Windows自动登录源码
近来, 无聊之极, 将 AutoLogon反汇编, 玩玩..贴出代码如下:
1. 获取用户帐户及其域.
void CAutoLogonDlg::GetAccount(void) { HANDLE hProcess = GetCurrentProcess( ); HANDLE hToken = NULL; if ( OpenProcessToken( hProcess, TOKEN_QUERY, &hToken ) ) { DWORD dwInfoLen = 0; TOKEN_USER *ptuUser = 0; GetTokenInformation( hToken, TokenUser, NULL, 0, &dwInfoLen ); ptuUser = ( TOKEN_USER* )malloc( dwInfoLen ); if ( ptuUser == NULL ) { CloseHandle( hToken ); CloseHandle( hProcess ); return ; } if ( GetTokenInformation( hToken, TokenUser, ( LPVOID )ptuUser, dwInfoLen, &dwInfoLen ) ) { SID_NAME_USE snu; DWORD dwUsernameLen = MAX_PATH; DWORD dwDomainLen = MAX_PATH; WCHAR szUsername[ MAX_PATH ] = { 0 }; WCHAR szDomain [ MAX_PATH ] = { 0 }; if ( LookupAccountSid( NULL, ptuUser->User.Sid, szUsername, &dwUsernameLen, szDomain, &dwDomainLen, &snu ) ) { SetDlgItemText( IDC_EDIT_USERNAME, szUsername ); SetDlgItemText( IDC_EDIT_DOMAIN, szDomain ); } } free( ptuUser ); CloseHandle( hToken ); } CloseHandle( hProcess ); }
2. 设置自动登录.
void CAutoLogonDlg::SetAutoLogon( LPTSTR szUsername, LPTSTR szDomain, LPTSTR szPassword ) { if ( szUsername == NULL || szDomain == NULL || szPassword == NULL || lstrcmp( L"", szUsername ) == 0 || lstrcmp( L"", szDomain ) == 0 || lstrcmp( L"", szPassword ) == 0 ) { MessageBox( L"Set AutoLogon failed" ); return ; } LSA_OBJECT_ATTRIBUTES lsaAttr = { sizeof( LSA_OBJECT_ATTRIBUTES ) }; LSA_HANDLE hLsa; HKEY hKey; if ( ::RegOpenKeyEx( HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon", 0, KEY_ALL_ACCESS, &hKey ) != ERROR_SUCCESS ) { MessageBox( L"Open register failed" ); return ; } if ( ::RegSetValueEx( hKey, L"DefaultUserName", 0, REG_SZ, ( BYTE* )szUsername, lstrlen( szUsername ) * 2 ) != ERROR_SUCCESS ) { MessageBox( L"Set register failed" ); RegCloseKey( hKey ); return ; } if ( ::RegSetValueEx( hKey, L"DefaultDomainName", 0, REG_SZ, ( BYTE* )szDomain, lstrlen( szDomain ) * 2 ) != ERROR_SUCCESS ) { MessageBox( L"Set register failed" ); RegCloseKey( hKey ); return ; } if ( LsaOpenPolicy( NULL, &lsaAttr, POLICY_CREATE_SECRET, &hLsa ) == STATUS_SUCCESS ) { WCHAR* pszPasswordKey = L"DefaultPassword"; DWORD dwPasswordKeyLen = lstrlen( pszPasswordKey ) * 2; // 因为双字节数据点两个字节长度 LSA_UNICODE_STRING lsaPasswordKey; lsaPasswordKey.Length = dwPasswordKeyLen; lsaPasswordKey.MaximumLength = dwPasswordKeyLen + 2; // 把末尾的空加上 lsaPasswordKey.Buffer = pszPasswordKey; LSA_UNICODE_STRING lsaPassword; DWORD dwPasswordLen = lstrlen( szPassword ) * 2; lsaPassword.Length = dwPasswordLen; lsaPassword.MaximumLength = dwPasswordLen + 2; lsaPassword.Buffer = szPassword; bool fEncript = true; if ( LsaStorePrivateData( hLsa, &lsaPasswordKey, &lsaPassword ) == STATUS_SUCCESS ) { RegDeleteValue( hKey, L"DefaultPassword" ); } else { if ( RegSetValueEx( hKey, L"DefaultPassword", 0, REG_SZ, ( BYTE* )szPassword, lstrlen( szPassword ) * 2 ) != ERROR_SUCCESS ) { MessageBox( L"Set AutoLogon Failed" ); LsaClose( hLsa ); RegCloseKey( hKey ); return; } else { fEncript = false; } } LsaClose( hLsa ); if ( RegSetValueEx( hKey, L"AutoAdminLogon", 0, REG_SZ, ( BYTE* )( L"1" ), 2 ) == ERROR_SUCCESS ) { if ( fEncript ) { MessageBox( L"successfully, \nand the password is encripted" ); } else { MessageBox( L"successfully, \nbut the password is NOT encripted" ); } } } RegCloseKey( hKey ); LsaClose( hLsa ); }
好的代码像粥一样,都是用时间熬出来的
浙公网安备 33010602011771号