一般在windows编程都是用用从ntdll导出的Native API,现在看到一点COM编程或者其他的一些不常用的接口函数总觉得蛮有意思,准备以后多积累一下。

先简单总结WTSAPI32。以下实在Win7x64下的WTSAPI32中得到的导出函数。

WTSCloseServer    0x3fd03292    0x00003292     (0x1)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSConnectSessionA    0x3fd02f38    0x00002f38     (0x2)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSConnectSessionW    0x3fd02fc1    0x00002fc1     (0x3)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSCreateListenerA    0x3fd07c11    0x00007c11     (0x4)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSCreateListenerW    0x3fd07595    0x00007595     (0x5)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSDisconnectSession    0x3fd02992    0x00002992     (0x6)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateListenersA    0x3fd071ea    0x000071ea     (0x7)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateListenersW    0x3fd070d4    0x000070d4     (0x8)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateProcessesA    0x3fd0542d    0x0000542d     (0x9)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateProcessesExA    0x3fd057e2    0x000057e2     (0xa)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateProcessesExW    0x3fd05138    0x00005138     (0xb)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateProcessesW    0x3fd04e45    0x00004e45     (0xc)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateServersA    0x3fd03577    0x00003577     (0xd)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateServersW    0x3fd03461    0x00003461     (0xe)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateSessionsA    0x3fd04023    0x00004023     (0xf)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateSessionsExA    0x3fd04485    0x00004485     (0x10)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateSessionsExW    0x3fd04359    0x00004359     (0x11)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSEnumerateSessionsW    0x3fd01d49    0x00001d49     (0x12)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSFreeMemory    0x3fd01b65    0x00001b65     (0x13)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSFreeMemoryExA    0x3fd03179    0x00003179     (0x14)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSFreeMemoryExW    0x3fd030cd    0x000030cd     (0x15)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSGetListenerSecurityA    0x3fd0706d    0x0000706d     (0x16)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSGetListenerSecurityW    0x3fd06ec1    0x00006ec1     (0x17)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSLogoffSession    0x3fd03d77    0x00003d77     (0x18)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSOpenServerA    0x3fd03262    0x00003262     (0x19)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSOpenServerExA    0x3fd03282    0x00003282     (0x1a)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSOpenServerExW    0x3fd03272    0x00003272     (0x1b)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSOpenServerW    0x3fd03252    0x00003252     (0x1c)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSQueryListenerConfigA    0x3fd074ec    0x000074ec     (0x1d)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSQueryListenerConfigW    0x3fd072cc    0x000072cc     (0x1e)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSQuerySessionInformationA    0x3fd04cdd    0x00004cdd     (0x1f)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSQuerySessionInformationW    0x3fd0253d    0x0000253d     (0x20)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSQueryUserConfigA    0x3fd0695c    0x0000695c     (0x21)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSQueryUserConfigW    0x3fd0662a    0x0000662a     (0x22)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSQueryUserToken    0x3fd01f81    0x00001f81     (0x23)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSRegisterSessionNotification    0x3fd01cbc    0x00001cbc     (0x24)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSRegisterSessionNotificationEx    0x3fd03e0a    0x00003e0a     (0x25)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSSendMessageA    0x3fd03d1f    0x00003d1f     (0x26)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSSendMessageW    0x3fd03cc7    0x00003cc7     (0x27)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSSetListenerSecurityA    0x3fd06e60    0x00006e60     (0x28)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSSetListenerSecurityW    0x3fd06d36    0x00006d36     (0x29)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSSetSessionInformationA    0x3fd03cbc    0x00003cbc     (0x2a)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSSetSessionInformationW    0x3fd03cbc    0x00003cbc     (0x2b)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSSetUserConfigA    0x3fd06383    0x00006383     (0x2c)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSSetUserConfigW    0x3fd06008    0x00006008     (0x2d)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSShutdownSystem    0x3fd031eb    0x000031eb     (0x2e)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSStartRemoteControlSessionA    0x3fd02ec2    0x00002ec2     (0x2f)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSStartRemoteControlSessionW    0x3fd02e9e    0x00002e9e     (0x30)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSStopRemoteControlSession    0x3fd02e81    0x00002e81     (0x31)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSTerminateProcess    0x3fd05119    0x00005119     (0x32)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSUnRegisterSessionNotification    0x3fd028c8    0x000028c8     (0x33)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSUnRegisterSessionNotificationEx    0x3fd03e6b    0x00003e6b     (0x34)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSVirtualChannelClose    0x3fd058cb    0x000058cb     (0x35)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSVirtualChannelOpen    0x3fd05c1b    0x00005c1b     (0x36)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSVirtualChannelOpenEx    0x3fd05c39    0x00005c39     (0x37)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSVirtualChannelPurgeInput    0x3fd05ad9    0x00005ad9     (0x38)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSVirtualChannelPurgeOutput    0x3fd05afb    0x00005afb     (0x39)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSVirtualChannelQuery    0x3fd05b1d    0x00005b1d     (0x3a)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSVirtualChannelRead    0x3fd05997    0x00005997     (0x3b)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSVirtualChannelWrite    0x3fd05920    0x00005920     (0x3c)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

