2020年8月31日 星期一
2020年8月30日 星期日
2020年8月26日 星期三
【转】Task Scheduler Managed Wrapper: 由程式來排程工作
https://www.cnblogs.com/tigerjacky/archive/2010/05/07/1729684.html
https://suntargets.com/c-%E5%B0%87%E7%A8%8B%E5%BC%8F%E5%8A%A0%E5%85%A5-task-scheduler/
Creating a Task and Running with Highest Privileges from Another Task,
Task Scheduler Managed Wrapper: 由程式來排程工作
https://docs.microsoft.com/zh-tw/previous-versions/ee922578(v=msdn.10)?redirectedfrom=MSDN
[C#] 攔截並阻擋系統關機程序
取自:
[C#] 攔截並阻擋系統關機程序
前言
會研究這個主題是因為最近在用系上電腦教室挖礦XDD (噓~
但是大約下午沒課後一小時就會有專門的人來一台台關機 (凸 - -" 我才剛開好的說
幸運的是負責關機的人都是按一下電源鍵然後關螢幕就換下一台去了
所以我就想說如果可以攔截開機訊號,阻斷關機繼續進行,我的挖礦程式就不會被關閉了 (太邪惡了lol...
以下是效果圖,explorer.exe是我寫的阻止關機程式(故意取這樣的名字,才不會讓人起疑
它會卡著系統不讓系統關閉所有程式
原理解說
在程式實作之前,我們必須先了解一下windows的關機順序
系統在接收到使用者發出的關機訊號後(不管是從開始選單的還是按一下電源鍵),會逐一對所有應用程式發出WM_QUERYENDSESSION訊息,來詢問應用程式在現階段是否可以被關閉
至於WM_QUERYENDSESSION是什麼,以下是MSDN對WM_QUERYENDSESSION的解釋
The WM_QUERYENDSESSION message is sent when the user chooses to end the session or when an application calls one of the system shutdown functions. If any application returns zero, the session is not ended. The system stops sending WM_QUERYENDSESSION messages as soon as one application returns zero.
After processing this message, the system sends the WM_ENDSESSION message with the wParam parameter set to the results of the WM_QUERYENDSESSION message.
翻成中文的意思就是說:
如果有一個應用程式對WM_QUERYENDSESSION回傳0,則系統就不會繼續發送WM_QUERYENDSESSION,關機的程序也就因為那個應用程式而宣告暫停(就會卡在上面那張圖)
p.s. 如果這時按Force Quit,則關閉應用程式就會變成系統主動去kill,完全不會理會應用程式的回應
當送完WM_QUERYENDSESSION,那麼系統就會再接著發送WM_ENDSESSION訊息,來「通知」應用程式是否會關機
注意,WM_ENDSESSION在這邊只有通知用喔,應用程式在這個階段已經沒有決定權了
淺略了解windows關機前的程序後,我們要做的就是在WM_QUERYENDSESSION時給它回傳0,讓系統因為我們而暫時停止關機程序
程式實作
首先先開一個新的專案,類型是視窗應用程式(Windows Forms App)
Layout要怎麼設計隨便,甚至我把它Opacity設0%,隱藏起來
接下來切換到該Form的程式碼頁
在創建的class新增下列程式碼,override掉原本的WndProc方法
protected override void WndProc(ref Message aMessage) { const int WM_QUERYENDSESSION = 0x0011; const int WM_ENDSESSION = 0x0016;
if (aMessage.Msg == WM_QUERYENDSESSION || aMessage.Msg == WM_ENDSESSION) return;
base.WndProc(ref aMessage); } |
這個方法是用來讓系統或硬體跟應用程式溝通的,原本在被override前裡面也已經寫好遇到WM_QUERYENDSESSION及WM_ENDSESSION等等的訊息時要執行的動作
我們現在override後讓他遇到WM_QUERYENDSESSION跟WM_ENDSESSION訊息時直接return,啥都不要做;如果是其他則執行原本被override前的WndProc方法
如果有做到這一步其實就已經算完成了
編譯並執行程式後測試看看,按下登出、關機、重新開機,會發現系統的關機程序卡在像上圖一樣的地方。
如果還想要進一步更改提示訊息,我們需要使用ShutdownBlockReasonCreate這個方法
這個方法的用途就跟它名字一樣,應該不用多解釋吧:))
