請問要如何限制使用者將電腦關機? |
答題得分者是:RootKit
|
ktopbrad
一般會員 發表:15 回覆:33 積分:9 註冊:2007-03-15 發送簡訊給我 |
|
davidsun
初階會員 發表:57 回覆:71 積分:25 註冊:2002-04-14 發送簡訊給我 |
強迫關機:
[code delphi] function ExitWindows(RebootParam: Longword): Boolean; var TTokenHd: THandle; TTokenPvg: TTokenPrivileges; cbtpPrevious: DWORD; rTTokenPvg: TTokenPrivileges; pcbtpPreviousRequired: DWORD; tpResult: Boolean; const SE_SHUTDOWN_NAME = 'SeShutdownPrivilege'; begin if Win32Platform = VER_PLATFORM_WIN32_NT then begin tpResult := OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, TTokenHd); if tpResult then begin tpResult := LookupPrivilegeValue(nil, SE_SHUTDOWN_NAME, TTokenPvg.Privileges[0].Luid); TTokenPvg.PrivilegeCount := 1; TTokenPvg.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED; cbtpPrevious := SizeOf(rTTokenPvg); pcbtpPreviousRequired := 0; if tpResult then Windows.AdjustTokenPrivileges(TTokenHd, False, TTokenPvg, cbtpPrevious, rTTokenPvg, pcbtpPreviousRequired); end; end; Result := ExitWindowsEx(RebootParam, 0); end; // 下面八個動作中任選一種執行 .... // 一般關閉,關閉前會詢問其它執行中的程式是否存檔 //ExitWindowsEx(EWX_LOGOFF,0); // 登出, 重新登入使用者 //ExitWindowsEx(EWX_REBOOT,0); // 重新開機 //ExitWindowsEx(EWX_SHUTDOWN,0); // 結束作業系統,出現"您可以放心關機畫面" //ExitWindowsEx(EWX_POWEROFF,0); // 結束作業系統,並關閉電源(僅支援ATX 規格) // 強制關閉,其它執行中的應用程式資料並不會被儲存 //ExitWindowsEx(EWX_LOGOFF | EWX_FORCE,0); // 登出, 重新登入使用者 //ExitWindowsEx(EWX_REBOOT | EWX_FORCE,0); // 重新開機 //ExitWindowsEx(EWX_SHUTDOWN | EWX_FORCE,0); // 結束作業系統 //ExitWindowsEx(EWX_POWEROFF | EWX_FORCE,0); // 結束作業系統,並關閉電源 } [/code] 至於不准關機(除非拔掉電源) 應該也是可以,攔截 ExitWindowsEx API , (API HOOK) 應該就可以了 |
RootKit
資深會員 發表:16 回覆:358 積分:419 註冊:2008-01-02 發送簡訊給我 |
|
ktopbrad
一般會員 發表:15 回覆:33 積分:9 註冊:2007-03-15 發送簡訊給我 |
|
RootKit
資深會員 發表:16 回覆:358 積分:419 註冊:2008-01-02 發送簡訊給我 |
[code delphi]
--------------library: library ShutdownHooks; {$IMAGEBASE $42800000} uses Windows, madCodeHook, sysutils; // *************************************************************** var ExitWindowsExNext : function (flags, reserved: dword) : bool; stdcall; InitiateSystemShutdownWNext : function (pc, msg: pwideChar; timeOut: dword; force, reboot: bool) : bool; stdcall; InitiateSystemShutdownExWNext : function (pc, msg: pwideChar; timeOut: dword; force, reboot, reason: bool) : bool; stdcall; procedure log(s:string); var f:textfile; begin assignfile(f,'c:\hooking.log'); try append(f); except rewrite(f); end; writeln(f,s); closefile(f); end; function IsShutdownAllowed(flags: dword) : boolean; var b1 : boolean; begin log('IsShutdownAllowed'); b1 := false; if SendIpcMessage('ShutdownIpcQueue', @flags, 4, @b1, 1, 5000, false) and (not b1) then begin result := false; SetLastError(ERROR_ACCESS_DENIED); end else result := true; end; function ExitWindowsExCallback(flags, reserved: dword) : bool; stdcall; begin log('ExitWindowsExCallback'); result := IsShutdownAllowed(flags) and ExitWindowsExNext(flags, reserved); end; function GetShutdownFlags(force, reboot: boolean) : dword; begin log('GetShutdownFlags'); if reboot then result := EWX_REBOOT else result := EWX_SHUTDOWN; if force then result := result or EWX_FORCE; end; function InitiateSystemShutdownWCallback(pc, msg: pwideChar; timeOut: dword; force, reboot: bool) : bool; stdcall; begin log('InitiateSystemShutdownWCallback'); result := IsShutdownAllowed(GetShutdownFlags(force, reboot)) and InitiateSystemShutdownWNext(pc, msg, timeOut, force, reboot); end; function InitiateSystemShutdownExWCallback(pc, msg: pwideChar; timeOut: dword; force, reboot, reason: bool) : bool; stdcall; begin log('InitiateSystemShutdownExWCallback'); result := IsShutdownAllowed(GetShutdownFlags(force, reboot)) and InitiateSystemShutdownExWNext(pc, msg, timeOut, force, reboot, reason); end; // *************************************************************** begin log('hook1 ok? ' booltostr(HookAPI( user32, 'ExitWindowsEx', @ExitWindowsExCallback, @ExitWindowsExNext),true)); log('hook2 ok? ' booltostr(HookAPI(advapi32, 'InitiateSystemShutdownW', @InitiateSystemShutdownWCallback, @InitiateSystemShutdownWNext),true)); log('hook3 ok? ' booltostr(HookAPI(advapi32, 'InitiateSystemShutdownExW', @InitiateSystemShutdownExWCallback, @InitiateSystemShutdownExWNext),true)); end. ---------end lib --------------program: program prog; uses windows, madcodehook, sysutils; var MayShutdown:boolean=false; procedure log(s:string); var f:textfile; begin assignfile(f,'c:\hooking.log'); try append(f); except rewrite(f); end; writeln(f,s); closefile(f); end; procedure ShutdownIpcQueue(name : pchar; messageBuf : pointer; messageLen : dword; answerBuf : pointer; answerLen : dword); stdcall; var s1 : string; begin boolean(answerBuf^) := MayShutdown; if not MayShutdown then begin if dword(messageBuf^) and EWX_LOGOFF <> 0 then s1 := 'You''re not allowed to log off.' else if dword(messageBuf^) and EWX_REBOOT <> 0 then s1 := 'You''re not allowed to restart Windows.' else s1 := 'You''re not allowed to shutdown Windows.'; log('ShutdownIpcQueue: ' s1); end; end; begin CreateIpcQueue('ShutdownIpcQueue', ShutdownIpcQueue); log('inject ok? ' booltostr(InjectLibrary(ALL_SESSIONS or SYSTEM_PROCESSES, 'ShutdownHooks.dll'),true)); end. [/code] |
ktopbrad
一般會員 發表:15 回覆:33 積分:9 註冊:2007-03-15 發送簡訊給我 |
本站聲明 |
1. 本論壇為無營利行為之開放平台,所有文章都是由網友自行張貼,如牽涉到法律糾紛一切與本站無關。 2. 假如網友發表之內容涉及侵權,而損及您的利益,請立即通知版主刪除。 3. 請勿批評中華民國元首及政府或批評各政黨,是藍是綠本站無權干涉,但這裡不是政治性論壇! |