Cockpit 188 发布了。Cockpit 是一个交互式服务器管理界面,它易于使用且非常轻便,通过浏览器中的真实 Linux 会话直接与操作系统进行交互。
新版更新说明:
-
Machines: 显示存储卷(Storage Volume)用户
-
Machines: 自动开始配置
-
Terminal: 主题及上下文菜单
-
Storage: 相应会话
-
Software Updates: 显示三个最近的升级
下载地址:
第一次写Windows服务程序,XP下一个MessageBox都弹不出来,在Services.msc中允许其与桌面交互后,MessageBox就能正常弹出。但在Win7下总是弹出[Windows交互式服务检测]的对话框,即使选择显示消息,也完全是在另一个环境下显示的,这是在Win7下交互式服务所面临的共同问题。
在百度上查了一下,知道交互式服务检测由Interactive Services Detection服务完成。当有服务要与桌面交互的时候,就会触发Interactive Services Detection服务,接着弹出[Windows交互式服务检测]的对话框。
禁用Interactive Services Detection是无法解决问题的,这样连[Windows交互式服务检测]都不会出现,更何况是与桌面交互的内容呢。
后来我想到新建一个子程序,由这个子程来显示我的对话框
服务无法显示出对话框,子程不是一个服务,不存在与桌面交互的限制,我想这样应该没问题了吧。。。
现实是残酷的。。。我就运行Calc.exe,可爱的计算器压根都出不来,出来的还是那个该死的[Windows交互式服务检测]。。。那时我想屎的心都有了。。。
困扰我N多天,我突然发觉不对劲。同样作为服务,为什么Interactive Services Detection就能弹出[Windows交互式服务检测]的对话框,我们写的服务就弹不出呢???凭什么丫
于是我把焦点集中在Interactive Services Detection服务上。查看Interactive Services Detection服务主程序UI0Detect.exe的输入表,看到CreateProcessAsUser的时候好像想到了些什么。再次运行我的服务,出现[Windows交互式服务检测]的时候打开ProcExp,看到两个UI0Detect.exe,互为父子进程。父进程是服务,子进程不是。想到CreateProcessAsUser,查看一下,果然,父进程的用户为SYSTEM,子进程的用户为当前我用的帐户。
这时候,一切问题都该迎刃而解了吧。
以下代码Win7下测试通过,XP也能用。运行Windows计算器,Windows计算器界面出现正常,不弹出[Windows交互式服务检测]。
.686p
.model flat,stdcall
option casemap:noneinclude Windows.inc
include User32.inc
include Kernel32.inc
include AdvApi32.inc
include NtDll.inc
include Wtsapi32.inc
includelib User32.lib
includelib Kernel32.lib
includelib AdvApi32.lib
includelib NtDll.lib
includelib Wtsapi32.lib.data?
hSS dd ?
hToken dd ?
stSS SERVICE_STATUS <?>
@WTS_SESSION_INFO_SessionId dd ?
@WTS_SESSION_INFO_pWinStationName dd ?
@WTS_SESSION_INFO_WTS_CONNECTSTATE_CLASS dd ?
Proc1 STARTUPINFO <?>
Proc2 PROCESS_INFORMATION <?>.data
@stSTE_lpServiceName dd offset SrvName
@stSTE_lpServiceProc dd offset ServiceMain.const
SrvName dw 'G','F','K','r','n','l',0
cmd dw 'C',':','\','w','i','n','d','o','w','s','\','S','y','s','t','e','m','3','2','\','c','a','l','c','.','e','x','e',0.code
SrvCtrlProc Proc _dwControl
pushad
mov eax,_dwControl
.IF eax == SERVICE_CONTROL_STOP
mov stSS.dwCurrentState,SERVICE_STOPPED
invoke SetServiceStatus,hSS,offset stSS
.ElSEIF eax == SERVICE_CONTROL_INTERROGATE
invoke SetServiceStatus,hSS,offset stSS
.EndIF
popad
ret
SrvCtrlProc endpassume fs:nothing
ServiceMain Proc _dwArgc,_lpszArgv
pushad
invoke RegisterServiceCtrlHandlerW,offset SrvName,offset SrvCtrlProc
mov hSS,eax
mov stSS.dwServiceType,SERVICE_WIN32_OWN_PROCESS
mov stSS.dwCurrentState,SERVICE_RUNNING
mov stSS.dwControlsAccepted,SERVICE_ACCEPT_STOP
mov stSS.dwWin32ExitCode,NO_ERROR
invoke SetServiceStatus,hSS,offset stSS
invoke WTSGetActiveConsoleSessionId
invoke WTSQueryUserToken,eax,offset hToken
invoke CreateProcessInternalW,hToken,offset cmd,0,0,0,FALSE,NORMAL_PRIORITY_CLASS,0,0,offset Proc1,offset Proc2,0
LoopA:
invoke Sleep,-1
jmp LoopA
popad
ret
ServiceMain endpStart:
invoke StartServiceCtrlDispatcherW,offset @stSTE_lpServiceName
invoke NtTerminateProcess,-1,0
end Start以上代码思路就是,获取当前用户的Token,以当前用户身份创建子进程,想显示出来的东西由这个子程完成。
注册服务的Reg文件:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GFKrnl]
"DisplayName"="Cheege Games Filter Kernel Services"
"ImagePath"=hex(2):45,00,3a,00,5c,00,47,00,4d,00,46,00,6c,00,74,00,72,00,5c,00,\
47,00,46,00,53,00,76,00,72,00,2e,00,65,00,78,00,65,00,00,00
"Description"="XXXXX"
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000110
"FailureActions"=hex:00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00
"RequiredPrivileges"=hex(7):53,00,65,00,54,00,63,00,62,00,50,00,72,00,69,00,76,\
00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,4c,00,6f,00,61,00,64,00,\
