个人中心
gpt4 book ai didi

Windows 7 : Taking advantage of auto-elevation to elevate my own process?

转载 作者:可可西里 更新时间:2023-11-01 13:36:46 28 4
gpt4 key购买 nike

摘自 2009 年 7 月题为 Inside Windows 7 User Account Control 的 Technet 文章, Mark Russinovish 描述了以标准用户身份运行的应用程序可以悄悄提升并获得管理权限:

...it's possible for third-party software running in a PA (Protected Administrator) account with standard user rights to take advantage of auto-elevation to gain administrative rights. For example, the software can use the WriteProcessMemory API to inject code into Explorer and the CreateRemoteThread API to execute that code, a technique called DLL injection. Since the code is executing in Explorer, which is a Windows executable, it can leverage the COM objects that auto-elevate, like the Copy/Move/Rename/Delete/Link Object, to modify system registry keys or directories and give the software administrative rights.

他继续提到恶意软件永远不会这样做,因为它太难了:

...these steps require deliberate intent, aren't trivial...

最后

...malware could gain administrative rights using the same techniques.

所以我很想看到一个实际的实现。

我本以为 PROCESS_VM_WRITE 将是标准用户未获得的权利。

注意:我自己永远不会做任何坏事,世界上所有其他开发者都是如此。

最佳答案

郑龙,电话:istartedsomething.com有一些关于自动提升应用程序的帖子。他不是源代码的作者,但他链接到进行概念验证的人。

您可以阅读更多相关信息 here .

关于Windows 7 : Taking advantage of auto-elevation to elevate my own process?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/1013531/

28 4 0
文章推荐: php - sfDoctrineGuardPlugin : login with email
文章推荐: html - 使用 Twitter 的新小部件时如何禁用消息 “Are you sure you want to send a form again”?
文章推荐: PHP:为一个文件而不是 php.ini 设置 max_file_uploads
文章推荐: jQuery 改变点击
可可西里
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com