Es gibt viele Methoden, ein Programm mit einem Schutz zu versehen, um die Ausführung zu verhindern oder zu autorisieren.
Der folgende Code demonstriert, wie man sein Programm individuell mit den Windows Logon Daten schützen kann. Das heißt, das Programm benötigt den Namen und das Windows Logon Passwort für das System, um die Ausführung zu autorisieren, ähnlich wie beim Linux-System.
(*======================================================================*
| Project : |
| Unit : MpuWinNT.pas |
| |
| Notes : Contains header translations from WinNT.h and LM.h and |
| functions only available on Windows NT and higher |
| |
| Version Date By Description |
| ------- ---------- ---- ------------------------------------------|
| 1.0 - MPu |
| 2.0 2004-10-01 MPu Added user-account managing functions |
| 2.1 2004-11-18 MPu Added CreateProcessWithLogonW |
| 2.2 2005-07-08 MPu Added MessageBoxCheck |
| 2.2 2005-07-11 MPu Added CreateTimerQueueTimer |
| 2.3 2005-10-12 MPu Added NetUserModalsGet |
| 3.0 2005-11-14 MPu Moved Usermanager API function |
| deklarations from MpuWinNT.pas to |
| MpuNTUser.pas |
| 3.1 2006-02-09 MPu EnablePrivilege |
| 3.2 2006-07-04 MPu MessageBoxTimeOut |
| |
*======================================================================*)
unit MpuWinNT;
interface
uses
windows;
type
LPBYTE = PBYTE;
///// CreateProcess //////
type
TStartupInfoW = record
cb: DWORD;
lpReserved: LPWSTR;
lpDesktop: LPWSTR;
lpTitle: LPWSTR;
dwX: DWORD;
dwY: DWORD;
dwXSize: DWORD;
dwYSize: DWORD;
dwXCountChars: DWORD;
dwYCountChars: DWORD;
dwFillAttribute: DWORD;
dwFlags: DWORD;
wShowWindow: WORD;
cbReserved2: WORD;
lpReserved2: LPBYTE;
hStdInput: THANDLE;
hStdOutput: THANDLE;
hStdError: THANDLE;
end;
PStartupInfoW = ^TStartupInfoW;
PPROCESS_INFORMATION = ^PROCESS_INFORMATION;
{$EXTERNALSYM PPROCESS_INFORMATION}
TProcessInformation = record
hProcess: THandle;
hThread: THandle;
dwProcessId: DWORD;
dwThreadId: DWORD;
end;
PProcessInformation = ^TProcessInformation;
const
STARTF_USESHOWWINDOW = $00000001;
STARTF_USESIZE = $00000002;
STARTF_USEPOSITION = $00000004;
STARTF_USECOUNTCHARS = $00000008;
STARTF_USEFILLATTRIBUTE = $00000010;
STARTF_RUNFULLSCREEN = $00000020;
STARTF_FORCEONFEEDBACK = $00000040;
STARTF_FORCEOFFFEEDBACK = $00000080;
STARTF_USESTDHANDLES = $00000100;
STARTF_USEHOTKEY = $00000200;
LOGON_WITH_PROFILE = $00000001;
LOGON_NETCREDENTIALS_ONLY = $00000002;
LOGON_ZERO_PASSWORD_BUFFER = DWORD($80000000);
CREATE_DEFAULT_ERROR_MODE = $04000000;
CREATE_NEW_CONSOLE = $00000010;
CREATE_NEW_PROCESS_GROUP = $00000200;
CREATE_SEPARATE_WOW_VDM = $00000800;
CREATE_SUSPENDED = $00000004;
CREATE_UNICODE_ENVIRONMENT = $00000400;
////////////////////////////////////////////////////////////////////////////////
/// CreateTimerQueueTimer //////////////////////////////////////////////////////
type
WAITORTIMERCALLBACKFUNC = procedure(P: Pointer; B: ByteBool); stdcall;
WAITORTIMERCALLBACK = WAITORTIMERCALLBACKFUNC;
function CreateProcessWithLogonW(lpUsername, lpDomain, lpPassword: LPWSTR; dwLogonFlags: dword; lpApplicationName,
lpCommandLine: LPWSTR; dwCreationFlags: dword; lpEnvironment: pointer; lpCurrentDirectory: LPWSTR; lpStartupInfo:
PStartUpInfoW; lpProcessInfo: PProcessInformation): boolean; stdcall; external 'advapi32.dll';
function CreateTimerQueueTimer(var phNewTimer: THandle; TimerQueue: THandle; Callback: WAITORTIMERCALLBACK; Parameter:
Pointer; DueTime, Period: DWORD; Flags: ULONG): BOOL; stdcall; external 'kernel32.dll' name 'CreateTimerQueueTimer';
