#include "stdafx.h"

#include <windows.h>

#include <iostream>

#include <COMDEF.H>

#include <stdio.h>

#include <Tlhelp32.h>

using namespace std;

typedef struct _UNICODE_STRING {

    USHORT Length;

    USHORT MaximumLength;

    PWSTR   Buffer;

} UNICODE_STRING, * PUNICODE_STRING;

//SystemProcessInformation

typedef struct _SYSTEM_PROCESS_INFORMATION

{

    DWORD             dwNextEntryOffset;

    DWORD             dwNumberOfThreads;

    LARGE_INTEGER     qSpareLi1;

    LARGE_INTEGER     qSpareLi2;

    LARGE_INTEGER     qSpareLi3;

    LARGE_INTEGER     qCreateTime;

    LARGE_INTEGER     qUserTime;

    LARGE_INTEGER     qKernelTime;

    UNICODE_STRING     ImageName;

    int                 nBasePriority;

    DWORD             dwProcessId;

    DWORD             dwInheritedFromUniqueProcessId;

    DWORD             dwHandleCount;

    DWORD             dwSessionId;

    ULONG             dwSpareUl3;

    SIZE_T             tPeakVirtualSize;

    SIZE_T             tVirtualSize;

    DWORD             dwPageFaultCount;

    DWORD             dwPeakWorkingSetSize;

    DWORD             dwWorkingSetSize;

    SIZE_T             tQuotaPeakPagedPoolUsage;

    SIZE_T             tQuotaPagedPoolUsage;

    SIZE_T             tQuotaPeakNonPagedPoolUsage;

    SIZE_T             tQuotaNonPagedPoolUsage;

    SIZE_T             tPagefileUsage;

    SIZE_T             tPeakPagefileUsage;

    SIZE_T             tPrivatePageCount;

    LARGE_INTEGER     qReadOperationCount;

    LARGE_INTEGER     qWriteOperationCount;

    LARGE_INTEGER     qOtherOperationCount;

    LARGE_INTEGER     qReadTransferCount;

    LARGE_INTEGER     qWriteTransferCount;

    LARGE_INTEGER     qOtherTransferCount;

}SYSTEM_PROCESS_INFORMATION;

/*----------------------------------------------------

       函数说明: 动态加载动库文件

           输入参数: pDllName 库文件名称,pProcName导出函数名字

           输出参数: 无

           返回值   : 返回函数的的地址

----------------------------------------------------*/

VOID* GetDllProc(const TCHAR* pDllName, const CHAR* pProcName)

{

    HMODULE         hMod;

    hMod = LoadLibrary(pDllName);

    if (hMod == NULL)

        return NULL;

    return GetProcAddress(hMod, pProcName);

}

//宏定义函数的指针

typedef LONG(WINAPI* Fun_NtQuerySystemInformation) (int   SystemInformationClass,

    OUT PVOID SystemInformation,

    IN ULONG SystemInformationLength,

    OUT ULONG* pReturnLength OPTIONAL);

typedef BYTE(WINAPI* Fun_WinStationGetProcessSid)(HANDLE hServer, DWORD   ProcessId,

    FILETIME   ProcessStartTime, PBYTE pProcessUserSid, PDWORD dwSidSize);

typedef VOID(WINAPI* Fun_CachedGetUserFromSid)(PSID pSid, PWCHAR pUserName, PULONG cbUserName);

#define STATUS_INFO_LENGTH_MISMATCH         ((LONG)0xC0000004L)

#define SystemProcessInformation         5 

/*------------------------------------------------------------------

     函数说明: 获取系统进程的信息

         输入参数: SYSTEM_PROCESS_INFORMATION

         输出参数: 无

--------------------------------------------------------------------*/

BOOL GetSysProcInfo(SYSTEM_PROCESS_INFORMATION * *ppSysProcInfo)

{

    Fun_NtQuerySystemInformation     _NtQuerySystemInformation;

    _NtQuerySystemInformation = (Fun_NtQuerySystemInformation)::GetDllProc(TEXT("NTDLL.DLL"), "NtQuerySystemInformation");

    if (_NtQuerySystemInformation == NULL)

        return FALSE;

    DWORD         dwSize =  * ;

    VOID* pBuf = NULL;

    LONG         lRetVal;

    while(true)

    {

        if (pBuf)

            free(pBuf);

        pBuf = (VOID*)malloc(dwSize);

        lRetVal = _NtQuerySystemInformation(SystemProcessInformation,pBuf, dwSize, NULL);

        if (STATUS_INFO_LENGTH_MISMATCH != lRetVal)

            break;

        dwSize *= ;

    }

    if (lRetVal == )

    {

        *ppSysProcInfo = (SYSTEM_PROCESS_INFORMATION*)pBuf;

        return TRUE;

    }

    free(pBuf);

    return FALSE;

