c++ - 如何解决 WriteProcessMemory 中的错误 5？

问题描述

我正在请求 SE_DEBUG_NAME，但我仍然无法使用 WriteProcessMemory() 写入 lsass.exe。我以管理员身份运行我的程序（将清单更改为“requireAdministrator”）。我已经尝试过我的程序，它确实写入了 svchost.exe、explorer.exe 和 chrome.exe，但没有写入 lsass.exe。

#include <windows.h> 
#include <iostream> 


BOOL SetPrivilege(
    HANDLE hToken,          // access token handle
    LPCTSTR lpszPrivilege,  // name of privilege to enable/disable
    BOOL bEnablePrivilege   // to enable or disable privilege
)
{
    TOKEN_PRIVILEGES tp;
    LUID luid;

    if (!LookupPrivilegeValue(
        NULL,            // lookup privilege on local system
        lpszPrivilege,   // privilege to lookup 
        &luid))        // receives LUID of privilege
    {
        printf("LookupPrivilegeValue error: %u\n", GetLastError());
        return FALSE;
    }

    tp.PrivilegeCount = 1;
    tp.Privileges[0].Luid = luid;
    if (bEnablePrivilege)
        tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    else
        tp.Privileges[0].Attributes = 0;

    // Enable the privilege or disable all privileges.

    if (!AdjustTokenPrivileges(
        hToken,
        FALSE,
        &tp,
        sizeof(TOKEN_PRIVILEGES),
        (PTOKEN_PRIVILEGES)NULL,
        (PDWORD)NULL))
    {
        printf("AdjustTokenPrivileges error: %u\n", GetLastError());
        return FALSE;
    }

    if (GetLastError() == ERROR_NOT_ALL_ASSIGNED)

    {
        printf("The token does not have the specified privilege. \n");
        return FALSE;
    }

    return TRUE;
}
void write()
{
    std::string writing = "lmaoxd";
    auto writing_size = sizeof(writing);

    DWORD pID = 696;
    HANDLE hToken;

    OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken);
    SetPrivilege(hToken, SE_DEBUG_NAME, TRUE);
    CloseHandle(hToken);

    HANDLE pHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pID);
    WriteProcessMemory(pHandle, (LPVOID)0x1d72000391e, &writing, writing_size, 0);
    CloseHandle(pHandle);

    DWORD error = GetLastError();
    std::cout << "Error: " << error << std::endl;
}

int main()
{
    write();
    system("pause");
}

如何解决错误 5？

标签： c++winapi