入是一种技术,它允许一...
易语言模块提升进程权限.rar
03-29
综上所述,“易语言模块提升进程权限”是一个涉及到系统底层操作和安全性的技术话题,开发者需要深入理解权限控制原理,谨慎使用权限提升技术,同时注重代码的安全性和稳定性,以提供更安全、可靠的软件产品。...
sysrun.rar_C 提升权限_sys run_sysrun_提升权限_提升进程权限
09-23
我们将基于标题"sysrun.rar_C 提升权限_sys run_sysrun_提升权限_提升进程权限"及描述中的内容进行详细解析。 首先,"sysrun"可能是一个自定义开发的工具,它包含了一个C源代码文件(sysrun.c)和一个可执行文件...
易语言进程权限提升及获取进程路径名
08-15
进程权限提升及获取进程路径名 系统结构:提升进程权限,列表,表项,取模块路径,Module32First,ExtractIconA,打开进程,获取线程,打开令牌,恢复权限,获取令牌特权,CreateToolhelp32Snapshot, ======窗口程
易语言源码提升权限.7z
04-08
在Windows操作系统中,提升权限通常指的是获取更高的系统访问控制权限,例如从普通用户权限提升到管理员权限,这在执行一些需要特殊权限的操作时是必要的。 易语言提供了丰富的内置函数和模块,使得开发者可以方便...
32位/64位WINDOWS驱动之进程保护
a756598009的博客
06-19 1648
加载驱动代码里面加入破解驱动签名限制代码在创建驱动设备后面,在调用一下安装内存保护();//函数在到驱动卸载里面调用一下卸载内存保护();//函数开发环境设置方式是:右击项目,选择属性;选中配置属性中的链接器,点击命令行;在其它选项中输入: /INTEGRITYCHECK 表示设置;/INTEGRITYCHECK:NO 表示不设置。对于使用sources文件编译的方式,增加LINKER_FLAGS=/INTEGRITYCHECK。
Windows核心编程 跨进程操作
最新发布
qq_61553520的博客
11-24 1342
Winodws核心编程 跨进程使用句柄,跨进程操作内存
远程线程技术
frog845的专栏
10-13 417
远程线程技术指的是通过在另一个进程中创建远程线程的方法进入那个进程的内存地址空间。我们知道,在进程中,可以通过createthread函数创建线程,被创建的新线程与主线程(就是进程启动时被同时自动建立的那个线程)共享地址空间以及其他的资源。但是很少有人知道,通过createremotethread也同样可以在另一个进程内创建新线程,被创建的远程线程同样可以共享远程进程(是远程进程耶!)的地址空间,
对象回调实现进程保护
Cosmopolitan的博客
10-08 1064
#include <ntddk.h> #define PROCESS_TERMINATE 1 #define PROCESS_VM_OPERATION 0x0008 #define PROCESS_VM_READ 0x0010 #define PROCESS_VM_WRITE 0x0020 typedef struct _L...
C#内存修改
weixin_30904593的博客
11-12 514
先通过 System.Diagnostics.Process类获取想要编辑的进程 调用API [Flags] public enum ProcessAccessType { PROCESS_TERMINATE = (0x0001),...
关于获取进程句柄的问题
轻疯 清风
01-25 7808
使用CreateProcess创建一个进程后,PROCESS_INFORMATION结构中会包含进程的handle,和唯一存在的进程ID 而后使用openprocess打开进程时,根据第一个参数 (dwDesiredAccess:想拥有的该进程访问权限PROCESS_ALL_ACCESS  //所有能获得的权限PROCESS_CREATE_PROCESS  //需要创建一个进程PR
Windows Process句柄权限
u011442768的博客
11-16 1180
在看到ARK工具上的Process句柄权限数值觉得当时理解有点模糊,来写个Blog加深印象。 PROCESS_ALL_ACCESS 对应1FFFFF 低16位从低位到高位分别对应 0:PROCESS_TERMINATE 0x0001 1:PROCESS_CREATE_THREAD 0x0002 2:PROCESS_SET_SESSIONID 0x0004 3:PROCESS_VM_OPERATION 0x0008 ---------------- 4:PROCESS_VM_READ 0x0010
VC++动态链接库编程
独旅天涯
01-27 854
从前文可知,DLL在程序编制中可作出巨大贡献,它提供了具共性代码的复用能力。但是,正如一门高深的武学,若被掌握在正义之侠的手上,便可助其仗义江湖;但若被掌握在邪恶之徒的手上,则必然在江湖上掀起腥风血雨。DLL正是一种这样的武学。DLL一旦染上了魔性,就不再是正常的DLL程序,而是DLL木马,一种恶贯满盈的病毒,令特洛伊一夜之间国破家亡。    DLL木马的原理   DLL木马的实现原理
Linux SGID标志与目录权限进程控制
它们主要用于某些特殊程序,如`su`或`sudo`,以允许用户临时提升权限。 6. **文件系统用户ID和文件系统用户组ID**:fuid和fgid是针对文件系统操作的权限,如读、写和执行,它们与euid和egid共同决定了进程对文件的...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值