Preliminary Implementation of shutdown applets

Source: Internet
Author: User

Today, a bunch of people in the dormitory are playing games, so they can't sleep, and they are decisive. They will send out the preliminary implementation of the shutdown gadgets that have been struggling for a while and some precautions as their own memo records, it also serves as a reference for others.

 

 
 
  1. #include <windows.h> 
  2. #include <iostream> 
  3. using namespace std; 
  4.  
  5. void AjustPrivilege_LOGOFF() 
  6.     HANDLE hToken; 
  7.     TOKEN_PRIVILEGES tkp_logoff; 
  8.      
  9.     OpenProcessToken( 
  10.         GetCurrentProcess(), 
  11.         TOKEN_ADJUST_PRIVILEGES | 
  12.         TOKEN_QUERY, 
  13.         &hToken 
  14.         ); 
  15.  
  16.     LookupPrivilegeValue( 
  17.         NULL, 
  18.         SE_DEBUG_NAME, 
  19.         &tkp_logoff.Privileges[0].Luid 
  20.         ); 
  21.  
  22.     tkp_logoff.PrivilegeCount=1; 
  23.     tkp_logoff.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED; 
  24.  
  25.     AdjustTokenPrivileges( 
  26.         hToken,    
  27.         FALSE,    
  28.         &tkp_logoff,    
  29.         0, 
  30.         (PTOKEN_PRIVILEGES)NULL,  
  31.         0); 
  32.  
  33. void AjustPrivilege_SHUTDOWN() 
  34.     HANDLE hToken; 
  35.     TOKEN_PRIVILEGES tkp_shutdown; 
  36.      
  37.     OpenProcessToken( 
  38.         GetCurrentProcess(), 
  39.         TOKEN_ADJUST_PRIVILEGES | 
  40.         TOKEN_QUERY, 
  41.         &hToken 
  42.         ); 
  43.  
  44.     LookupPrivilegeValue( 
  45.         NULL, 
  46.         SE_SHUTDOWN_NAME, 
  47.         &tkp_shutdown.Privileges[0].Luid 
  48.         ); 
  49.  
  50.     tkp_shutdown.PrivilegeCount=1; 
  51.     tkp_shutdown.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED; 
  52.  
  53.     AdjustTokenPrivileges( 
  54.         hToken,    
  55.         FALSE,    
  56.         &tkp_shutdown,    
  57.         0, 
  58.         (PTOKEN_PRIVILEGES)NULL,  
  59.         0); 
  60.  
  61. int main() 
  62.     int choose; 
  63.  
  64.     cout<<"choose:"<<endl<<"1-logoff"<<endl<<"2-shutdown"<<endl; 
  65.     cin>>choose; 
  66.  
  67.     switch(choose) 
  68.     { 
  69.     case 1: 
  70.         AjustPrivilege_LOGOFF(); 
  71.         ExitWindowsEx(EWX_LOGOFF,0); 
  72.         cout<<"now,logoff is start..."<<endl; 
  73.         break; 
  74.     case 2: 
  75.         AjustPrivilege_SHUTDOWN(); 
  76.         ExitWindowsEx(EWX_SHUTDOWN,0); 
  77.         cout<<"now,shutdown is start..."<<endl; 
  78.         break; 
  79.     default: 
  80.         cout<<"fuck!"<<endl; 
  81.         break; 
  82.     } 

The above is all the code so far.

The following is a brief analysis.

 

 

 
 
  1. void AjustPrivilege_LOGOFF() 
  2.     HANDLE hToken; 
  3.     TOKEN_PRIVILEGES tkp_logoff; 
  4.      
  5.     OpenProcessToken( 
  6.         GetCurrentProcess(), 
  7.         TOKEN_ADJUST_PRIVILEGES | 
  8.         TOKEN_QUERY, 
  9.         &hToken 
  10.         ); 
  11.  
  12.     LookupPrivilegeValue( 
  13.         NULL, 
  14.         SE_DEBUG_NAME, 
  15.         &tkp_logoff.Privileges[0].Luid 
  16.         ); 
  17.  
  18.     tkp_logoff.PrivilegeCount=1; 
  19.     tkp_logoff.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED; 
  20.  
  21.     AdjustTokenPrivileges( 
  22.         hToken,    
  23.         FALSE,    
  24.         &tkp_logoff,    
  25.         0, 
  26.         (PTOKEN_PRIVILEGES)NULL,  
  27.         0); 
  28.  
  29. void AjustPrivilege_SHUTDOWN() 
  30.     HANDLE hToken; 
  31.     TOKEN_PRIVILEGES tkp_shutdown; 
  32.      
  33.     OpenProcessToken( 
  34.         GetCurrentProcess(), 
  35.         TOKEN_ADJUST_PRIVILEGES | 
  36.         TOKEN_QUERY, 
  37.         &hToken 
  38.         ); 
  39.  
  40.     LookupPrivilegeValue( 
  41.         NULL, 
  42.         SE_SHUTDOWN_NAME, 
  43.         &tkp_shutdown.Privileges[0].Luid 
  44.         ); 
  45.  
  46.     tkp_shutdown.PrivilegeCount=1; 
  47.     tkp_shutdown.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED; 
  48.  
  49.     AdjustTokenPrivileges( 
  50.         hToken,    
  51.         FALSE,    
  52.         &tkp_shutdown,    
  53.         0, 
  54.         (PTOKEN_PRIVILEGES)NULL,  
  55.         0); 