function DeleteTimerQueueTimer(TimerQueue, Timer, CompletionEvent: THandle): BOOL; stdcall; external 'kernel32.dll' name
'DeleteTimerQueueTimer';
/// MessageboxCheck ///////////////////////////////////////////////////////////
{$WARN SYMBOL_PLATFORM OFF} // warnings SYMBOL_PLATFORM off -> index
function MessageBoxCheck(hWnd: THandle; Text: PChar; Title: PChar; dwType: DWORD; Default: Integer; RegVal: PChar):
Integer; stdcall; external 'shlwapi.dll' index 185;
{$WARN SYMBOL_PLATFORM ON}
/// MessageBoxTimeOut /////////////////////////////////////////////////////////
const
MB_TIMEDOUT = 32000;
function MessageBoxTimeOut(hWnd: HWND; lpText: PChar; lpCaption: PChar; uType: UINT; wLanguageId: WORD; dwMilliseconds:
DWORD): Integer; stdcall; external user32 name 'MessageBoxTimeoutA'
function MessageBoxTimeOutA(hWnd: HWND; lpText: PChar; lpCaption: PChar; uType: UINT; wLanguageId: WORD;
dwMilliseconds: DWORD): Integer; stdcall; external user32 name 'MessageBoxTimeoutA'
function MessageBoxTimeOutW(hWnd: HWND; lpText: PWideChar; lpCaption: PWideChar; uType: UINT; wLanguageId: WORD;
dwMilliseconds: DWORD): Integer; stdcall; external user32 name 'MessageBoxTimeoutW'
function EnablePrivilege(const Privilege: string; fEnable: Boolean; out PreviousState: Boolean): DWORD;
implementation
function EnablePrivilege(const Privilege: string; fEnable: Boolean; out PreviousState: Boolean): DWORD;
var
Token : THandle;
NewState : TTokenPrivileges;
Luid : TLargeInteger;
PrevState : TTokenPrivileges;
Return : DWORD;
begin
SetLastError(0); // Clear last system error state
PreviousState := True;
if (GetVersion() > $80000000) then // Win9x
Result := ERROR_SUCCESS
else // WinNT
begin
if OpenProcessToken(GetCurrentProcess(), MAXIMUM_ALLOWED, Token) then
begin
try
if LookupPrivilegeValue(nil, PChar(Privilege), Luid) then
begin
NewState.PrivilegeCount := 1;
NewState.Privileges[0].Luid := Luid;
if fEnable then
NewState.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED
else
NewState.Privileges[0].Attributes := 0;
if AdjustTokenPrivileges(Token, False, NewState, SizeOf(TTokenPrivileges), PrevState, Return) then
begin
PreviousState := (PrevState.Privileges[0].Attributes and SE_PRIVILEGE_ENABLED <> 0);
end;
end;
finally
CloseHandle(Token);
end;
end;
Result := GetLastError;
end;
end;
end.
uses MpuWinNT
const
LOGON_WITH_PROFILE = $00000001;
//
function CreateProcessWithLogonW(
lpUsername,
lpDomain,
lpPassword:PWideChar;
dwLogonFlags:dword;
lpApplicationName: PWideChar;
lpCommandLine: PWideChar;
dwCreationFlags: DWORD;
lpEnvironment: Pointer;
lpCurrentDirectory: PWideChar;
lpStartupInfo: PStartupInfoW;
lpProcessInformation: PProcessInformation
): BOOL; stdcall; external 'advapi32.dll';
function CreateProcessAsLogon(const User, PW, Application, CmdLine: WideString):
LongWord;
var
si : TStartupInfoW;
pif : TProcessInformation;
begin
ZeroMemory(@si, sizeof(si));
si.cb := sizeof(si);
si.dwFlags := STARTF_USESHOWWINDOW;
si.wShowWindow := 1;
SetLastError(0);
CreateProcessWithLogonW(PWideChar(User), nil, PWideChar(PW),
LOGON_WITH_PROFILE, nil, PWideChar(Application+' "'+CmdLine+'"'),
CREATE_DEFAULT_ERROR_MODE, nil, nil, @si, @pif);
Result := GetLastError;
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
CreateProcessAsLogon('hackbard', // Logon User Name
'Geheim', // Logon Password
'C:\myProgram.exe', // Start Program
'C') // Partition CMDLine
end;
Keine Kommentare:
Kommentar veröffentlichen