把以下程式碼新增在這個Form的建構子裡面,也就是InitializeComponent();下面,讓Form一初始化完就執行
ShutdownBlockReasonCreate(this.Handle, "這邊填要顯示的提示"); |
這時Visual Studio應該會報錯,說不認得這個方法
於是我們要告訴程式這個方法的實作已經在user32.dll完成了,去user32.dll裡面找
[DllImport("user32.dll")] public extern static bool ShutdownBlockReasonCreate(IntPtr hWnd, [MarshalAs(UnmanagedType.LPWStr)] string pwszReason); |
新增完後記得把動態載入dll所依賴的System.Runtime.InteropServices給補上
using System.Runtime.InteropServices; |
到這邊算是第二階段的完成了。
如果想要把該Form從工作管理員隱藏,就把下列程式碼也加進去
protected override CreateParams CreateParams { get { var cp = base.CreateParams; cp.ExStyle |= 0x80; return cp; } } |
最後附上完整程式碼
using System; using System.Windows.Forms; using System.Runtime.InteropServices;
namespace NoShutdown { public partial class NoShutdown : Form { [DllImport("user32.dll")] public extern static bool ShutdownBlockReasonCreate(IntPtr hWnd, [MarshalAs(UnmanagedType.LPWStr)] string pwszReason);
public NoShutdown() { InitializeComponent(); ShutdownBlockReasonCreate(this.Handle, "這邊填要顯示的提示"); }
protected override void WndProc(ref Message aMessage) { const int WM_QUERYENDSESSION = 0x0011; const int WM_ENDSESSION = 0x0016;
if (aMessage.Msg == WM_QUERYENDSESSION || aMessage.Msg == WM_ENDSESSION) return;
base.WndProc(ref aMessage); }
protected override CreateParams CreateParams //Hide from Task Manager { get { var cp = base.CreateParams; cp.ExStyle |= 0x80; return cp; } } } } |
小提醒:如果曾經使用過一些工具去優化關機速度的可能就不會被阻擋在那個畫面。因為那些優化為了減少關機時間,不管WM_QUERYENDSESSION回傳什麼會直接kill掉。
2020年8月25日 星期二
2020年8月23日 星期日
How To Make .NET Application To Run As Administrator BY PASS UAC
https://www.mytecbits.com/microsoft/dot-net/run-as-administrator
https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/
https://itw01.com/LPZELX9.html
UAC 用户账户控制
https://blog.walterlv.com/post/windows-user-account-control
应用程序清单 Manifest 中各种 UAC 权限级别的含义和效果
https://blog.walterlv.com/post/requested-execution-level-of-application-manifest.html
2020年8月22日 星期六
2020年8月20日 星期四
Visual Studio Installer 設定屬性簡介
https://www.itread01.com/content/1541131292.html
Visual Stdio 2015打包安装项目的方法(使用Visual Studio Installer)
https://blog.csdn.net/baidu_27438681/article/details/72823844
新軟體都安裝到AppData目錄
2020年8月19日 星期三
visual studio installer programfilesfolder
https://www.advancedinstaller.com/user-guide/folder-paths.html
Paths of the folders in the "Files and Folders" Page
The folders in the "Files and Folders" page use predefined and custom installer properties which store their paths.
