黑客编程例子

#include "stdio.h" #include "windows.h" #include "winbase.h" #include "tlhelp32.h" #pragma comment(lib,"kernel32.lib") #pragma comment(lib,"advapi32.lib") #pragma comment (lib, "urlmon.lib") //提升本进程权限 void EnableDebugPriv( void ) { HANDLE hToken; TOKEN_PRIVILEGES tkp;OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken); LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME,&tkp.Privileges[0].Luid); tkp.PrivilegeCount = 1; tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; AdjustTokenPrivileges(hToken, FALSE, &tkp, 0,(PTOKEN_PRIVILEGES)NULL, 0); CloseHandle( hToken ); } //文件下载 int DownloadFile(char *sURL) { HRESULT hr; hr = URLDownloadToFile(0, sURL, "e:/a.jpg", 0, 0); if(hr==S_OK) return 0; else return 1; } //取得系统版本 int GetOsVer(void) { OSVERSIONINFO winfo; winfo.dwOSVersionInfoSize=sizeof(OSVERSIONINFO); GetVersionEx(&winfo); if(winfo.dwPlatformId==VER_PLATFORM_WIN32_NT) return 1; else return 0; } //根据进程ID杀进程 pskill(int id) { HANDLE hProcess=NULL;//打开目标进程 DWORD ret=TerminateProcess(hProcess,0); hProcess=OpenProcess(PROCESS_TERMINATE,FALSE,id); if (hProcess==NULL) { printf("/nOpen Process fAiled:%d/n",GetLastError()); return -1; } //结束目标进程 if(ret==0) { printf("%d",GetLastError()); } return -1; } int main(void) { char *sURL="http://www.jxbiz.com/shop.asp"; int id=0; //进程列举 HANDLE hSnApshot= CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); if (GetOsVer()) printf("Your system is winnt!/n"); else printf("Your system is win98!/n"); if(hSnApshot!=INVALID_HANDLE_VALUE) { PROCESSENTRY32 te={sizeof(te)}; BOOL f0k = Process32First(hSnApshot,&te); for(;f0k;f0k=Process32Next(hSnApshot,&te)) { printf("Pid: %d %s/n",te.th32ProcessID ,te.szExeFile ); } } CloseHandle(hSnApshot);//杀进程 printf("the process's id which you want to kill:"); scanf("%d",&id); EnableDebugPriv(); //提升权限 pskill(id); //下载文件 if (DownloadFile(sURL)==0) printf("down successful!/n"); else printf("error!/n"); //EnableDebugPriv(); // 关机 //ExitWindowsEx(EWX_SHUTDOWN | EWX_FORCE, 0); return 0; }