}

BOOL GetProcessUser(DWORD dwPid, _bstr_t* pbStrUser)

{

    Fun_WinStationGetProcessSid         _WinStationGetProcessSid;

    Fun_CachedGetUserFromSid         _CachedGetUserFromSid;

    _WinStationGetProcessSid = (Fun_WinStationGetProcessSid)

        GetDllProc(TEXT("Winsta.dll"), "WinStationGetProcessSid");

    _CachedGetUserFromSid = (Fun_CachedGetUserFromSid)

        GetDllProc(TEXT("utildll.dll"), "CachedGetUserFromSid");

    if (_WinStationGetProcessSid == NULL || _CachedGetUserFromSid == NULL)

        return FALSE;

    BYTE         cRetVal;

    FILETIME     ftStartTime;

    DWORD         dwSize;

    BYTE* pSid;

    BOOL         bRetVal, bFind;

    SYSTEM_PROCESS_INFORMATION* pProcInfo, * pCurProcInfo;

    bRetVal = GetSysProcInfo(&pProcInfo);

    if (bRetVal == FALSE || pProcInfo == NULL)

        return FALSE;

    bFind = FALSE;

    pCurProcInfo = pProcInfo;

    for (;;)

    {

        if (pCurProcInfo->dwProcessId == dwPid)

        {

            memcpy(&ftStartTime, &pCurProcInfo->qCreateTime, sizeof(ftStartTime));

            bFind = TRUE;

            break;

        }

        if (pCurProcInfo->dwNextEntryOffset == )

            break;

        pCurProcInfo = (SYSTEM_PROCESS_INFORMATION*)((BYTE*)pCurProcInfo +

            pCurProcInfo->dwNextEntryOffset);

    }

    if (bFind == FALSE)

    {

        free(pProcInfo);

        return FALSE;

    }

    cRetVal = _WinStationGetProcessSid(NULL, dwPid, ftStartTime, NULL, &dwSize);

    if (cRetVal != )

        return FALSE;

    pSid = new BYTE[dwSize];

    cRetVal = _WinStationGetProcessSid(NULL, dwPid, ftStartTime, pSid, &dwSize);

    if (cRetVal == )

    {

        delete[] pSid;

        return FALSE;

    }

    WCHAR   szUserName[];

    _CachedGetUserFromSid(pSid, szUserName, &dwSize);

    delete[] pSid;

    if (dwSize == )

        return FALSE;

    *pbStrUser = szUserName;

    return TRUE;

}

void AdjustPrivilege()

{

    HANDLE hToken;

    if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&hToken))

    {

        printf("OpenProcessToken error\n");

        return;

    }

    LUID myLUID;

    LookupPrivilegeValue(NULL,SE_DEBUG_NAME, &myLUID);

    TOKEN_PRIVILEGES tp={sizeof(tp)};

    tp.PrivilegeCount=;

    tp.Privileges[].Luid=myLUID;

    tp.Privileges[].Attributes=SE_PRIVILEGE_ENABLED;

    if(AdjustTokenPrivileges(hToken,FALSE,&tp,sizeof(tp),NULL,NULL))

    {

        /*MessageBox(NULL,TEXT("权限提升成功"),TEXT(""),0);*/

    }

    CloseHandle(hToken);

}

int main()

{

    TCHAR szProcessName[] = TEXT("services.exe");

    BOOL bFind = FALSE;

    TCHAR ch[] = {  };

    _bstr_t bs;

    memcpy(&bs, ch, sizeof(bs));

    PROCESSENTRY32 pe32;

    pe32.dwSize = sizeof(pe32);

    HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,);//获取进程快照

    if(hProcessSnap == INVALID_HANDLE_VALUE)

        return false;

    BOOL bResult = Process32First(hProcessSnap,&pe32);

    AdjustPrivilege();

    while (bResult)

    {

          GetProcessUser(, &bs);

          bResult = Process32Next(hProcessSnap,&pe32);

    }    

        //    GetProcessUser(pi.th32ProcessID, &bs); //第一个参数写的是你的进程ID 

}

获取服务进程server.exe的pid(0号崩溃)的更多相关文章

  1. 怎样在windows下和linux下获取文件(如exe文件)的具体信息和属性

    版权声明:本文为博主原创文章.未经博主同意不得转载. https://blog.csdn.net/xmt1139057136/article/details/25620685 程序猿都非常懒.你懂的! ...

  2. vs2010旗舰版后,运行调试一个项目时调试不了,提示的是:无法使用“pc”附加到应用程序“webdev.webserver40.exe(PID:2260”

    具体问题描述: vs2010旗舰版后,运行调试一个项目时调试不了,能编译,按ctrl+f5 可以运行,但是就是调试就不行,提示的是:无法使用“pc”附加到应用程序“webdev.webserver40 ...

