查看进程令牌信息源代码

2016-02-19 13:59 33 1 收藏

每个人都希望每天都是开心的,不要因为一些琐事扰乱了心情还,闲暇的时间怎么打发,关注图老师可以让你学习更多的好东西,下面为大家推荐查看进程令牌信息源代码,赶紧看过来吧!

【 tulaoshi.com - 编程语言 】

    用过whoami吧,这个tokenInfor和它的功能相仿,不过是查看指定进程的用户信息和访问令牌信息。

    本版管理员不能查看普通用户进程的信息,功能完整的版本可以从www.red8black.com上下载。

    用法如下:
D:E:projectsinforlccinfor.exe /?
TokenInfor tell Token Infor and Owner Infor of Specify Process, -- bingle

Usage : E:projectsinforlccinfor.exe [pid]
pid -- ID of target process, if not provide, use current process
-?|/? -- show this.

如果没有指定进程ID就查询当前进程,也就是tinfor自己了,就和whoami一样了。

(本文来源于图老师网站,更多请访问http://www.tulaoshi.com/bianchengyuyan/)

D:tinfor 160
TokenInfor tell Token Infor and Owner Infor of Specify Process, -- bingle

Token Information of Process ID = 160.
Execute File Path = ??D:WINNTsystem32csrss.exe.

User Name : NT AUTHORITYSYSTEM S-1-5-18

Belong to 3 groups
[group 0] "BUILTINAdministrators" S-1-5-32-544
[group 1] "Everyone" S-1-1-0
[group 2] "NT AUTHORITYAuthenticated Users" S-1-5-11

Have 21 Privileges
[Privilege 0] SeTcbPrivilege - 以操作系统方式操作
[Privilege 1] SeCreateTokenPrivilege - 创建记号对象
[Privilege 2] SeTakeOwnershipPrivilege - 取得文件或其它对象的所有权
[Privilege 3] SeCreatePagefilePrivilege - 创建页面文件
[Privilege 4] SeLockMemoryPrivilege - 内存中锁定页
[Privilege 5] SeAssignPrimaryTokenPrivilege - 替换进程级记号
[Privilege 6] SeIncreaseQuotaPrivilege - 添加配额
[Privilege 7] SeIncreaseBasePriorityPrivilege - 增加进度优先级
[Privilege 8] SeCreatePermanentPrivilege - 创建永久共享对象
[Privilege 9] SeDebugPrivilege - 调试程序
[Privilege 10] SeAuditPrivilege - 产生安全审核
[Privilege 11] SeSecurityPrivilege - 管理审核和安全日志
[Privilege 12] SeSystemEnvironmentPrivilege - 修改固件环境值
[Privilege 13] SeChangeNotifyPrivilege - 跳过遍历检查
[Privilege 14] SeBackupPrivilege - 备份文件和目录
[Privilege 15] SeRestorePrivilege - 还原文件和目录
[Privilege 16] SeShutdownPrivilege - 关闭系统
[Privilege 17] SeLoadDriverPrivilege - 装载和卸载设备驱动程序
[Privilege 18] SeProfileSingleProcessPrivilege - 配置单一进程
[Privilege 19] SeSystemtimePrivilege - 更改系统时间
[Privilege 20] SeUndockPrivilege - 从插接工作站中取出计算机

Token Type : Primary Token
OpenProcessToken QUERY_SOURCE error : 5

whoami.exe是一个有错误的debug版tokenInfor程序,什么错误,你调试看看把,这个错误不影响

程序的主要功能,程序代码的实现也没有问题。不要用vc重新编译whoami.c,否则错误就没有了。

vc和lcc有点不同。

源程序
/**
TokenInfor tell Token Infor and Owner Infor of Specify Process
--bingle, bingle@email.com.cn
*/

#include
#include
#include
#include

#define UULEN 256
#define true 1
#define false 0

typedef DWORD GetModuleFileNameExType(
HANDLE hProcess, // handle to the process
HMODULE hModule, // handle to the module
LPTSTR lpFilename, // buffer that receives the path
DWORD nSize // size of the buffer
);
GetModuleFileNameExType *GetModuleFileNameExAddr;
HMODULE psapi;

int GetUserNameFromToken(HANDLE htoken, char user[]);
int OutPutGroupsFromToken(HANDLE htoken);
int OutPutPrivilegesFromToken(HANDLE htoken);
int OutPutTokenType(TOKEN_STATISTICS *tstat);
int GetProcessTokenSource(HANDLE hp, char src[]);
int EnableDebugPriv(int fEnable);

void Usage(char *prog)
{
printf(" Usage : [pid]", prog);
printf("pid -- ID of target process, if not provide, use current process");
printf("-?|/? -- show this. ");

exit(0);
}

int LoadPsapi()
{
psapi = LoadLibrary("psapi.dll");
GetModuleFileNameExAddr = NULL;
if(psapi == NULL) return 0;
GetModuleFileNameExAddr = (GetModuleFileNameExType*)GetProcAddress(psapi, "GetModuleFileNameExA");
if(GetModuleFileNameExAddr == NULL)
{
psapi = NULL;
return 0;
}
return 1;
}

int main(int argc,char *argv[])
{
printf("TokenInfor tell Token Infor and Owner Infor of Specify Process, -- bingle");
if(argc == 2 && strcmp(argv[1], "/?") == 0)Usage(argv[0]);
if(argc == 2 && strcmp(argv[1], "-?") == 0)Usage(argv[0]);

