C# 使用API屏蔽系统热键和任务管理器(2)_C/C++语言_黑客防线网安服务器维护基地--Powered by WWW.RONGSEN.COM.CN

C# 使用API屏蔽系统热键和任务管理器(2)

作者:黑客防线网安C/C++教程基地 来源:黑客防线网安C/C++教程基地 浏览次数:0

本篇关键词:任务管理系统屏蔽
黑客防线网安网讯:    private static extern short GetKeyState(int vKey);  #endregion  方法#region 方法  /**//// <summary>  /// 钩子回调函数,在这里屏蔽热键。  /// <remark>  /// Auth...
    private static extern short GetKeyState(int vKey);
  #endregion
  方法#region 方法
  /**//// <summary>
  /// 钩子回调函数在这里屏蔽热键
  /// <remark>
  /// Author:ZhangRongHua
  /// Create DateTime: 2009-6-19 20:19
  /// Update History:
  ///  </remark>
  /// </summary>
  /// <param name="nCode">The n code.</param>
  /// <param name="wParam">The w param.</param>
  /// <param name="lParam">The l param.</param>
  /// <returns></returns>
  private int KeyboardHookProc(int nCode, Int32 wParam, IntPtr lParam)
  {
  KeyMSG m = (KeyMSG) Marshal.PtrToStructure(lParam, typeof (KeyMSG));
  if (((Keys) m.vkCode == Keys.LWin) || ((Keys) m.vkCode == Keys.RWin) ||
  ((m.vkCode == VK_TAB) && ((m.flags & LLKHF_ALTDOWN) != 0)) ||
  ((m.vkCode == VK_ESCAPE) && ((m.flags & LLKHF_ALTDOWN) != 0)) ||
  ((m.vkCode == VK_F4) && ((m.flags & LLKHF_ALTDOWN) != 0)) ||
  (m.vkCode == VK_ESCAPE) && ((GetKeyState(VK_LCONTROL) & 0x8000) != 0) ||
  (m.vkCode == VK_ESCAPE) && ((GetKeyState(VK_RCONTROL) & 0x8000) != 0)
  )
  {
  return 1;
  }
  return CallNextHookEx(hKeyboardHook, nCode, wParam, lParam);
  }
  /**//// <summary>
  /// 启动Hook并用流屏蔽任务管理器
  /// <remark>
  /// Author:ZhangRongHua
  /// Create DateTime: 2009-6-19 20:20
  /// Update History:
  ///  </remark>
  /// </summary>
  public void HookStart()
  {
  if (hKeyboardHook == 0)
  {
  //   创建HookProc实例
  KeyboardHookProcedure = new HookProc(KeyboardHookProc);
  hKeyboardHook = SetWindowsHookEx(WH_KEYBOARD,
  KeyboardHookProcedure,
  Marshal.GetHINSTANCE(Assembly.GetExecutingAssembly().GetModules()[0]),
  0);
  //   如果设置钩子失败
  if (hKeyboardHook == 0)
  {
  HookStop();
  //throw new Exception("SetWindowsHookEx   failedeeeeeeee.");
  }
   //用二进制流的方法打开任务管理器而且不关闭流.这样任务管理器就打开不了
  MyFs = new FileStream(Environment.ExpandEnvironmentVariables("%windir%\system32\taskmgr.exe"),
  FileMode.Open);
  byte[] MyByte = new byte[(int) MyFs.Length];
  MyFs.Write(MyByte, 0, (int) MyFs.Length);
  }
  }
  /**//// <summary>
  /// 卸载hook,并关闭流,取消屏蔽任务管理器。
  /// <remark>
  /// Author:ZhangRongHua
  /// Create DateTime: 2009-6-19 20:21
  /// Update History:
  ///  </remark>
  /// </summary>
  public void HookStop()
  {
  bool retKeyboard = true;
  if (hKeyboardHook != 0)
  {
  retKeyboard = UnhookWindowsHookEx(hKeyboardHook);
  hKeyboardHook = 0;
  }
  if (null != MyFs)
  {
  MyFs.Close();
  }
  if (!(retKeyboard))
  {
  throw new Exception("UnhookWindowsHookEx     failedsssss.");
  }
  }
  #endregion
  Nested type: KeyMSG#region Nested type: KeyMSG
  public struct KeyMSG
  {
  public int dwExtraInfo;
  public int flags;
  public int scanCode;
  public int time;
  public int vkCode;
  }
  #endregion
  }
  }
  //PS:也可以通过将[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
  //下的DisableTaskmgr项的值设为"1”来屏蔽任务管理器。
    黑客防线网安服务器维护方案本篇连接:http://www.rongsen.com.cn/show-15254-1.html
网站维护教程更新时间:2012-04-04 22:52:12  【打印此页】  【关闭
我要申请本站N点 | 黑客防线官网 |  
专业服务器维护及网站维护手工安全搭建环境,网站安全加固服务。黑客防线网安服务器维护基地招商进行中!QQ:29769479

footer  footer  footer  footer