  3. Windows Server 2003服务器.net4.0+IIS6.0的服务器,IE11浏览器访问的不兼容性

    工作中发生了一件诡异的事情: 程序在Win7+.NET4.0+IIS7.5的服务器部署,IE8和IE11请求时,响应的样式都正常. 但是在美的同事反映说,Windows Server 2003服务器. ...

  4. Linux下0号进程的前世(init_task进程)今生(idle进程)----Linux进程的管理与调度(五)【转】

    前言 Linux下有3个特殊的进程,idle进程(PID = 0), init进程(PID = 1)和kthreadd(PID = 2) idle进程由系统自动创建, 运行在内核态 idle进程其pi ...

  5. linux的0号进程和1号进程

    linux的 0号进程 和 1 号进程 Linux下有3个特殊的进程,idle进程(PID = 0), init进程(PID = 1)和kthreadd(PID = 2) * idle进程由系统自动创 ...

  6. nfs mount 故障 mount.nfs: access denied by server while mounting 10.0.100.208:/backup_usb

    生产环境: 服务端centos7.2,客户端:ubuntu16.04 挂载出现的故障: root@HDCtrl100:/mnt# mount -t nfs 10.0.100.208:/backup_u ...

  7. 创建1M-1T的虚拟磁盘(内存盘)——使用破解版 Primo Ramdisk Server Edition v5.6.0

    破解版 Primo Ramdisk Server Edition v5.6.0下载: https://pan.lanzou.com/i0sgcne 步骤: 下载并解压后安装“Primo.Ramdisk ...

  8. 【java异常】org.springframework.web.util.NestedServletException: Handler processing failed;Can't connect to X11 window server using 'localhost:10.0' as the value of th

    tomcat工程中创建二维码失败.抛出异常Can't connect to X11 window server using 'localhost:10.0' as the value of th 因为 ...

  9. [转]HTTP Error 500.21 - Internal Server Error Handler "ExtensionlessUrlHandler-Integrated-4.0" has a bad module "ManagedPipelineHandler" in its module list

    1.错误 HTTP Error 500.21 - Internal Server Error Handler "ExtensionlessUrlHandler-Integrated-4.0& ...

随机推荐

  1. 记录redis 存放JSON字符串,在并发操作时读-改-写问题

    问题描述: 这里涉及到的问题其实就是普遍的读-改-写,redis可以保证每个操作的原子性,但是无法保证多个操作的原子性,解决的方法可以使用redis提供的multi和watch命令,具体使用如下:1. ...

  2. SQL GROUP BY两个列

    首先group by 的简单说明: group by 一般和聚合函数一起使用才有意义,比如 count sum avg等,使用group by的两个要素:   (1) 出现在select后面的字段 要 ...

  3. ORACLE DG 库参数db_file_name_convert和log_file_name_convert的作用

    https://www.cnblogs.com/xqzt/p/5089826.html ORACLE DG 库参数db_file_name_convert和log_file_name_convert的 ...

  4. VB6 Webbowser控件与JS交互,无边框和屏蔽右键菜单

    1. 屏蔽右键菜单  在菜单中单击"工程"->"引用",在列表中找到"Microsoft HTML Object Library"打上 ...

  5. 十七、jenkins运行robotframework脚本,配置自动发送邮件

    一.配置系统管理-系统设置: A.系统管理--系统设置--Jenkins Location-系统管理员邮件地址:配置管理员邮箱全称(qq,163等都可以) B.配置管理员邮箱属性: 1.输入smtp服 ...

  6. C++中的集合和字典

    https://blog.csdn.net/sinat_39037640/article/details/74080509

  7. leetcode 142. 环形链表 II(c++)

    给定一个链表,返回链表开始入环的第一个节点. 如果链表无环,则返回 null. 为了表示给定链表中的环,我们使用整数 pos 来表示链表尾连接到链表中的位置(索引从 0 开始). 如果 pos 是 - ...

  8. 阶段1 语言基础+高级_1-3-Java语言高级_07-网络编程_第2节 TCP协议_4_TCP通信的服务器端代码实现

    表示服务器的类是ServerSocket 启动服务器端 再启动客户端 客户端代码修改获取服务端会写的数据 先启动服务器端,再启动客户端 客户端打印: 服务器端读取:

  9. 阶段1 语言基础+高级_1-3-Java语言高级_06-File类与IO流_08 转换流_2_编码引出的问题_FileReader读取GBK格式文件

    IDEA默认的编码格式是UTF-8 新建一个txt文件.输入你好 ANSI就是系统默认编码.保存即可. 通过IDE打开是乱码的,因为默认打开的方式是UTF-8 转换为char类型 输出了乱码

  10. 安卓手机作为中继器-连接Wifi共享该Wifi给PC和手机

    工具 routernet.apk