delphi 如何获得其他进程的token
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
Edit1: TEdit;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
function EnabledSecuryPrivilege(procHandle:Cardinal;Const bEnabled:Boolean):Boolean;
var
hToken: THandle;
tp: TOKEN_PRIVILEGES;
a: DWORD;
const
SE_Security_NAME = 'SeSecurityPrivilege';
begin
Result := False;
if (OpenProcessToken(procHandle, TOKEN_QUERY, hToken)) then
begin
tp.PrivilegeCount := 1;
LookupPrivilegeValue(nil, SE_Security_NAME, tp.Privileges[0].Luid);//获得本地机唯一的标识
if bEnabled then
tp.Privileges[0].Attributes :=SE_PRIVILEGE_ENABLED
else
tp.Privileges[0].Attributes := 0;
a := 0;
AdjustTokenPrivileges(hToken, False, tp, SizeOf(tp), nil, a);
Result := GetLastError = ERROR_SUCCESS;
CloseHandle(hToken);
end;
end;
function GetUserAndDomainFromPID(ProcessId: DWORD;
var User, Domain: string): Boolean;
var
hToken: THandle;
cbBuf: Cardinal;
ptiUser: PSIDAndAttributes;
snu: SID_NAME_USE;
ProcessHandle: THandle;
UserSize, DomainSize: DWORD;
bSuccess: Boolean;
begin
Result := False;
User:='';
//SetPrivilege;
//EnabledDebugPrivilege(true,'SeSecurityPrivilege');
ProcessHandle := OpenProcess(PROCESS_QUERY_INFORMATION , False, ProcessId);
if ProcessHandle <> 0 then
begin
EnabledSecuryPrivilege(ProcessHandle,true);
if OpenProcessToken(ProcessHandle, TOKEN_QUERY or TOKEN_READ, hToken) then
begin
bSuccess := GetTokenInformation(hToken, TokenUser, nil, 0, cbBuf);
ptiUser := nil;
while (not bSuccess) and (GetLastError = ERROR_INSUFFICIENT_BUFFER) do
begin
ReallocMem(ptiUser, cbBuf);
bSuccess := GetTokenInformation(hToken, TokenUser, ptiUser, cbBuf, cbBuf);
end;
CloseHandle(hToken);
if not bSuccess then Exit;
UserSize := 0;
DomainSize := 0;
LookupAccountSid(nil, ptiUser.Sid, nil, UserSize, nil, DomainSize, snu);
if (UserSize <> 0) and (DomainSize <> 0) then
begin
SetLength(User, UserSize);
SetLength(Domain, DomainSize);
if LookupAccountSid(nil, ptiUser.Sid, PChar(User), UserSize,
PChar(Domain), DomainSize, snu) then
begin
Result := True;
User := StrPas(PChar(User));
Domain := StrPas(PChar(Domain));
end;
end;
FreeMem(ptiUser);
end;
CloseHandle(ProcessHandle);
end;
end;
procedure TForm1.Button1Click(Sender: TObject);
var
u,d:String;
begin
GetUserAndDomainFromPID(strtointdef(edit1.Text,0),u,d); // edit1.Text 里面天下 进程的 PID
showmessage(u);
end;
end.
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
Edit1: TEdit;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
function EnabledSecuryPrivilege(procHandle:Cardinal;Const bEnabled:Boolean):Boolean;
var
hToken: THandle;
tp: TOKEN_PRIVILEGES;
a: DWORD;
const
SE_Security_NAME = 'SeSecurityPrivilege';
begin
Result := False;
if (OpenProcessToken(procHandle, TOKEN_QUERY, hToken)) then
begin
tp.PrivilegeCount := 1;
LookupPrivilegeValue(nil, SE_Security_NAME, tp.Privileges[0].Luid);//获得本地机唯一的标识
if bEnabled then
tp.Privileges[0].Attributes :=SE_PRIVILEGE_ENABLED
else
tp.Privileges[0].Attributes := 0;
a := 0;
AdjustTokenPrivileges(hToken, False, tp, SizeOf(tp), nil, a);
Result := GetLastError = ERROR_SUCCESS;
CloseHandle(hToken);
end;
end;
function GetUserAndDomainFromPID(ProcessId: DWORD;
var User, Domain: string): Boolean;
var
hToken: THandle;
cbBuf: Cardinal;
ptiUser: PSIDAndAttributes;
snu: SID_NAME_USE;
ProcessHandle: THandle;
UserSize, DomainSize: DWORD;
bSuccess: Boolean;
begin
Result := False;
User:='';
//SetPrivilege;
//EnabledDebugPrivilege(true,'SeSecurityPrivilege');
ProcessHandle := OpenProcess(PROCESS_QUERY_INFORMATION , False, ProcessId);
if ProcessHandle <> 0 then
begin
EnabledSecuryPrivilege(ProcessHandle,true);
if OpenProcessToken(ProcessHandle, TOKEN_QUERY or TOKEN_READ, hToken) then
begin
bSuccess := GetTokenInformation(hToken, TokenUser, nil, 0, cbBuf);
ptiUser := nil;
while (not bSuccess) and (GetLastError = ERROR_INSUFFICIENT_BUFFER) do
begin
ReallocMem(ptiUser, cbBuf);
bSuccess := GetTokenInformation(hToken, TokenUser, ptiUser, cbBuf, cbBuf);
end;
CloseHandle(hToken);
if not bSuccess then Exit;
UserSize := 0;
DomainSize := 0;
LookupAccountSid(nil, ptiUser.Sid, nil, UserSize, nil, DomainSize, snu);
if (UserSize <> 0) and (DomainSize <> 0) then
begin
SetLength(User, UserSize);
SetLength(Domain, DomainSize);
if LookupAccountSid(nil, ptiUser.Sid, PChar(User), UserSize,
PChar(Domain), DomainSize, snu) then
begin
Result := True;
User := StrPas(PChar(User));
Domain := StrPas(PChar(Domain));
end;
end;
FreeMem(ptiUser);
end;
CloseHandle(ProcessHandle);
end;
end;
procedure TForm1.Button1Click(Sender: TObject);
var
u,d:String;
begin
GetUserAndDomainFromPID(strtointdef(edit1.Text,0),u,d); // edit1.Text 里面天下 进程的 PID
showmessage(u);
end;
end.
推荐分享
图文皆来源于网络,内容仅做公益性分享,版权归原作者所有,如有侵权请告知删除!
Copyright © 2014 DelphiW.com 开发 源码 文档 技巧 All Rights Reserved
晋ICP备14006235号-8 晋公网安备 14108102000087号
执行时间: 0.088064908981323 seconds