44,00,72,00,69,00,76,00,65,00,72,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,\
00,67,00,65,00,00,00,00,00
"ServiceSidType"=dword:00000001注意RequiredPrivileges,要有SeTcbPrivilege,不然有可能CreateProcessInternalW失败。还要有SeAssignPrimaryTokenPrivilege权限,否则WTSQueryUserToken失败。
我的编程风格可能有点不适合大家的口味,我爱自己在源码里拼凑结构体数据,dw定义Unicode字符串,爱用W结尾的API
创建桌面交互式服务与非交互式服务的区别
<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
顾名思义,交互式服务可以与界面进行交互,比如弹出对话框,日志窗口输出等。交互服务不允许访问网络共享资源,比如网络影射路径等。
如果需要访问网络共享资源,则需要创建非交互式服务。非交互服务不允许与桌面直接交互,如需交互可通过其他折中方式比如socket, name pipe等。
(Copy from MSDN
Note It is possible to display a message box from a service, even if it is not running in the LocalSystem account or not configured to run interactively. Simply call the MessageBox function using the MB_SERVICE_NOTIFICATION flag. Do not call MessageBox during service initialization or from the HandlerEx routine, unless you call it from a separate thread, so that you return to the SCM in a timely manner.
It is also possible to interact with the desktop from a non-interactive service by modifying the DACLs on the interface window station and desktop or by impersonating the logged-on user and opening the interactive window station and desktop directly. For more information, see Interacting with the User in a Service.
)
代码范例(c/c++)
SC_HANDLE hService;
if (strlen(m_szServiceUser) == 0 || strlen(m_szServicePassword) == 0)
{
hService= ::CreateService(
hSCM, m_szServiceName, m_szServiceName,
SERVICE_ALL_ACCESS,
// SERVICE_INTERACTIVE_PROCESS, enable service to interact with desktop (window)
// If SERVICE_INTERACTIVE_PROCESS is set, network share resource will not be allowed to access (for example net share files or directories).
SERVICE_WIN32_OWN_PROCESS|SERVICE_INTERACTIVE_PROCESS,
SERVICE_DEMAND_START, SERVICE_ERROR_NORMAL,
// If the user & password is set to NULL, the service will be created with localsystem, shared object created in the service can not be accessed by other process
szFilePath, NULL, NULL, _T("RPCSS/0"), NULL, NULL);
}
else
{
hService= ::CreateService(
hSCM, m_szServiceName, m_szServiceName,
// If SERVICE_INTERACTIVE_PROCESS is not set, windows can not be created.
SERVICE_ALL_ACCESS, SERVICE_WIN32_OWN_PROCESS,
SERVICE_DEMAND_START, SERVICE_ERROR_NORMAL,
szFilePath, NULL, NULL, _T("RPCSS/0"), m_szServiceUser, m_szServicePassword);
// Grant the user the privilege to logon, else if user login with admin or other user name, the service can not be started
GrantLoginPrivilege(m_szServiceUser);
}
// copy from MSDN
//
/*
#ifndef UNICODE
#define UNICODE
#endif // UNICODE
*/
#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
#include <TCHAR.h>
#include "ntsecapi.h"
NTSTATUS
OpenPolicy(
LPWSTR ServerName, // machine to open policy on (Unicode)
DWORD DesiredAccess, // desired access to policy
PLSA_HANDLE PolicyHandle // resultant policy handle
);
BOOL
GetAccountSid(
LPCTSTR SystemName, // where to lookup account
LPCTSTR AccountName, // account of interest
PSID *Sid // resultant buffer containing SID
);
NTSTATUS
SetPrivilegeOnAccount(
LSA_HANDLE PolicyHandle, // open policy handle
PSID AccountSid, // SID to grant privilege to
LPWSTR PrivilegeName, // privilege to grant (Unicode)
BOOL bEnable // enable or disable
);
void
InitLsaString(
PLSA_UNICODE_STRING LsaString, // destination
LPWSTR String // source (Unicode)
);
void
DisplayNtStatus(
LPSTR szAPI, // pointer to function name (ANSI)
NTSTATUS Status // NTSTATUS error value
);
void
DisplayWinError(
LPSTR szAPI, // pointer to function name (ANSI)
DWORD WinError // DWORD WinError
);
//
// If you have the ddk, include ntstatus.h.