The above two functions are used to obtain the permissions required for shutdown operations. This is a security measure added to windows after win2k. It should be noted that I had been entangled in this issue for four consecutive days during code writing. The following is a detailed explanation.

We can see that there is no big difference between the two functions, but why do I need to write two functions? At the beginning, I didn't know how to write it, so I only wrote one. However, the tragedy has emerged. Compare the two statements:

 

 
 
  1. LookupPrivilegeValue( 
  2.         NULL, 
  3.         SE_DEBUG_NAME, 
  4.         &tkp_logoff.Privileges[0].Luid 
  5.         ); 
  6.  
  7. LookupPrivilegeValue( 
  8.         NULL, 
  9.         SE_SHUTDOWN_NAME, 
  10.         &tkp_shutdown.Privileges[0].Luid 
  11.         ); 

Have you found that the second parameter is different. I didn't know the difference at the time. It was stuck here for a long time. Because only the first one is written, you can only log out. If only the first one is written, you can only shut down the system, no matter whether the parameters of the following ExitWindowsEx () function are EWX_LOGOFF or EWX_SHUTDOWN.

That is to say, we can understand that the final operation is mainly related to the LookupPrivilegeValue () function, while ExitWindowsEx () only plays a role in the final operation.<--- This part is my personal understanding. I hope Daniel can correct me.

Then let's look back at these two functions. Their role has been said to improve permissions. Therefore, it is convenient for some lazy readers not to go to Baidu or GOOGLE. We will analyze each statement, but will not explain it in detail, because I am not familiar with it myself ).

 

 
 
  1. OpenProcessToken(
  2. GetCurrentProcess(),
  3. TOKEN_ADJUST_PRIVILEGES |
  4. TOKEN_QUERY,
  5. &hToken
  6. );

This function is used to obtain the process tag. The last parameter is the handle created by myself.

 

 
 
  1. LookupPrivilegeValue( 
  2.         NULL, 
  3.         SE_DEBUG_NAME, 
  4.         &tkp_logoff.Privileges[0].Luid 
  5.         ); 

Obtain the unique identifier of the Local Machine. Note that if you need to shut down remotely, the parameters will change accordingly. For details, referLatest VersionMSDN.

 

 
 
  1. tkp_logoff.PrivilegeCount=1; 
  2. tkp_logoff.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED; 

The first statement is used to specify the number of operations, and the second statement is used to improve permission replication. I am not very clear about these two statements. For details, referLatest MSDN version.

 

 
 
  1. AdjustTokenPrivileges( 
  2.         hToken,    
  3.         FALSE,    
  4.         &tkp_logoff,    
  5.         0, 
  6.         (PTOKEN_PRIVILEGES)NULL,  
  7.         0); 

This function is used to enable or disable the privilege. An access token with TOKEN_ADJUST_PRIVILEGES access is not clear to me. For details, referLatest MSDN version.

 

At present, this completes, and only enables the program to operate the computer for logout and shutdown. Of course, if you want to add the restart or sleep functions, you can also, but remember to add the corresponding function. Just remember that functions correspond to operations. The next step is to implement the timing function. With my understanding of myself, viewing instances, analyzing instances, and writing code and testing, I can't take it for four days. It may take about one week to write the article, if a friend wants to finish reading this series, he may wait.<--- I guess no one looks back at what I wrote by cainiao (Laugh )...

 

In any case, please wait for the future.

This article is from the "cat nest" blog, please be sure to keep this source http://moowoo.blog.51cto.com/2665885/532388

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.