[MFC] 프로세스 접근 권한 얻기

프로세스에 대한 정보를 얻어오려면 권한이 없어서 읽어오지 못하는 경우가 있다.

그럴 경우에는 아래의 함수를 추가해주면 된다.

view plaincopy to clipboardprint?

1. BOOL SetPrivilege(HANDLE hToken,LPCTSTR Privilege, BOOL bEnablePrivilege)   
2. {   
3.     TOKEN_PRIVILEGES    tp;  
4.     LUID                        luid;  
5.     TOKEN_PRIVILEGES    tpPrevious;  
6.     DWORD cbPrevious    =sizeof(TOKEN_PRIVILEGES);  
7.       
8.     if(FALSE == LookupPrivilegeValue( NULL, Privilege, &luid ))  
9.     {  
10.         return FALSE;  
11.     }  
12.       
13.     tp.PrivilegeCount               = 1;  
14.     tp.Privileges[0].Luid           = luid;  
15.     tp.Privileges[0].Attributes   = 0;  
16.       
17.     AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), &tpPrevious, &cbPrevious);  
18.       
19.     if (GetLastError() != ERROR_SUCCESS)  
20.     {  
21.         return FALSE;  
22.     }  
23.       
24.     tpPrevious.PrivilegeCount       = 1;  
25.     tpPrevious.Privileges[0].Luid   = luid;  
26.       
27.     if(bEnablePrivilege)  
28.     {  
29.         tpPrevious.Privileges[0].Attributes = tpPrevious.Privileges[0].Attributes | (SE_PRIVILEGE_ENABLED);  
30.     }  
31.     else  
32.     {  
33.         tpPrevious.Privileges[0].Attributes = tpPrevious.Privileges[0].Attributes ^  
34.             (SE_PRIVILEGE_ENABLED &  
35.             tpPrevious.Privileges[0].Attributes);  
36.     }  
37.       
38.     AdjustTokenPrivileges(hToken, FALSE, &tpPrevious, cbPrevious, NULL, NULL);  
39.       
40.     if (GetLastError() != ERROR_SUCCESS)  
41.     {  
42.         return FALSE;  
43.     }  
44.       
45.     return TRUE;  
46. }  
47.   
48. BOOL AdjustDebugPrivilege()  
49. {  
50.     HANDLE hToken;  
51.     if(FALSE == OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken))  
52.     {  
53.         if (GetLastError() == ERROR_NO_TOKEN)  
54.         {  
55.             if (FALSE == ImpersonateSelf(SecurityImpersonation))  
56.             {  
57.                 return FALSE;  
58.             }  
59.               
60.             if(FALSE == OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken))  
61.             {  
62.                 AfxMessageBox("OpenThreadToken Error");  
63.                 return FALSE;  
64.             }  
65.         }  
66.           
67.         else  
68.         {  
69.             return FALSE;  
70.         }  
71.           
72.     }  
73.     SetPrivilege(hToken, SE_DEBUG_NAME, TRUE);  
74.     if(hToken != NULL)  
75.     {  
76.         CloseHandle(hToken);  
77.     }  
78.     return TRUE;      
79. }  
80.   
81. BOOL RestorePrivilege()  
82. {  
83.     HANDLE hToken;  
84.     if(FALSE == OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken))  
85.     {  
86.         if (GetLastError() == ERROR_NO_TOKEN)  
87.         {  
88.             if (FALSE == ImpersonateSelf(SecurityImpersonation))  
89.             {  
90.                 return FALSE;  
91.             }  
92.               
93.             if(FALSE == OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken))  
94.             {  
95.                 AfxMessageBox("OpenThreadToken Error");  
96.                 return FALSE;  
97.             }  
98.         }  
99.           
100.         else  
101.         {  
102.             return FALSE;  
103.         }  
104.           
105.     }  
106.       
107.     SetPrivilege(hToken, SE_DEBUG_NAME, FALSE);  
108.     if(hToken != NULL)  
109.     {  
110.         CloseHandle(hToken);  
111.     }  
112.     return TRUE;  
113. }  

BOOL SetPrivilege(HANDLE hToken,LPCTSTR Privilege, BOOL bEnablePrivilege) { TOKEN_PRIVILEGES tp; LUID luid; TOKEN_PRIVILEGES tpPrevious; DWORD cbPrevious =sizeof(TOKEN_PRIVILEGES); if(FALSE == LookupPrivilegeValue( NULL, Privilege, &luid )) { return FALSE; } tp.PrivilegeCount = 1; tp.Privileges[0].Luid = luid; tp.Privileges[0].Attributes = 0; AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), &tpPrevious, &cbPrevious); if (GetLastError() != ERROR_SUCCESS) { return FALSE; } tpPrevious.PrivilegeCount = 1; tpPrevious.Privileges[0].Luid = luid; if(bEnablePrivilege) { tpPrevious.Privileges[0].Attributes = tpPrevious.Privileges[0].Attributes | (SE_PRIVILEGE_ENABLED); } else { tpPrevious.Privileges[0].Attributes = tpPrevious.Privileges[0].Attributes ^ (SE_PRIVILEGE_ENABLED & tpPrevious.Privileges[0].Attributes); } AdjustTokenPrivileges(hToken, FALSE, &tpPrevious, cbPrevious, NULL, NULL); if (GetLastError() != ERROR_SUCCESS) { return FALSE; } return TRUE; } BOOL AdjustDebugPrivilege() { HANDLE hToken; if(FALSE == OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken)) { if (GetLastError() == ERROR_NO_TOKEN) { if (FALSE == ImpersonateSelf(SecurityImpersonation)) { return FALSE; } if(FALSE == OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken)) { AfxMessageBox("OpenThreadToken Error"); return FALSE; } } else { return FALSE; } } SetPrivilege(hToken, SE_DEBUG_NAME, TRUE); if(hToken != NULL) { CloseHandle(hToken); } return TRUE; } BOOL RestorePrivilege() { HANDLE hToken; if(FALSE == OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken)) { if (GetLastError() == ERROR_NO_TOKEN) { if (FALSE == ImpersonateSelf(SecurityImpersonation)) { return FALSE; } if(FALSE == OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, FALSE, &hToken)) { AfxMessageBox("OpenThreadToken Error"); return FALSE; } } else { return FALSE; } } SetPrivilege(hToken, SE_DEBUG_NAME, FALSE); if(hToken != NULL) { CloseHandle(hToken); } return TRUE; }

CreateToolhelp32Snapshot() 같은 함수로 프로세스나 모듈을 열기전에,
AdjustDebugPrivilege() 함수로 권한을 획득해주고, 핸들을 닫은 후에 RestorePrivilege() 함수로 권한을 반환해 주면 된다.