+- Parsi Coders (http://parsicoders.com)
+-- انجمن: Security and influence (http://parsicoders.com/forumdisplay.php?fid=59)
+--- انجمن: Influence (http://parsicoders.com/forumdisplay.php?fid=61)
+---- انجمن: Malicious code (http://parsicoders.com/forumdisplay.php?fid=62)
+---- موضوع: Windows XP Task Manager Disabler/Enabler (/showthread.php?tid=1037)
Windows XP Task Manager Disabler/Enabler - Amin_Mansouri - 10-14-2011
با سورس زیر میتونید task manager رو غیر فعال کنید.
کد:
Option Explicit
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Copyright آ©2002-2005 Sanchit Karve, All Rights Reserved.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' This code explains how to disable and enable the Task
' Manager in Windows XP.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' For any queries,suggestions and bug reports feel free
' to contact me at born2c0de@hotmail.com
'***********************************************************************
' CONSTANTS
'***********************************************************************
Private Const KEY_ALL_ACCESS = &H2003F
Private Const HKEY_CURRENT_USER = -2147483647
Private Const ENABLE_TASKMGR = 0
Private Const DISABLE_TASKMGR = 1
'***********************************************************************
' Windows API Declarations for Registry Functions
'***********************************************************************
Private Declare Function RegOpenKeyEx Lib "advapi32" Alias "RegOpenKeyExA" ( _
ByVal hKey As Long, ByVal lpSubKey As String, ByVal ulOptions As Long, _
ByVal samDesired As Long, ByRef phkResult As Long) As Long
Private Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" ( _
ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, _
ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
Private Declare Function RegCloseKey Lib "advapi32" (ByVal hKey As Long) As Long
' SETS THE VALUE IN THE REGISTRY
Private Sub SetKeyDataValue(KeyValueData As Integer)
Dim OpenKey As Long, SetValue As Long, hKey As Long
OpenKey = RegOpenKeyEx(HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\Policies\System", 0, KEY_ALL_ACCESS, hKey)
SetValue = RegSetValueEx(hKey, "DisableTaskMgr", 0&, 4, CLng(KeyValueData), 4)
SetValue = RegCloseKey(hKey)
End Sub
Private Sub cmddisable_Click()
Dim retval As Byte
Call SetKeyDataValue(DISABLE_TASKMGR)
retval = MsgBox("Task Manager is now Disabled.", vbInformation, "TASK MANAGER DISABLED !!! -Sanchit Karve")
End Sub
Private Sub cmdenable_Click()
Dim retval As Byte
Call SetKeyDataValue(ENABLE_TASKMGR)
retval = MsgBox("Task Manager is now Enabled.", vbInformation, "TASK MANAGER ENABLED !!! -Sanchit Karve")
End SubRE: Windows XP Task Manager Disabler/Enabler - Amin_Mansouri - 10-14-2011
اینم یه سورس دیگه برای غیر فعال کردن و فعال کردن task manager
Enable/Disable Task Manager using VBScript
کد:
Set shell = CreateObject("Wscript.shell")
X=Inputbox("Enter choice, 1 to disable, 0 to enable")
If X=1 Then
Shell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr", 1, "REG_DWORD"
Else
Shell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr", 0, "REG_DWORD"
End IfRE: Windows XP Task Manager Disabler/Enabler - Amin_Mansouri - 10-15-2011
کد:
Option Explicit
'---------------------------------------------------------------------------------------
' Module : mKillTaskMgr
' Author : Karcrack
' Now$ : 07/09/09 16:03
' Used for? : Disable TaskMgr
' Tested On : Windows XP, Windows Vista, Windows 7
' Thanks : SkyWeb -> Support and Test (W$ Seven & Vista)
'---------------------------------------------------------------------------------------
'KERNEL32
Private Declare Function CreateMutexW Lib "KERNEL32" (ByRef lpMutexAttributes As Long, ByVal bInitialOwner As Long, ByVal lpuName As Long) As Long
Private Declare Function FreeLibrary Lib "KERNEL32" (ByVal hLibModule As Long) As Long
