坏小子 - 2007-5-15 23:15:00
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs,TLHelp32,Psapi, StdCtrls;
type
TForm1 = class(TForm)
ListBox1: TListBox;
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
Type
_TOKEN_USER = Record
user:SID_AND_ATTRIBUTES;
end;
TTokenUser = ^_TOKEN_USER;
{$R *.dfm}
procedure TForm1.FormCreate(Sender: TObject);
var
TokenHandle : Thandle;
Tkp : TTokenPrivileges;
Zero : DWORD;
SnapShotHandle : Thandle;
Ft : Bool;
PEntry : TProcessEntry32;
ProHandle : Thandle ;
TokenInfo : TTokenUser;
CbTokenInfo : DWORD;
UserName ,DName: String;
CbUserName,CbDName: DWORD;
St : SID_NAME_USE;
begin
OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY,TokenHandle);//提升权限
LookUpPrivilegeValue(nil,'SeDebugPrivilege',Tkp.privileges[0].Luid);
Tkp.PrivilegeCount := 1 ;
Tkp.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED ;
AdjustTokenPrivileges(TokenHandle,False,Tkp,sizeof(Tkp),nil,Zero);
SnapShotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);//枚举进程
PEntry.dwSize := Sizeof(TProcessEntry32);
Ft := Process32First(SnapShotHandle,PEntry);
while Ft do
Begin
ProHandle := OpenProcess(PROCESS_ALL_ACCESS,False,PEntry.th32ProcessID );
OpenProcessToken(ProHandle,TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY or TOKEN_READ, TokenHandle);//获取进程用户名
GetTokenInformation(TokenHandle,TokenUser,@TokenInfo,Sizeof(TTokenUser),CbTokenInfo);
SetLength(UserName,CbUserName);
SetLength(DName,CbDName);
LookupAccountSid(nil,TokenInfo.user.Sid ,Pchar(UserName),CbUserName,Pchar(DName),CbDName,St);
UserName := PChar(UserName);
Listbox1.Items.add(UserName);
Ft := Process32Next(SnapShotHandle,PEntry);
end;
end;
end.
请各位大虾给看看,代码中有什么不对的地方,俺初学编程,怎么也不能编译通过
- 2007-5-18 19:47:00
获取进程用户 我没试过,也没关心过
我是菜鸟,不如你到微软(AU)的去看看
有没有什么好的函数,这值不知道有没
有作用,不过获取用户干什么,你做系统?
要是我不会去获取什么进程用户,要自己
有系统权限,那还有点用,用户显示是跟
着一个服务走的,服务没了用户也没显示
了!
© 2000 - 2026 Rising Corp. Ltd.