Windows消息PostMessage参数中-消息接收对象的试验

windows帮助文件
PostMessage

文档解释

  • hWnd

Type: HWND

A handle to the window whose window procedure is to receive the
message. The following values have special meanings.

Value Meaning:
HWND_BROADCAST ((HWND)0xffff) The message is posted to all top-level windows in the system, including disabled or invisible, unowned windows, overlapped windows, and pop-up windows. The message is not posted to child windows.
NULL The function behaves like a call to PostThreadMessage with the dwThreadId parameter set to the identifier of the current thread. Starting with Windows Vista, message posting is subject to UIPI. The thread of a process can post messages only to message queues of threads in processes of lesser or equal integrity level.

HWND_BROADCAST代表向所有顶层程序广播,NULL执行结果类似于调用PostThreadMessage, 消息发送到同进程的消息队列中

  • UIPI

UIPI 指 User Interface Privilege Isolation (用户界面特权隔离),是Windows NT 6.0后(即Vista)引入的一种新的安全特性,主要用于拦截接受对自身进程MIC等级还低的进程发来的消息。(来源:[百度百科]https://baike.baidu.com/item/UIPI/7448248)
作用:在一定程度上保证了系统安全,但也带来了兼容性问题。

  • 进程MIC等级:

上面提到UIPI是基于进程的MIC等级的,而在Windows NT6.0以后的系统里面,MIC一共可以分为六个等级:

SECURITY_MANDATORY_UNTRUSTED_RID 不信任的MIC等级
SECURITY_MANDATORY_LOW_RID 低MIC等级,如IE
SECURITY_MANDATORY_MEDIUM_RID 中MIC等级,如Explorer
SECURITY_MANDATORY_HIGH_RID 高MIC等级,以管理员身份运行的都是这个等级
SECURITY_MANDATORY_SYSTEM_RID 系统MIC等级,服务应用程序
SECURITY_MANDATORY_PROTECTED_PROCESS_RID 受保护进程的MIC等级

这里可以看到IE是低MIC等级的,主要是为了在一定程度上解决IE的安全性问题----即使很多病毒通过IE下来,但是由于本身是通过IE系统,相应的MIC等级过低,可以防止他对其他进程造成不良影响。

HWND赋值试验

HWND mAimApp = GetActiveWindow();
获得当前窗口句柄
bool ret = PostMessage(mAimApp,WM_CHAR,KeyAscii,1);
发送信号。
结果当前程序获得焦点的对象响应了输入信号

你可能感兴趣的:(WIndows)