一般在windows编程都是用用从ntdll导出的Native API,现在看到一点COM编程或者其他的一些不常用的接口函数总觉得蛮有意思,准备以后多积累一下。
先简单总结WTSAPI32。以下实在Win7x64下的WTSAPI32中得到的导出函数。
WTSCloseServer 0x3fd03292 0x00003292 1 (0x1) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSConnectSessionA 0x3fd02f38 0x00002f38 2 (0x2) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSConnectSessionW 0x3fd02fc1 0x00002fc1 3 (0x3) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSCreateListenerA 0x3fd07c11 0x00007c11 4 (0x4) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSCreateListenerW 0x3fd07595 0x00007595 5 (0x5) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSDisconnectSession 0x3fd02992 0x00002992 6 (0x6) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateListenersA 0x3fd071ea 0x000071ea 7 (0x7) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateListenersW 0x3fd070d4 0x000070d4 8 (0x8) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateProcessesA 0x3fd0542d 0x0000542d 9 (0x9) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateProcessesExA 0x3fd057e2 0x000057e2 10 (0xa) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateProcessesExW 0x3fd05138 0x00005138 11 (0xb) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateProcessesW 0x3fd04e45 0x00004e45 12 (0xc) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateServersA 0x3fd03577 0x00003577 13 (0xd) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateServersW 0x3fd03461 0x00003461 14 (0xe) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateSessionsA 0x3fd04023 0x00004023 15 (0xf) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateSessionsExA 0x3fd04485 0x00004485 16 (0x10) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateSessionsExW 0x3fd04359 0x00004359 17 (0x11) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSEnumerateSessionsW 0x3fd01d49 0x00001d49 18 (0x12) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSFreeMemory 0x3fd01b65 0x00001b65 19 (0x13) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSFreeMemoryExA 0x3fd03179 0x00003179 20 (0x14) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSFreeMemoryExW 0x3fd030cd 0x000030cd 21 (0x15) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSGetListenerSecurityA 0x3fd0706d 0x0000706d 22 (0x16) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSGetListenerSecurityW 0x3fd06ec1 0x00006ec1 23 (0x17) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSLogoffSession 0x3fd03d77 0x00003d77 24 (0x18) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSOpenServerA 0x3fd03262 0x00003262 25 (0x19) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSOpenServerExA 0x3fd03282 0x00003282 26 (0x1a) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSOpenServerExW 0x3fd03272 0x00003272 27 (0x1b) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSOpenServerW 0x3fd03252 0x00003252 28 (0x1c) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSQueryListenerConfigA 0x3fd074ec 0x000074ec 29 (0x1d) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSQueryListenerConfigW 0x3fd072cc 0x000072cc 30 (0x1e) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSQuerySessionInformationA 0x3fd04cdd 0x00004cdd 31 (0x1f) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSQuerySessionInformationW 0x3fd0253d 0x0000253d 32 (0x20) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSQueryUserConfigA 0x3fd0695c 0x0000695c 33 (0x21) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSQueryUserConfigW 0x3fd0662a 0x0000662a 34 (0x22) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSQueryUserToken 0x3fd01f81 0x00001f81 35 (0x23) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSRegisterSessionNotification 0x3fd01cbc 0x00001cbc 36 (0x24) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSRegisterSessionNotificationEx 0x3fd03e0a 0x00003e0a 37 (0x25) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSSendMessageA 0x3fd03d1f 0x00003d1f 38 (0x26) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSSendMessageW 0x3fd03cc7 0x00003cc7 39 (0x27) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSSetListenerSecurityA 0x3fd06e60 0x00006e60 40 (0x28) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSSetListenerSecurityW 0x3fd06d36 0x00006d36 41 (0x29) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSSetSessionInformationA 0x3fd03cbc 0x00003cbc 42 (0x2a) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSSetSessionInformationW 0x3fd03cbc 0x00003cbc 43 (0x2b) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSSetUserConfigA 0x3fd06383 0x00006383 44 (0x2c) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSSetUserConfigW 0x3fd06008 0x00006008 45 (0x2d) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSShutdownSystem 0x3fd031eb 0x000031eb 46 (0x2e) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSStartRemoteControlSessionA 0x3fd02ec2 0x00002ec2 47 (0x2f) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSStartRemoteControlSessionW 0x3fd02e9e 0x00002e9e 48 (0x30) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSStopRemoteControlSession 0x3fd02e81 0x00002e81 49 (0x31) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSTerminateProcess 0x3fd05119 0x00005119 50 (0x32) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSUnRegisterSessionNotification 0x3fd028c8 0x000028c8 51 (0x33) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSUnRegisterSessionNotificationEx 0x3fd03e6b 0x00003e6b 52 (0x34) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSVirtualChannelClose 0x3fd058cb 0x000058cb 53 (0x35) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSVirtualChannelOpen 0x3fd05c1b 0x00005c1b 54 (0x36) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSVirtualChannelOpenEx 0x3fd05c39 0x00005c39 55 (0x37) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSVirtualChannelPurgeInput 0x3fd05ad9 0x00005ad9 56 (0x38) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSVirtualChannelPurgeOutput 0x3fd05afb 0x00005afb 57 (0x39) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSVirtualChannelQuery 0x3fd05b1d 0x00005b1d 58 (0x3a) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSVirtualChannelRead 0x3fd05997 0x00005997 59 (0x3b) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSVirtualChannelWrite 0x3fd05920 0x00005920 60 (0x3c) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数 WTSWaitSystemEvent 0x3fd02fe5 0x00002fe5 61 (0x3d) wtsapi32.dll C:\Windows\SysWOW64\wtsapi32.dll 导出函数
根据函数名称大概也可以看出函数的功能,常用函数的实现,都能查得到。
这里用WTSEnumerateProcessesA做个demo。
进程枚举
1 #include "stdafx.h" 2 #include "stdafx.h" 3 #include "stdio.h" 4 #include "windows.h" 5 typedef struct _WTS_PROCESS_INFO { 6 DWORD SessionId; 7 DWORD ProcessId; 8 LPTSTR pProcessName; 9 PSID pUserSid; 10 } WTS_PROCESS_INFO, *PWTS_PROCESS_INFO; 11 12 typedef HANDLE(WINAPI* WTSOPENSERVER)(LPTSTR pServerName); 13 typedef BOOL(WINAPI* WTSENUMERATEPROCESSES)(HANDLE hServer, DWORD Reserved, DWORD Version, \ 14 PWTS_PROCESS_INFO* ppProcessInfo, DWORD* pCount); 15 16 void main() 17 { 18 HMODULE hWtsApi32 = LoadLibrary(_T("WTSAPI32.DLL")); 19 WTSOPENSERVER pWtsOpenServer = (WTSOPENSERVER)GetProcAddress(hWtsApi32, "WTSOpenServerA"); 20 WTSENUMERATEPROCESSES wtsEnumProc = (WTSENUMERATEPROCESSES)GetProcAddress(hWtsApi32, "WTSEnumerateProcessesA"); 21 WCHAR *szServerName = _T(""); 22 HANDLE hServer = pWtsOpenServer((LPTSTR)szServerName); 23 PWTS_PROCESS_INFO pProcInfo; 24 DWORD dwCount = 0; 25 if (!wtsEnumProc(hServer, 0, 1, &pProcInfo, &dwCount)) 26 return; 27 for (DWORD i = 0; i < dwCount; i++) 28 { 29 wprintf(_T("ProcID=0x%XH ProName=%S\r\n"), pProcInfo[i].ProcessId, pProcInfo[i].pProcessName); 30 } 31 }
WTSRegisterSessionNotification进行注册以接收WM_WTSSESSION_CHANGE 消息,这个函数只是看到了,自己暂时还没有用到的时候。先把资料放着吧。
https://support.microsoft.com/en-us/help/310153/how-to-write-an-application-that-supports-fast-user-switching-in-windows-xp
