记得刚学C++的时候,喜欢研究API,当时同事有一个高手,写了段代码,我在写程序的时候,莫明妙的,机器突然关掉了!我正在纳闷的时候,我听到了他的奸笑!

       原来是他干的,后来我研究了好久InitiateSystemShutdown这个API函数,了解被作弄的原理了,因为我的机器加入了Windows的域,而且域的超级用户我也设置成对我本机有Administrator权限,所以,他才有机可乘!后来写了以下这段代码,让他也在工作的时候被我远程关机,爽啊!学了新东西,又以其人之道还施彼身!

//ShutDownSystem函数是关本地,自己的机器

BOOL CAlarmClockDlg::ShutDownSystem()

{

   HANDLE hToken;

   TOKEN_PRIVILEGES tkp;

  

   // Get a token for this process.

 

   if (!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))

      AfxMessageBox(“OpenProcessToken”);

 

   // Get the LUID for the shutdown privilege.

 

   LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME,&tkp.Privileges[0].Luid);

 

   tkp.PrivilegeCount = 1;  // one privilege to set   

   tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

 

   // Get the shutdown privilege for this process.

 

   AdjustTokenPrivileges(hToken, FALSE, &tkp, 0,(PTOKEN_PRIVILEGES)NULL, 0);

 

   

   if(GetLastError()!= ERROR_SUCCESS)

     AfxMessageBox(“AdjustTokenPrivileges”);

 

   // Shut down the system and force all applications to close.

 

   if(!ExitWindowsEx(EWX_SHUTDOWN|EWX_FORCE, 0))

   {

      return FALSE; 

   }

   else

   {

      return TRUE;

   }

  

  

}

//shutdownHost这个就是远程关机的C++函数了!hostName可以是机器IP,也可以是机器名字!

BOOL CAlarmClockDlg::shutdownHost(CString hostName)

{

    HANDLE hToken; // handle to process token

 TOKEN_PRIVILEGES tkp; // pointer to token structure

 BOOL fResult; // system shutdown flag

 // Get the current process token handle so we can get shutdown

 // privilege.

 if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))

     AfxMessageBox(“OpenProcessToken failed.”);

 // Get the LUID for shutdown privilege.

 LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &tkp.Privileges[0].Luid);

 tkp.PrivilegeCount = 1; // one privilege to set

 tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

 // Get shutdown privilege for this process.

 AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES) NULL, 0);

 // Cannot test the return value of AdjustTokenPrivileges.

 if (GetLastError() != ERROR_SUCCESS)

    AfxMessageBox(“AdjustTokenPrivileges enable failed.”);

 // Display the shutdown dialog box and start the time-out countdown.

 fResult = InitiateSystemShutdown(“192.168.100.245”, // shut down local computer

    “Click on the main window and press the Escape key to cancel shutdown.”, // message to user

  1, // time-out period

  FALSE, // ask user to close apps   //注意这一段API调用!

  FALSE); // reboot after shutdown


 if (!fResult)

 {

     AfxMessageBox(“InitiateSystemShutdown failed.”);

 }

 // Disable shutdown privilege.

 tkp.Privileges[0].Attributes = 0;

 AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES) NULL, 0);

 if (GetLastError() != ERROR_SUCCESS)

 {

      AfxMessageBox(“AdjustTokenPrivileges disable failed.”);

 }

    return TRUE;

}

版权声明:本文为linzhanyu原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://www.cnblogs.com/linzhanyu/articles/136427.html