HANDLE hp , htoken;
char buff[1024];
unsigned long size = 1024, ret, procID;

hp = htoken = INVALID_HANDLE_VALUE;
if(argc 1)procID= atoi(argv[1]);
else procID = GetCurrentProcessId();

if(procID == 0)
{
printf(" Bad Process ID provided!!");
Usage(argv[0]);
}

if((ret = EnableDebugPriv(1)) != 0)printf("EnableDebugPriv(1) error : 0 ", ret);
hp = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, false, procID);
ret = GetLastError();
EnableDebugPriv(0);
if(hp == NULL)
{
printf("Unable to open target process ID=0. Error : 0", procID, ret);
exit(0);
}

printf("Token Information of Process ID = 0.", procID);
if(LoadPsapi())
{
ret = GetModuleFileNameExAddr(hp, NULL, buff, 1024);
if(ret)printf("Execute File Path = .", buff);
else printf("Get Execute File Path Error : 0.", GetLastError());
FreeLibrary(psapi);
}else printf("Cannot Get Execute File Path, Load Psapi.dll Error.");

puts("");

ret = OpenProcessToken(hp, TOKEN_QUERY, &htoken);
if(!ret)
{
printf("OpenProcessToken QUERY error : 0", GetLastError());
goto exit_main;
}

if(GetUserNameFromToken(htoken, buff))
printf("User Name : ", buff);

OutPutGroupsFromToken(htoken);

(本文来源于图老师网站,更多请访问http://www.tulaoshi.com/bianchengyuyan/)

OutPutPrivilegesFromToken(htoken);

size = 1024;
TOKEN_STATISTICS *tstat;
if(!GetTokenInformation(htoken, TokenStatistics, (void*)buff, size, &size))
{
printf("GetTokenInformation TokenStatistics error : 0", GetLastError());
goto exit_main;
}
tstat = (TOKEN_STATISTICS *)buff;
OutPutTokenType(tstat);

char src[10];
if(GetProcessTokenSource(hp, src))
printf("Token source : ", src);

exit_main:
if(htoken != INVALID_HANDLE_VALUE)CloseHandle(htoken);
if(hp != INVALID_HANDLE_VALUE)CloseHandle(hp);
return 0;
}

int GetUserNameFromToken(HANDLE htoken, char user[])
{
char buff[1024], tusr[UULEN], domain[UULEN];
unsigned long size;

TOKEN_USER *tuser;
PSID sid;
SID_NAME_USE snu;

size = 1024;
if(!GetTokenInformation(htoken, TokenUser, (void*)buff, size, &size))
{
printf("GetTokenInformation error : 0", GetLastError());
return false;
}

tuser = (TOKEN_USER*)buff;
sid = tuser-User.Sid;
size = UULEN;
if(!LookupAccountSid(NULL, sid, tusr, &size, domain, &size, &snu))
{
printf("LookupAccountSid error : 0", GetLastError());
return false;
}
sprintf(user, "", domain, tusr);

return true;
}

int OutPutGroupsFromToken(HANDLE htoken)
{
char buff[1024];
unsigned long size = 1024;
TOKEN_GROUPS *tgrps;
if(!GetTokenInformation(htoken, TokenGroups, (void*)buff, size, &size))
{
printf("GetTokenInformation TokenGroups error : 0", GetLastError());
return false;
}
tgrps = (TOKEN_GROUPS *)buff;
printf("Belong to 0 groups", tgrps-GroupCount);

PSID sid;
char group[UULEN], domain[UULEN];
SID_NAME_USE snu;
for(int i = 0; i tgrps-GroupCount; i++)
{
sid = tgrps-Groups[i].Sid;
size = UULEN;
if(!LookupAccountSid(NULL, sid, group, &size, domain, &size, &snu))
printf("[group 0] error : 0", i, GetLastError());
else printf("[group 0] ", i, domain, group);
}

return true;
}

int OutPutPrivilegesFromToken(HANDLE htoken)
{
char buff[1024];
unsigned long size = 1024;
TOKEN_PRIVILEGES *tpriv;
if(!GetTokenInformation(htoken, TokenPrivileges, (void*)buff, size, &size))
{
printf("GetTokenInformation TokenPrivileges error : 0", GetLastError());
return false;
}
tpriv = (TOKEN_PRIVILEGES *)buff;
printf("Have 0 Privileges", tpriv-PrivilegeCount);

