打开以管理员身份运行的进程时,Java JNA Access被拒绝

时间:2015-08-26 20:16:16

标签: java native jna

我正在使用JNA尝试访问以管理员身份运行的进程。我做了一些研究,发现当你没有SeDebugPrivilege时会返回<?php namespace MyBundle\Form; // use directives... class TravelRequestsWorklistType extends AbstractType { private $em; private $travelRepository; private $searchQueryBuilder; public function __construct(EntityManager $em) { $this->em = $em; $this->travelRepository = $this->em->getRepository(Travel::class); } public function buildForm(FormBuilderInterface $builder, array $options) { $formFactory = $builder->getFormFactory(); $builder ->add('requestedDate', 'date', array( 'widget' => 'single_text', 'input' => 'datetime', 'format' => 'dd/MM/yyyy', 'attr' => array('class' => 'date'), 'data' => null, 'mapped' => false )) ->add('selectedGroup', 'entity', array( 'class' => 'MyBundle\Entity\Group', 'placeholder' => '', 'mapped' => false, 'multiple' => false, )) ->add('search', 'submit'); $builder->get('requestedDate')->addEventListener(FormEvents::SUBMIT, $this->onDateCriteriaEvent($formFactory)); $builder->get('selectedGroup')->addEventListener(FormEvents::SUBMIT, $this->onGroupCriteriaEvent($formFactory)); } private function onDateCriteriaEvent(FormFactory $ff) { return function(FormEvent $event) use ($ff) { $root = $event->getForm()->getParent(); $requestedDate = $event->getData(); $qb = $this->getQueryBuilder(); $qb->andWhere('r.requestedDate = :requestedDate') ->setParameter('requestedDate', $requestedDate); if(!$this->searchHasResult($root)) { $this->addTravels($ff, $root); } }; } private function onGroupCriteriaEvent(FormFactory $ff) { return function(FormEvent $event) use ($ff) { $root = $event->getForm()->getRoot(); $selectedGroup = $event->getData(); $qb = $this->getQueryBuilder(); $qb->andWhere('r.group = :group') ->setParameter('group', $selectedGroup); if(!$this->searchHasResult($root)) { $this->addTravels($ff, $root); } }; } private function addTravels(FormFactory $ff, Form $rootForm) { $travels = $ff->createNamedBuilder('travels', 'entity', null, array( 'class' => 'MyBundle\Entity\Travel', 'mapped' => false, 'multiple' => true, 'expanded' => true, 'auto_initialize' => false )); $submitButton = $ff->createNamedBuilder('validate', 'submit'); $travels->addEventListener(FormEvents::PRE_SUBMIT, $this->onSearchResult()); $form->add($travels->getForm())->add($submitButton->getForm()); } // The method setData() shows "This form should not contain extra fields" private function onSearchResult() { return function(FormEvent $e) { $data = $this->searchResultQueryBuilder->getQuery()->getResult(); $e->setData($data); }; } private function getQueryBuilder() { if(null === $this->searchQueryBuilder) { $this->searchResultQueryBuilder = $this->travelRepository->createQueryBuilder('r'); // add dummy where clause here in order to call "andWhere" indistinctly later $this->searchResultQueryBuilder->where("1 = 1"); } return $this->searchQueryBuilder; } private function searchHasResult(Form $form) { return $form->has('travels'); } }

我启用了SeDebugPrivilege,但我仍然遇到同样的错误。有什么帮助吗?

Access is denied

该代码给出了此错误

    Processes.enableDebugPrivilege(Kernel32Direct.GetCurrentProcess());
    } catch (Exception e) {
        e.printStackTrace();
    }
    handle = Natives.openProcess(id);
    throw new Win32Exception(Native.getLastError());

这是我的com.sun.jna.platform.win32.Win32Exception: Access is denied. 方法。

enableDebugPrivilege

最后但并非最不重要的是这是我的openProcess方法

    public static final String SE_DEBUG_NAME = "SeDebugPrivilege";

////////////////////////////////////////////////////////////////////////

public static final int SE_PRIVILEGE_ENABLED = 0x00000002;

////////////////////////////////////////////////////////////////////////
public static final int TOKEN_ASSIGN_PRIMARY = 0x00000001;
public static final int TOKEN_DUPLICATE = 0x00000002;
public static final int TOKEN_IMPERSONATE = 0x00000004;
public static final int TOKEN_QUERY = 0x00000008;
public static final int TOKEN_QUERY_SOURCE = 0x00000010;
public static final int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public static final int TOKEN_ADJUST_GROUPS = 0x00000040;
public static final int TOKEN_ADJUST_DEFAULT = 0x00000080;
public static final int TOKEN_ADJUST_SESSIONID = 0x00000100;
public static final int STANDARD_RIGHTS_READ = 0x00020000;
public static final int STANDARD_RIGHTS_REQUIRED = 0x000F0000;
public static final int TOKEN_READ = (STANDARD_RIGHTS_READ | TOKEN_QUERY);
public static final int TOKEN_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED | TOKEN_ASSIGN_PRIMARY |
        TOKEN_DUPLICATE | TOKEN_IMPERSONATE | TOKEN_QUERY | TOKEN_QUERY_SOURCE |
        TOKEN_ADJUST_PRIVILEGES | TOKEN_ADJUST_GROUPS | TOKEN_ADJUST_DEFAULT | TOKEN_ADJUST_SESSIONID);

////////////////////////////////////////////////////////////////////////


public static void enableDebugPrivilege(Pointer hProcess) throws Exception {
    PointerByReference hToken = new PointerByReference();
    boolean success = Advapi32.INSTANCE.OpenProcessToken(hProcess, TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, hToken);
    if (!success) {
        int err = Native.getLastError();
        throw new Exception("OpenProcessToken failed. Error: " + err);
    }

    Advapi32.LUID luid = new Advapi32.LUID();
    success = Advapi32.INSTANCE.LookupPrivilegeValueA(null, SE_DEBUG_NAME, luid);
    if (!success) {
        int err = Native.getLastError();
        throw new Exception("LookupPrivilegeValueA failed. Error: " + err);

    }

    Advapi32.TOKEN_PRIVILEGES tkp = new Advapi32.TOKEN_PRIVILEGES(1);
    tkp.Privileges[0].Luid = luid;
    tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    success = Advapi32.INSTANCE.AdjustTokenPrivileges(hToken.getValue(), false, tkp, 0, null, null);
    if (!success) {
        int err = Native.getLastError();
        throw new Exception("AdjustTokenPrivileges failed. Error: " + err);
    }

    Kernel32Direct.CloseHandle(hToken.getValue());
}

有人可以告诉我为什么在使用SeDebugPrivilege调用OpenProcess时仍然会拒绝访问?

修改: public static final int PROCESS_QUERY_INFORMATION = 0x0400; public static final int PROCESS_VM_READ = 0x0010; public static final int PROCESS_VM_WRITE = 0x0020; public static final int PROCESS_VM_OPERATION = 0x0008; public static WinNT.HANDLE openProcess(int pid) { return openProcess(pid, PROCESS_QUERY_INFORMATION | PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION); } public static WinNT.HANDLE openProcess(int pid, int permissions) { return Kernel32Direct.OpenProcess(permissions, true, pid); }

给我这个错误:

Advapi32.INSTANCE.AdjustTokenPrivileges(hToken.getValue(), false, tkp, 0, null, null);

这可能是问题吗?

0 个答案:

没有答案
相关问题
最新问题