eahydra · September 19, 2012 05:09
diff --git a/open_registry.c b/open_registry.c
 BOOL TerminateProcessByPid(DWORD Pid)
 {
    BOOL Result = FALSE;
    HANDLE ProcessHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, Pid);
    if (ProcessHandle != NULL)
    {
        Result = TerminateProcess(ProcessHandle, 0);
        CloseHandle(ProcessHandle);
    }

    return Result;
 }

 BOOL TerminateProcessByName(const std::basic_string<TCHAR>& Name)
 {
    HANDLE SnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
    if (SnapShot == INVALID_HANDLE_VALUE)
        return 0;

    PROCESSENTRY32 ProcessEntry = {0};
    ProcessEntry.dwSize = sizeof(PROCESSENTRY32);
    if (!Process32First(SnapShot,&ProcessEntry))
    {
        CloseHandle(SnapShot);
        return 0;
    }

    DWORD Pid = 0;

    do
    {
        if (ProcessEntry.th32ProcessID == 0)
        {
            continue;
        }

        if (ustd::CompareStringNoCase<TCHAR>(Name, ProcessEntry.szExeFile) == 0)
        {
            Pid = ProcessEntry.th32ProcessID;
            break;
        }

    } while (Process32Next(SnapShot,&ProcessEntry));

    CloseHandle(SnapShot);

    return TerminateProcessByPid(Pid);
 }

 bool AdjustPrivileges(const TString& Name,bool IsRemove)
 {
 	HANDLE TokenHandle = NULL;
 	if (!OpenProcessToken(GetCurrentProcess(),TOKEN_ALL_ACCESS,&TokenHandle))
 	{
 		return false;
 	}

 	TOKEN_PRIVILEGES TokenPrivileges = {0};
 	LookupPrivilegeValue(NULL,Name.c_str(),&TokenPrivileges.Privileges->Luid);

 	TokenPrivileges.PrivilegeCount = 1;
 	TokenPrivileges.Privileges->Attributes = IsRemove ? 0 : SE_PRIVILEGE_ENABLED;
 	if (AdjustTokenPrivileges(TokenHandle,FALSE,&TokenPrivileges,sizeof(TOKEN_PRIVILEGES),NULL,NULL))
 	{
 		CloseHandle(TokenHandle);
 		return true;
 	}

 	CloseHandle(TokenHandle);
 	return false;
 }

 void testOpenReg(int argc, TCHAR **argv)
 {
    if (argc != 2)
        return;

    AdjustPrivileges(SE_DEBUG_NAME, false);

    TerminateProcessByName(_T("Regedit.exe"));

    std::basic_string<TCHAR> TargetKey(argv[1]);
    HKEY KeyHandle = NULL;
    DWORD Disposition = 0;
    LONG Result = RegCreateKeyEx(HKEY_CURRENT_USER,
                          _T("Software\\Microsoft\\Windows\\CurrentVersion\\Applets\\Regedit"),
                                 0,
                                 NULL,
                                 REG_OPTION_NON_VOLATILE,
                                 KEY_ALL_ACCESS,
                                 NULL,
                                 &KeyHandle,
                                 &Disposition);
    if (Result == ERROR_SUCCESS)
    {
        TargetKey.insert(0, _T("计算机\\"));
        RegSetValueEx(KeyHandle, 
                      _T("LastKey"), 
                      NULL, 
                      REG_SZ, 
                      (CONST BYTE *)TargetKey.c_str(), 
                      TargetKey.size() * sizeof(TCHAR));
        RegCloseKey(KeyHandle);
    }

    ShellExecute(NULL, NULL, _T("Regedit.exe"), NULL, NULL, SW_SHOW);

    return;
 }

 int _tmain(int argc,TCHAR **argv)
 {
    testOpenReg(argc, argv);
    return 1;
 }
	BOOL TerminateProcessByPid(DWORD Pid)
	{
	BOOL Result = FALSE;
	HANDLE ProcessHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, Pid);
	if (ProcessHandle != NULL)
	{
	Result = TerminateProcess(ProcessHandle, 0);
	CloseHandle(ProcessHandle);
	}

	return Result;
	}

	BOOL TerminateProcessByName(const std::basic_string<TCHAR>& Name)
	{
	HANDLE SnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
	if (SnapShot == INVALID_HANDLE_VALUE)
	return 0;

	PROCESSENTRY32 ProcessEntry = {0};
	ProcessEntry.dwSize = sizeof(PROCESSENTRY32);
	if (!Process32First(SnapShot,&ProcessEntry))
	{
	CloseHandle(SnapShot);
	return 0;
	}

	DWORD Pid = 0;

	do
	{
	if (ProcessEntry.th32ProcessID == 0)
	{
	continue;
	}

	if (ustd::CompareStringNoCase<TCHAR>(Name, ProcessEntry.szExeFile) == 0)
	{
	Pid = ProcessEntry.th32ProcessID;
	break;
	}

	} while (Process32Next(SnapShot,&ProcessEntry));

	CloseHandle(SnapShot);

	return TerminateProcessByPid(Pid);
	}

	bool AdjustPrivileges(const TString& Name,bool IsRemove)
	{
	HANDLE TokenHandle = NULL;
	if (!OpenProcessToken(GetCurrentProcess(),TOKEN_ALL_ACCESS,&TokenHandle))
	{
	return false;
	}

	TOKEN_PRIVILEGES TokenPrivileges = {0};
	LookupPrivilegeValue(NULL,Name.c_str(),&TokenPrivileges.Privileges->Luid);

	TokenPrivileges.PrivilegeCount = 1;
	TokenPrivileges.Privileges->Attributes = IsRemove ? 0 : SE_PRIVILEGE_ENABLED;
	if (AdjustTokenPrivileges(TokenHandle,FALSE,&TokenPrivileges,sizeof(TOKEN_PRIVILEGES),NULL,NULL))
	{
	CloseHandle(TokenHandle);
	return true;
	}

	CloseHandle(TokenHandle);
	return false;
	}

	void testOpenReg(int argc, TCHAR **argv)
	{
	if (argc != 2)
	return;

	AdjustPrivileges(SE_DEBUG_NAME, false);

	TerminateProcessByName(_T("Regedit.exe"));

	std::basic_string<TCHAR> TargetKey(argv[1]);
	HKEY KeyHandle = NULL;
	DWORD Disposition = 0;
	LONG Result = RegCreateKeyEx(HKEY_CURRENT_USER,
	_T("Software\\Microsoft\\Windows\\CurrentVersion\\Applets\\Regedit"),
	0,
	NULL,
	REG_OPTION_NON_VOLATILE,
	KEY_ALL_ACCESS,
	NULL,
	&KeyHandle,
	&Disposition);
	if (Result == ERROR_SUCCESS)
	{
	TargetKey.insert(0, _T("计算机\\"));
	RegSetValueEx(KeyHandle,
	_T("LastKey"),
	NULL,
	REG_SZ,
	(CONST BYTE *)TargetKey.c_str(),
	TargetKey.size() * sizeof(TCHAR));
	RegCloseKey(KeyHandle);
	}

	ShellExecute(NULL, NULL, _T("Regedit.exe"), NULL, NULL, SW_SHOW);

	return;
	}

	int _tmain(int argc,TCHAR **argv)
	{
	testOpenReg(argc, argv);
	return 1;
	}