uses
TlHelp32;
function AdjustProcessPrivilege(Processhandle: Thandle; Token_Name: pchar): boolean; //提权到Debugx级别 在W7或vista要管理员级别var
Token: cardinal;
TokenPri: _TOKEN_PRIVILEGES;
processDest: int64;
i: DWORD;
begin
Result := false;
if OpenProcessToken(Processhandle, TOKEN_ADJUST_PRIVILEGES, Token) then
begin
if LookupPrivilegeValue(nil, Token_Name, processDest) then
begin
TokenPri.PrivilegeCount := 1;
TokenPri.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
TokenPri.Privileges[0].Luid := processDest;
i := 0;
if AdjustTokenPrivileges(Token, false, TokenPri, sizeof(TokenPri), nil, i) then
Result := true;
end;
end;
CloseHandle(Token);
end;
procedure TForm1.FormCreate(Sender: TObject);
begin
AdjustProcessPrivilege(GetCurrentProcess, 'SeDebugPrivilege'); //
end;
procedure TForm1.btn1Click(Sender: TObject);
var
i: integer;
th32handle: THandle;
procstruct: TProcessEntry32;
pid, proname: string;
finded: boolean;
item: TListItem;
begin
i:=0; //初始化变量i
lv1.GridLines:=True;
lv1.ViewStyle:=vsReport;
lv1.Clear;
//列出所有进程
th32handle := CreateToolHelp32Snapshot(TH32CS_SNAPPROCESS, 0); //uses Tlhelp32
try
procstruct.dwSize := sizeof(procstruct); //初始化procstruct
finded := Process32First(th32handle, procstruct);
while finded do
begin
proname := string(procstruct.szExeFile);
if not SameText(proname, '[System Process]') then
begin
pid := inttostr(procstruct.th32ProcessID);
item := lv1.Items.Add;
inc(i);
item.Caption := IntToStr(i);
item.SubItems.Add(proname);
item.SubItems.Add(PID);
end;
finded := Process32Next(th32handle, procstruct);
end;
finally
CloseHandle(th32handle);
end;
end;