Private Declare Function LoadLibrary Lib "KERNEL32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long
'USER32
Private Declare Function SetWindowLong Lib "USER32" Alias "SetWindowLongA" (ByVal Hwnd As Long, ByVal nIndex As Long, ByVal dwNewLong As Long) As Long
Private Declare Function CreateWindowEx Lib "USER32" Alias "CreateWindowExA" (ByVal dwExStyle As Long, ByVal lpClassName As String, ByVal lpWindowName As String, ByVal dwStyle As Long, ByVal x As Long, ByVal y As Long, ByVal nWidth As Long, ByVal nHeight As Long, ByVal hWndParent As Long, ByVal hMenu As Long, ByVal hInstance As Long, ByRef lpParam As Any) As Long
Private Declare Function LoadString Lib "USER32" Alias "LoadStringA" (ByVal hInstance As Long, ByVal wID As Long, ByVal lpBuffer As String, ByVal nBufferMax As Long) As Long
Private Declare Function CallWindowProc Lib "USER32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal Hwnd As Long, ByVal msg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
Private lpPrev As Long
Public Sub DisableTaskMgr()
Call CreateMutexW(ByVal 0&, False, StrPtr("NTShell Taskman Startup Mutex")) 'Windows XP
Call CreateMutexW(ByVal 0&, False, StrPtr("Local\TASKMGR.879e4d63-6c0e-4544-97f2-1244bd3f6de0")) 'Windows 7
Call CreateMutexW(ByVal 0&, False, StrPtr("Local\NTShell Taskman Startup Mutex")) 'Windows Vista
lpPrev = SetWindowLong(CreateWindowEx(&H40000, "#32770", GetTaskWinName, ByVal 0&, 0, 0, 0, 0, 0, 0, App.hInstance, ByVal 0&), (-4), AddressOf WndProc)
End Sub
Private Function GetTaskWinName() As String
Dim hInst As Long
Dim sTMP As String * 256
hInst = LoadLibrary(Environ$("SYSTEMROOT") & "\SYSTEM32\TaskMgr.exe")
If hInst Then
GetTaskWinName = Left$(sTMP, LoadString(hInst, &H2713, sTMP, Len(sTMP)))
Call FreeLibrary(hInst)
End If
End Function
Private Function WndProc(ByVal Hwnd As Long, ByVal uMsg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
If uMsg = &H40B Then
WndProc = &H40B
Else
WndProc = CallWindowProc(lpPrev, Hwnd, uMsg, wParam, lParam)
End If
End FunctionRE: Windows XP Task Manager Disabler/Enabler - Amin_Mansouri - 10-17-2011
Enable/Disable Task Manager with WriteProcessMemory
کد:
Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal lFlags As Long, lProcessID As Long) As Long
Const TH32CS_SNAPPROCESS As Long = &H2
Const PROCESS_ALL_ACCESS = &H1F0FFF
Private Declare Function Process32First Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Type PROCESSENTRY32
dwSize As Long
cntUseage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
swFlags As Long
szExeFile As String * 1024
End Type
Public Function DisableTaskManager(Disable As Boolean) As Boolean
Dim hSnapShot As Long, hAddress As Long, hProcess As Long, hWrite As Long
Dim pe32 As PROCESSENTRY32
hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0) 'create snapshot of process
pe32.dwSize = Len(pe32) 'get size of processentry32
Process32First hSnapShot, pe32 'get info about first process
Do While Process32Next(hSnapShot, pe32) <> 0 'loop through next processes until process found
If InStr(1, LCase(pe32.szExeFile), LCase("TASKMGR.EXE")) > 0 Then 'process found
hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, pe32.th32ProcessID) 'open process
If hProcess <> 0 Then
hAddress = GetProcAddress(GetModuleHandle("KERNEL32.DLL"), "TerminateProcess") 'get base address
If hAddress <> 0 Then
If Disable = True Then
hWrite = WriteProcessMemory(hProcess, ByVal hAddress, 195, 1, 0) 'disable
Else
hWrite = WriteProcessMemory(hProcess, ByVal hAddress, 0, 1, 0) 'enable
End If
If hWrite <> 0 Then
DisableTaskManager = True
End If
Call CloseHandle(hWrite)
End If
Call CloseHandle(hAddress) 'close base address
End If
Call CloseHandle(hProcess) 'close process
End If
Loop
Call CloseHandle(hSnapShot) 'close snapshot
End Function
Sub Main()
If DisableTaskManager(True) = True Then
MsgBox "Enabled/disabled Task Manager"
Else
MsgBox "Could Not enable/disable Task Manager"
End If
End Sub