//
#ifndef STATUS_SUCCESS
#define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
#endif
extern "C" bool GrantLoginPrivilege(LPCTSTR lpszAccountName)
{
LSA_HANDLE PolicyHandle;
PSID pSid;
NTSTATUS Status;
bool bSuccess = false;
WCHAR wComputerName[256]=L""; // static machine name buffer
//
// Open the policy on the target machine.
//
Status = OpenPolicy(
wComputerName, // target machine
POLICY_CREATE_ACCOUNT | POLICY_LOOKUP_NAMES,
&PolicyHandle // resultant policy handle
);
if(Status != STATUS_SUCCESS)
{
DisplayNtStatus("OpenPolicy", Status);
return false;
}
//
//Remove Domain name if lpszAccountName include one.
//
TCHAR szName[256];
TCHAR* p = _tcschr(lpszAccountName, _T('//'));
if(p != NULL)
{
_tcscpy(szName, p+1);
}
else
{
_tcscpy(szName, lpszAccountName);
}
//
// Obtain the SID of the user/group.
// Note that we could target a specific machine, but we don't.
// Specifying NULL for target machine searches for the SID in the
// following order: well-known, Built-in and local, primary domain,
// trusted domains.
//
if(GetAccountSid(
NULL, // default lookup logic
szName,// account to obtain SID
&pSid // buffer to allocate to contain resultant SID
))
{
//
// We only grant the privilege if we succeeded in obtaining the
// SID. We can actually add SIDs which cannot be looked up, but
// looking up the SID is a good sanity check which is suitable for
// most cases.
//
// Grant the SeServiceLogonRight to users represented by pSid.
//
Status = SetPrivilegeOnAccount(
PolicyHandle, // policy handle
pSid, // SID to grant privilege
L"SeServiceLogonRight", // Unicode privilege
TRUE // enable the privilege
);
if(Status == STATUS_SUCCESS)
{
bSuccess = true;
}
else
{
DisplayNtStatus("SetPrivilegeOnAccount", Status);
}
}
else
{
//
// Error obtaining SID.
//
DisplayWinError("GetAccountSid", GetLastError());
}
//
// Close the policy handle.
//
LsaClose(PolicyHandle);
//
// Free memory allocated for SID.
//
if(pSid != NULL) HeapFree(GetProcessHeap(), 0, pSid);
return bSuccess;
}
/*++
This function attempts to obtain a SID representing the supplied
account on the supplied system.
If the function succeeds, the return value is TRUE. A buffer is
allocated which contains the SID representing the supplied account.
This buffer should be freed when it is no longer needed by calling
HeapFree(GetProcessHeap(), 0, buffer)
If the function fails, the return value is FALSE. Call GetLastError()
to obtain extended error information.
Scott Field (sfield) 12-Jul-95
--*/
BOOL
GetAccountSid(
LPCTSTR SystemName,
LPCTSTR AccountName,
PSID *Sid
)
{
LPTSTR ReferencedDomain=NULL;
DWORD cbSid=128; // initial allocation attempt
DWORD cchReferencedDomain=16; // initial allocation size
SID_NAME_USE peUse;
BOOL bSuccess=FALSE; // assume this function will fail
__try {
//
// initial memory allocations
//
*Sid = (PSID)HeapAlloc(GetProcessHeap(), 0, cbSid);
if(*Sid == NULL) __leave;
ReferencedDomain = (LPTSTR)HeapAlloc(
GetProcessHeap(),
0,
cchReferencedDomain * sizeof(TCHAR)
);
if(ReferencedDomain == NULL) __leave;
//
// Obtain the SID of the specified account on the specified system.
//
while(!LookupAccountName(
SystemName, // machine to lookup account on
AccountName, // account to lookup
*Sid, // SID of interest
&cbSid, // size of SID
ReferencedDomain, // domain account was found on
&cchReferencedDomain,
&peUse
))
{
if (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
{
//
// reallocate memory
//
*Sid = (PSID)HeapReAlloc(
GetProcessHeap(),
0,
*Sid,
cbSid
);
if(*Sid == NULL) __leave;
ReferencedDomain = (LPTSTR)HeapReAlloc(
GetProcessHeap(),
0,
ReferencedDomain,
cchReferencedDomain * sizeof(TCHAR)
);
if(ReferencedDomain == NULL) __leave;
}
else __leave;
}
//
// Indicate success.