Folder Name | Property Name | Sample Path | Comments |
---|---|---|---|
Application Folder | APPDIR | C:\Program Files\Your Company\Your Application | this is the default value and it can be configured |
Application Shortcut Folder | SHORTCUTDIR | C:\Documents and Settings\<username>\Start Menu\Programs\Your Application | C:\Users\<username>\Start Menu\Programs\Your Application on Vista or above; this is the default value and it can be configured |
Program Files | ProgramFilesFolder | C:\Program Files | C:\Program Files (x86) on a 64-bit machine |
Common Files | CommonFilesFolder | C:\Program Files\Common Files | C:\Program Files (x86)\Common Files on a 64-bit machine |
Program Files 64 | ProgramFiles64Folder | C:\Program Files | resolved only on a 64-bit machine |
Common Files 64 | CommonFiles64Folder | C:\Program Files\Common Files | resolved only on a 64-bit machine |
Windows Volume | WindowsVolume | C:\ | |
Temporary | TempFolder | C:\Documents and Settings\<username>\Local Settings\Temp | C:\Users\<username>\Local Settings\Temp on Vista or above |
Windows | WindowsFolder | C:\Windows | |
Fonts | FontsFolder | C:\Windows\Fonts | |
System | SystemFolder | C:\Windows\system32 | C:\Windows\SysWow64 on a 64-bit machine |
System 16 | System16Folder | C:\Windows\system | used on older Windows versions |
System 64 | System64Folder | C:\Windows\system32 | resolved only on 64-bit machines |
Start Menu | StartMenuFolder | C:\Documents and Settings\<username>\Start Menu | C:\Users\<username>\Start Menu on Vista or above |
Programs | ProgramMenuFolder | C:\Documents and Settings\<username>\Start Menu\Programs | C:\Users\<username>\Start Menu\Programs on Vista or above |
Startup | StartupFolder | C:\Documents and Settings\<username>\Start Menu\Programs\Startup | C:\users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup on Vista or above |
Desktop | DesktopFolder | C:\Documents and Settings\<username>\Desktop | C:\Users\<username>\Desktop on Vista or above |
Favorites | FavoritesFolder | C:\Documents and Settings\<username>\Favorites | C:\Users\<username>\Favorites on Vista or above |
My Documents | PersonalFolder | C:\Documents and Settings\<username>\My Documents | C:\Users\<username>\Documents on Vista or above |
My Pictures | MyPicturesFolder | C:\Documents and Settings\<username>\My Documents\My Pictures | C:\Users\<username>\Pictures on Vista or above |
Templates | TemplateFolder | C:\Documents and Settings\<username>\Templates | C:\Users\<username>\Templates on Vista or above |
Send To | SendToFolder | C:\Documents and Settings\<username>\SendTo | C:\Users\<username>\SendTo on Vista or above |
Administrative Tools | AdminToolsFolder | C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools | C:\ProgramData\Start Menu\Programs\Administrative Tools on Vista or above |
Application Data | AppDataFolder | C:\Documents and Settings\<username>\Application Data | C:\Users\<username>\AppData\Roaming on Vista or above |
Common Application Data | CommonAppDataFolder | C:\Documents and Settings\All Users\Application Data | C:\ProgramData on Vista or above |
Network Shortcuts | NetHoodFolder | C:\Documents and Settings\<username>\NetHood | C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Network Shortcuts on Vista and above |
Recent Items | RecentFolder | C:\Documents and Settings\<username>\Recent | C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Recent on Vista and above |
Printer Shortcuts | PrintHoodFolder | C:\Documents and Settings\<username>\PrintHood | C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Printer Shortcuts on Vista and above |
Local Application Data | LocalAppDataFolder | C:\Documents and Settings\<username>\Local Settings\Application Data | C:\Users\<username>\AppData\Local on Vista or above |
Public Documents | PublicDocumentsFolder | C:\Documents and Settings\All Users\Documents\ | C:\Users\Public\Documents\ on Windows Vista |
Windows Libraries | WindowsLibrariesFolder | C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Libraries\ | C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Libraries\ on Windows 7 or above |
IIS WWW Root | IIsWWWRootFolder | C:\Inetpub\wwwroot |
All the above folders are predefined for Windows Installer except for the first two folders which are proprietary for Advanced Installer. When the installation package runs, Windows Installer will automatically resolve their paths according to the target machine's configuration.
Depending on the package type, the paths will change; this means that if the package is per-user the paths will use "...\<username>\..." or if it is per-machine the paths will use "...\Public\..." instead.
If a package is per-machine and shortcuts are present in the AppDataFolder, the system redirects the shortcuts to the ProgramData folder.