本文介绍如何使用C语言调用未公开的API SfcFileException来禁止Windows文件保护(WFP)对特定文件的应用。文章提供了两种C语言实现方式,并详细解释了参数设置及函数调用过程。
在看雪看到 StarsunYzL写的编程禁止Windows文件保护,那个是汇编版本的,试着改为c版本的,却发现了不少问题:unicode,未公开api定义,调用
用到一个未公开的API——SfcFileException,其声明如下:
DWORD WINAPI SfcFileException(DWORD dwUnknown0, PWCHAR pwszFile, DWORD dwUnknown1);| dwUnknown0 | 未知,设为0 |
| pwszFile | 文件名 |
| dwUnknown1 | 未知,设为-1 |
从参数可以看出SfcFileException只能对单个文件禁止Windows文件保护,注意pwszFile参数是UNICODE字符。函数成功返回0,失败返回1(一般是文件不受Windows文件保护保护)。下面看c代码:
#include <windows.h>#pragma comment(lib,"user32")#pragma comment(lib,"advapi32")typedef DWORD WINAPI SfcFileException(DWORD dwUnknown0, PWCHAR pwszFile, DWORD dwUnknown1);int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR pszCmdLine, int cmdShow)
...{
DWORD result = 0; WCHAR szW[100] = L"C:/Windows/Explorer.exe"; HMODULE hLib = LoadLibrary("SFC_OS.DLL"); SfcFileException *se = GetProcAddress(hLib,5); result = se(0,szW,-1); if (result) MessageBox(NULL,"err","err",MB_OK); else MessageBox(NULL,"success","success",MB_OK); FreeLibrary(hLib); return 1;
}也可以这样写:
#include <windows.h>#pragma comment(lib,"user32")#pragma comment(lib,"advapi32")typedef DWORD (WINAPI *SfcFileException)(DWORD dwUnknown0, PWCHAR pwszFile, DWORD dwUnknown1);int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR pszCmdLine, int cmdShow)...{ DWORD result = 0; WCHAR szW[100] = L"C:/Windows/Explorer.exe"; HMODULE hLib = LoadLibrary("SFC_OS.DLL"); SfcFileException se = GetProcAddress(hLib,5); result = se(0,szW,-1); if (result) MessageBox(NULL,"err","err",MB_OK); else MessageBox(NULL,"success","success",MB_OK); FreeLibrary(hLib); return 1;}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