WTSWaitSystemEvent    0x3fd02fe5    0x00002fe5     (0x3d)    wtsapi32.dll    C:\Windows\SysWOW64\wtsapi32.dll    导出函数

根据函数名称大概也可以看出函数的功能,常用函数的实现,都能查得到。

这里用WTSEnumerateProcessesA做个demo。

进程枚举

 #include "stdafx.h"

 #include "stdafx.h"

 #include "stdio.h"

 #include "windows.h"

 typedef struct _WTS_PROCESS_INFO {

     DWORD SessionId;

     DWORD ProcessId;

     LPTSTR pProcessName;

     PSID pUserSid;

 } WTS_PROCESS_INFO, *PWTS_PROCESS_INFO;

 typedef HANDLE(WINAPI* WTSOPENSERVER)(LPTSTR pServerName);

 typedef BOOL(WINAPI* WTSENUMERATEPROCESSES)(HANDLE hServer, DWORD Reserved, DWORD Version, \

     PWTS_PROCESS_INFO* ppProcessInfo, DWORD* pCount);

 void main()

 {

     HMODULE hWtsApi32 = LoadLibrary(_T("WTSAPI32.DLL"));

     WTSOPENSERVER pWtsOpenServer = (WTSOPENSERVER)GetProcAddress(hWtsApi32, "WTSOpenServerA");

     WTSENUMERATEPROCESSES wtsEnumProc = (WTSENUMERATEPROCESSES)GetProcAddress(hWtsApi32, "WTSEnumerateProcessesA");

     WCHAR *szServerName = _T("");

     HANDLE hServer = pWtsOpenServer((LPTSTR)szServerName);

     PWTS_PROCESS_INFO pProcInfo;

     DWORD dwCount = ;

     if (!wtsEnumProc(hServer, , , &pProcInfo, &dwCount))

         return;

     for (DWORD i = ; i < dwCount; i++)

     {

         wprintf(_T("ProcID=0x%XH ProName=%S\r\n"), pProcInfo[i].ProcessId, pProcInfo[i].pProcessName);

     }

 }
 WTSRegisterSessionNotification进行注册以接收WM_WTSSESSION_CHANGE 消息,这个函数只是看到了,自己暂时还没有用到的时候。先把资料放着吧。

https://support.microsoft.com/en-us/help/310153/how-to-write-an-application-that-supports-fast-user-switching-in-windows-xp

最新文章

  1. Asp.NET MVC 使用 SignalR 实现推送功能二(Hubs 在线聊天室 获取保存用户信息)
  2. HDU 2571 命运
  3. Android读写SD卡
  4. 《The Django Book》实战--第二章--动态网页基础
  5. 从零开始写一个武侠冒险游戏-8-用GPU提升性能(3)
  6. django-cms 代码研究(七)杂七杂八
  7. PHP之XML节点追加操作讲解
  8. 【玩转开源】BananaPi R2 —— 第二篇 Openwrt 网口配置分析
  9. css长度单位学习(em,rem,px,vw,vh)
  10. OOP面向对象
  11. Web大前端面试题-Day12
  12. 使用bash echo 输出回车转义
  13. leetcode242&mdash;Valid Anagram
  14. 重磅发布丨乐维监控:全面兼容云平台,助力企业DevOps转型升级!
  15. Error: cannot allocate vector of size 88.1 Mb问题
  16. Codeforces Round #353 (Div. 2) E. Trains and Statistic dp 贪心
  17. 从零开始搭建linux下laravel 5.5所需环境(三)
  18. ios 6以后,UILabel全属性
  19. redis位图
  20. Java开发工程师(Web方向) - 03.数据库开发 - 第2章.数据库连接池

热门文章

  1. with上下文管理协议
  2. CSS基础知识总结二
  3. python设置文字输出颜色
  4. Linux内核设计与实现 总结笔记(第六章)内核数据结构
  5. 如何添加筛选器 (Reporting Services)
  6. FastDFS介绍(一)
  7. jpa remove
  8. Apache启动报错:Invalid command &#39;AuthType&#39;, perhaps misspelled or defined by a module not included in it
  9. Centos7.2命令安装图形化界面
  10. linux点滴记录