/// <summary>
/// 关闭端口
/// </summary>
public void Close()
{
if (IsOpen && iHandle != IntPtr.Zero)
{
WindowsAPI.CloseHandle(iHandle);
this.IsOpen = false;
}
}
/// <summary>
/// 开启新线程运行asm代码
/// </summary>
/// <param name="asmCode"></param>
/// <param name="pid"></param>
public static void RunAsm(byte[] asmCode, int pid)
{
IntPtr hwnd = IntPtr.Zero;
IntPtr addre = IntPtr.Zero;
IntPtr threadhwnd = IntPtr.Zero;
if (pid != 0)
{
IntPtr hProcess = WindowsAPI.OpenProcess(ProcessAccess.PROCESS_ALL_ACCESS | ProcessAccess.PROCESS_CREATE_THREAD | ProcessAccess.PROCESS_VM_WRITE, 0, pid);
hwnd = hProcess;
if (hwnd != IntPtr.Zero)
{
addre = WindowsAPI.VirtualAllocEx(hwnd, 0, asmCode.Length, ProcessAccess.MEM_COMMIT, ProcessAccess.PAGE_EXECUTE_READWRITE);
WindowsAPI.WriteProcessMemory(hwnd, addre, asmCode, asmCode.Length, 0);
threadhwnd = WindowsAPI.CreateRemoteThread(hwnd, 0, 0, addre, 0, 0, ref pid);
WindowsAPI.VirtualFreeEx(hwnd, addre, asmCode.Length, ProcessAccess.MEM_RELEASE);
WindowsAPI.CloseHandle(threadhwnd);
WindowsAPI.CloseHandle(hwnd);
}
}
}
/// <summary>
/// 提升Debug权限
/// </summary>
/// <param name="enable"></param>
public static void EnablePrivilege(bool enable)
{
TOKEN_PRIVILEGES tp = new TOKEN_PRIVILEGES();
IntPtr tokenHaldle = IntPtr.Zero;
bool secc = WindowsAPI.OpenProcessToken(WindowsAPI.GetCurrentProcess(), TOKEN.TOKEN_ADJUST_PRIVILEGES, ref tokenHaldle);
secc = WindowsAPI.LookupPrivilegeValue(null, SystemName.SE_DEBUG_NAME, ref tp.Privileges.Luid);
tp.PrivilegeCount = 1;
if (enable)
{
tp.Privileges.Attributes = ConstValues.SE_PRIVILEGE_ENABLED;
}
else
{
tp.Privileges.Attributes = 0;
}
secc = WindowsAPI.AdjustTokenPrivileges(tokenHaldle, false, ref tp, Marshal.SizeOf(tp), IntPtr.Zero, IntPtr.Zero);
WindowsAPI.CloseHandle(tokenHaldle);
}