I remember to study the API when I just learned C , I had a master, and I wrote a segment code. When I was writing the program, Ming Ming, the machine suddenly turned off! When I was wondering, I heard his hilarious smile!
It turned out that he did it, and later I studied the API function of the INITIATESYSTEMSHUTDOWN, and learned the principle of being brought, because my machine joined the Windows domain, and the domain superuser, I also set it to me, I have Administrator privileges. So, he can take advantage of it! Later, I wrote the following code, let him be shut down from my distance, cool! I learned new things, and I still put it in my people!
// shutdownsystem function is close to this area, its own machine
. TOKEN_PRIVILEGES tkp;; // Get a token for this process if (! OpenProcessToken (GetCurrentProcess (), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, & hToken)) AfxMessageBox ( "OpenProcessToken"); BOOL CAlarmClockDlg :: () {HANDLE hToken ShutDownSystem // Get the LUID for the shutdown privilege LookupPrivilegeValue (NULL, SE_SHUTDOWN_NAME, & tkp.Privileges [0] .Luid);. tkp.PrivilegeCount = 1; // one privilege to set tkp.Privileges [0] .Attributes = SE_PRIVILEGE_ENABLED; // Get the shutdown privilege for this process AdjustTokenPrivileges (hToken, FALSE, & tkp, 0, (PTOKEN_PRIVILEGES) NULL, 0);. (! GetLastError () = ERROR_SUCCESS) if AfxMessageBox ( "AdjustTokenPrivileges"); // Shut down the system and force all applications to Close. if (! EXITWINDOWSEX (EWX_SHUTDOWN | EWX_FORCE, 0)) {Return false;} else {return true;}}
// shutdownhost This is the C function of the remote shutdown! Hostname can be machine IP, or it is a machine name!
Bool CalarmClockdlg :: ShutdownHost (cstring hostname) {handle htokeen; // handle to process token
Token_Privileges Tkp; // Pointer to Token Structure
Bool Fresult; // System Shutdown Flag
// Get The Current Process Token Handle So We Can Get Shutdown
// privilege.
IF (!. "token_adjust_privileges | token_pary, & htoken) AFXMessageBox (" OpenProcessToken Failed. "); // Get The Luid for Shutdown Privilege.
Lookuppprivilegevalue (NULL, SE_SHUTDOWN_NAME, & TKP.PRIVILEGES [0] .luid);
Tkp.privilegect = 1; // one privilege to set
Tkp.privileges [0] .attributes = se_privilege_enabled;
// Get SHUTDOWN Privilege for this process.
AdjustTokenprivileges (HToken, False, & Tkp, 0, (ptoken_privileges) null, 0);
// cannot Test The Return Value of AdjustTokenPrivileges.
IF (GetLastError ()! = error_success) AFXMessageBox ("AdjustTokenPrivileges Enable Failed.");
// Display the shutdown dialog box and start the time-out countdown.
fResult = InitiateSystemShutdown ( "192.168.100.245", // shut down local computer "Click on the main window and press the Escape key to cancel shutdown.", // message to user 1, // time-out period FALSE, // ask user to close apps // Note this paragraph API call! false); // reboot after shutdown
If (! FRESULT) {AFXMessageBox ("INITIATESYSTEMSHUTDOWN FAILED."); // disable shutdown privilege.
Tkp.privileges [0] .attributes = 0;
AdjustTokenprivileges (HToken, False, & Tkp, 0, (ptoken_privileges) null, 0);
IF (getLastError ()! = error_success) {AFXMESSAGEBOX ("AdjustTokenPrivileges Disable Failed.");}
Return True;}