LUID_AND_ATTRIBUTES la;
char spriv[UULEN], sdisp[UULEN * 2];
for(int i = 0; i tpriv-PrivilegeCount; i++)
{
la = tpriv-Privileges[i];
size = UULEN;
LookupPrivilegeName(NULL, &la.Luid, spriv, &size);
size = UULEN * 2;
if(!LookupPrivilegeDisplayName(NULL, spriv, sdisp, &size, &size))
printf("[Privilege 0] error : 0", i, GetLastError());
else printf("[Privilege 0] - ", i, spriv, sdisp);
}
return true;
}

int OutPutTokenType(TOKEN_STATISTICS *tstat)
{
if(tstat-TokenType == TokenPrimary)
printf("Token Type : Primary Token");
else printf("Token Type : Impersonation Token");

struct IMPERSONATION_LEVEL
{
SECURITY_IMPERSONATION_LEVEL il;
char *dsp;
}imperLevel[4];
imperLevel[0].il = SecurityAnonymous;
imperLevel[0].dsp = "SecurityAnonymous -- The server process cannot obtain identification information
about the client and it cannot impersonate the client. It is defined with no value given,
and thus, by ANSI C rules, defaults to a value of 0.";
imperLevel[1].il = SecurityIdentification;
imperLevel[1].dsp = "SecurityIdentification -- The server process can obtain information about the client,
such as security identifiers and privileges, but it cannot impersonate the client.
This is useful for servers that export their own objects — for example,
database products that export tables and views. Using the retrieved client-security
information, the server can make access-validation decisions without being able to utilize
other services using the client's security context.";
imperLevel[2].il = SecurityImpersonation;
imperLevel[2].dsp = "SecurityImpersonation -- The server process can impersonate the client's security context
on its local system. The server cannot impersonate the client on remote systems.";
imperLevel[3].il = SecurityDelegation;
imperLevel[3].dsp = "SecurityDelegation -- The server process can impersonate the client's security context
on remote systems.
Windows NT: This impersonation level is not supported.
Windows 2000: This impersonation level is supported.";

来源:http://www.tulaoshi.com/n/20160219/1605892.html

延伸阅读
标签: Web开发
AjaxTags项目是在现有的Struts HTML标记库的基础上,添加对AJAX支持。 AjaxTags改写了Struts标签类org.apache.struts.taglib.html.FormTag和org.apache.struts.taglib.html.BaseHandlerTag,并使用Struts的plugin技术,使得Struts提供了对AJAX的支持。 以下是jsp中简单的示例: html:form action="example1" ajaxRef="example1"> ...
标签: PHP
  其实写这几篇代码的时间不过近三天而已,事前即没有经过详细思考和计划(可以说一点计划都没有)那天想起做个论坛试试,于是就做起来了,而我也是才接触了将近一个月时间的PHP,以前也没真正写过程序之类的东东,在写这段代码的两天半时间里,有好几次遇到困难,都想放弃,但是我还是写出来了,而且没想到居然能用,所以中间可能有很多...
标签: PHP
  主界面,也就是显示主题列表的这页。 //foxbbs.php 功能:显示论坛的主题 <HTML <HEAD <TITLE狐网论坛</TITLE <STYLE type=text/css P {FONT-FAMILY: normal; FONT-SIZE: 9pt; LINE-HEIGHT: 14pt} DIV {FONT-FAMILY: normal; FONT-SIZE: 9pt; LINE-HEIGHT: 14pt} </STYLE <LINK href="js/lfox.css&...
最后我们要做的工作,就是把每一页,或者你认为重要的关键的页面进行加密,就OK啦。怎样对网页的源代码进行加密就不用我多说了吧?网上到处都有,可以用工具,也可以自己写一个htm文件来转换。加密软件,我推荐“Batch HTML Encryptor”,去google找吧。还有转换加密网页的代码如下: 〈HTML〉〈HEAD〉〈TITLE〉网页加密解密〈/TITLE〉 ...
ps命令 前面介绍的两个命令都是用于查看当前系统用户的情况,下面就来看看进程的情况,这也是本章的主题.要对进程进行监测和控制,首先必须要了解当前进程的情况,也就是需要查看当前进程,而ps命令就是最基本同时也是非常强大的进程查看命令.使用该命令可以确定有哪些进程正在运行和运行的状态、进程是否结束、进程有没有僵尸、哪些进程...

经验教程

211

收藏

54
微博分享 QQ分享 QQ空间 手机页面 收藏网站 回到头部