[转]一段精巧的代码~~ring3文件占坑大法
#include <windows.h>BOOL OccupyFile( LPCTSTR lpFileName );
int main()
{
OccupyFile("c:\\aaa111.txt");
return 0;
}
void RaiseToDebugP()
{
HANDLE hToken;
HANDLE hProcess = GetCurrentProcess();
if ( OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken) )
{
TOKEN_PRIVILEGES tkp;
if ( LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tkp.Privileges[0].Luid) )
{
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
BOOL bREt = AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, NULL, 0) ;
}
CloseHandle(hToken);
}
}
BOOL OccupyFile( LPCTSTR lpFileName )
{
BOOL bRet;
RaiseToDebugP();
HANDLE hProcess = OpenProcess( PROCESS_DUP_HANDLE, FALSE, 4); // 4为system进程号
if ( hProcess == NULL )
{
hProcess = OpenProcess( PROCESS_DUP_HANDLE, FALSE, 8); // 2K下是 8??
if ( hProcess == NULL )
return FALSE;
}
HANDLE hFile;
HANDLE hTargetHandle;
hFile = CreateFile( lpFileName, GENERIC_READ, 0, NULL, CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL, NULL);
if ( hFile == INVALID_HANDLE_VALUE )
{
CloseHandle( hProcess );
return FALSE;
}
bRet = DuplicateHandle( GetCurrentProcess(), hFile, hProcess, &hTargetHandle,
0, FALSE, DUPLICATE_SAME_ACCESS|DUPLICATE_CLOSE_SOURCE);
CloseHandle( hProcess );
return bRet;
}