保存
UNICODE_STRING *GetProcessUsername()
{
HANDLE token;
TOKEN_USER* TokenUser = NULL;
NTSTATUS status;
//PULONG len;
//int index;
//SID *sid;
LUID luid;
UNICODE_STRING userName;
PSecurityUserData userInformation = NULL;
status=ZwOpenProcessTokenEx(NtCurrentProcess(), GENERIC_READ, OBJ_KERNEL_HANDLE, &token);
//ZwQueryInformationToken(token, (TOKEN_INFORMATION_CLASS)TokenUser, NULL, 0, &len); //to get required length
if (!NT_SUCCESS(status))
{
KdPrint(("ZwOpenProcessTokenEx(): ZwOpenProcessTokenEx fail\n"));
return NULL;
}
//sid= (SID*)TokenUser->User.Sid;
//
status = SeQueryAuthenticationIdToken(token, &luid);
if (!NT_SUCCESS(status))
{
KdPrint(("SeQueryAuthenticationIdToken(): SeQueryAuthenticationIdToken fail\n"));
return NULL;
}
status = GetSecurityUserInfo(&luid, UNDERSTANDS_LONG_NAMES, &userInformation);
if (!NT_SUCCESS(status))
{
KdPrint(("GetSecurityUserInfo(): GetSecurityUserInfo fail\n"));
return NULL;
}
userName.Length = 0;
userName.MaximumLength = userInformation->UserName.Length;
userName.Buffer = ExAllocatePool(NonPagedPool, userName.MaximumLength);
if (userName.Buffer==NULL)
{
KdPrint(("GetUserName(): ExAllocatePool fail\n"));
return NULL;
}
RtlCopyUnicodeString(&userName, &userInformation->UserName);
return &userName;
}
这个函数一执行就蓝屏
调试了一下问题在
SeQueryAuthenticationIdToken
这个函数上
很着急啊,明天就要交货了,
那位大侠帮帮我!!!!!!!!!!!!!!!!!!!!!
扫一扫
1783
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