//
bSuccess = TRUE;
} // try
__finally {
//
// Cleanup and indicate failure, if appropriate.
//
HeapFree(GetProcessHeap(), 0, ReferencedDomain);
if(!bSuccess) {
if(*Sid != NULL) {
HeapFree(GetProcessHeap(), 0, *Sid);
*Sid = NULL;
}
}
} // finally
return bSuccess;
}
NTSTATUS
SetPrivilegeOnAccount(
LSA_HANDLE PolicyHandle, // open policy handle
PSID AccountSid, // SID to grant privilege to
LPWSTR PrivilegeName, // privilege to grant (Unicode)
BOOL bEnable // enable or disable
)
{
LSA_UNICODE_STRING PrivilegeString;
//
// Create a LSA_UNICODE_STRING for the privilege name.
//
InitLsaString(&PrivilegeString, PrivilegeName);
//
// grant or revoke the privilege, accordingly
//
if(bEnable) {
return LsaAddAccountRights(
PolicyHandle, // open policy handle
AccountSid, // target SID
&PrivilegeString, // privileges
1 // privilege count
);
}
else {
return LsaRemoveAccountRights(
PolicyHandle, // open policy handle
AccountSid, // target SID
FALSE, // do not disable all rights
&PrivilegeString, // privileges
1 // privilege count
);
}
}
void
InitLsaString(
PLSA_UNICODE_STRING LsaString,
LPWSTR String
)
{
DWORD StringLength;
if(String == NULL) {
LsaString->Buffer = NULL;
LsaString->Length = 0;
LsaString->MaximumLength = 0;
return;
}
StringLength = lstrlenW(String);
LsaString->Buffer = String;
LsaString->Length = (USHORT) StringLength * sizeof(WCHAR);
LsaString->MaximumLength=(USHORT)(StringLength+1) * sizeof(WCHAR);
}
NTSTATUS
OpenPolicy(
LPWSTR ServerName,
DWORD DesiredAccess,
PLSA_HANDLE PolicyHandle
)
{
LSA_OBJECT_ATTRIBUTES ObjectAttributes;
LSA_UNICODE_STRING ServerString;
PLSA_UNICODE_STRING Server;
//
// Always initialize the object attributes to all zeroes.
//
ZeroMemory(&ObjectAttributes, sizeof(ObjectAttributes));
if (ServerName != NULL) {
//
// Make a LSA_UNICODE_STRING out of the LPWSTR passed in
//
InitLsaString(&ServerString, ServerName);
Server = &ServerString;
} else {
Server = NULL;
}
//
// Attempt to open the policy.
//
return LsaOpenPolicy(
Server,
&ObjectAttributes,
DesiredAccess,
PolicyHandle
);
}
void
DisplayNtStatus(
LPSTR szAPI,
NTSTATUS Status
)
{
//
// Convert the NTSTATUS to Winerror. Then call DisplayWinError().
//
DisplayWinError(szAPI, LsaNtStatusToWinError(Status));
}
void
DisplayWinError(
LPSTR szAPI,
DWORD WinError
)
{
LPSTR MessageBuffer;
DWORD dwBufferLength;
if(dwBufferLength=FormatMessageA(
FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_FROM_SYSTEM,
NULL,
WinError,
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPSTR) &MessageBuffer,
0,
NULL
))
{
char szCaption[256];
sprintf(szCaption,"GrantLoginPrivilege:%s", szAPI);
::MessageBox(NULL, MessageBuffer, szCaption, MB_OK|MB_ICONSTOP);
//
// Free the buffer allocated by the system.
//
LocalFree(MessageBuffer);
}
}
Cockpit 188 发布了。Cockpit 是一个交互式服务器管理界面,它易于使用且非常轻便,通过浏览器中的真实 Linux 会话直接与操作系统进行交互。
新版更新说明:
Machines: 显示存储卷(Storage Volume)用户
Machines: 自动开始配置
Terminal: 主题及上下文菜单
Storage: 相应会话
Software Updates: 显示三个最近的升级
下载地址:
Win7系统交互式服务检测关闭方法
1、首先我们在桌面的左下角的“开始菜单”按钮,在点击“控制面板”选项,查看方式修改为大图标。如下图所示:
2、再打开“管理工具”,再双击“服务”。如下图所示:
3、找到名称为“Interactive Services Detection”的服务,双击打开。如下图所示:
4、进入“常规”选项卡界面,单击启动类型的三角箭头按钮,打开的下拉菜单选择“禁用”。如下图所示:
5、点击“确定”按钮让设置生效并关闭服务对话框。如下图所示:
以上就是装机之家分享的Win7系统交互式服务检测怎么关闭方法,关闭Win7系统交互式服务检测的方法十分简单,我们只需要禁用interactive services detection服务,最后将电脑重新启动即可。