防火墙例外项中(windos防火墙信任项)"/>
添加程序到防火墙例外项中(windos防火墙信任项)
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Text;
using System.Windows.Forms;namespace Sci
{public class FireWall{// 示例: FireWall_Allow();#region 添加程序到防火墙例外项中/// <summary>/// 将当前应用程序添加到防火墙的例外项中/// </summary>public static void FireWall_Allow(){string exePath = Application.ExecutablePath;string ruleName = Path.GetFileNameWithoutExtension(exePath);FireWall_Allow(ruleName, exePath);}/// <summary>/// 将指定的应用程序添加到防火墙的例外项中/// </summary>/// <param name="ruleName"></param>/// <param name="exePath"></param>public static void FireWall_Allow(string ruleName, string exePath){string bat = CreatBat(ruleName, exePath);if (bat.Equals("Exist")) return;// 从Process执行Process process = new Process();process.StartInfo.Verb = "runas"; // 以管理员身份执行process.StartInfo.FileName = bat;process.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;process.StartInfo.UseShellExecute = true;process.Start();process.WaitForExit();//File.Delete(bat);File.WriteAllText(bat, ""); // 清空文件内容}//防火墙规则,添加与删除//netsh advfirewall firewall add rule name = "QQ" dir=in program="C:\Program Files (x86)\QQ.exe" security=authnoencap action = allow//netsh advfirewall firewall delete rule name = "QQ"/// <summary>/// 创建cmd命令,添加一个应用程序到防火墙例外项中/// </summary>/// <param name="ruleName"></param>/// <param name="exePath"></param>/// <returns></returns>private static string CreatBat(string ruleName, string exePath){string batName = AppDir() + $"rule-{ruleName}-{exePath.GetHashCode()}.bat";if (File.Exists(batName)) return "Exist"; // 若已添加过,则不再执行File.WriteAllText(batName, $"netsh advfirewall firewall add rule name=\"{ruleName}\" dir=in program=\"{exePath}\" security=authnoencap action=allow", Encoding.Default);return batName;}/// <summary>/// 公用数据目录/// </summary>private static string AppDir(){string dir = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData);if (!dir.EndsWith("\\")) dir += "\\";dir += "firewall_allow\\";if (!Directory.Exists(dir)) Directory.CreateDirectory(dir);return dir;}#endregion#region 相关测试逻辑//防火墙规则,添加与删除//netsh advfirewall firewall add rule name = "QQ程序" dir=in program="C:\Program Files (x86)\T\QQ.exe" security=authnoencap action = allow//netsh advfirewall firewall delete rule name = "QQ程序"private static string Bat(){string batName = "rule1.bat";File.WriteAllText(batName, $"netsh advfirewall firewall add rule name=\"QQ程序\" dir=in program=\"D:\\sc\\git\\T\\QQ.exe\" security=authnoencap action=allow", Encoding.Default);return batName;}private static void test(){// 1、从PDiagnostics.Process执行//System.Diagnostics.ProcessStartInfo startInfo = new System.Diagnostics.ProcessStartInfo();//startInfo.FileName = Bat();//startInfo.UseShellExecute = true;//startInfo.Verb = "runas"; //设置启动动作,确保以管理员身份运行//System.Diagnostics.Process.Start(startInfo);//File.Delete(startInfo.FileName);// 2、从Process执行//Process process = new Process();//process.StartInfo.Verb = "runas";//process.StartInfo.FileName = Bat();//process.StartInfo.UseShellExecute = true;//process.Start();//File.Delete(process.StartInfo.FileName);// 3、调用cmd.exe执行ProcessStartInfo startInfo = new ProcessStartInfo();startInfo.UseShellExecute = true;startInfo.FileName = "cmd.exe";startInfo.Arguments = "/c " + $"netsh advfirewall firewall add rule name=\"QQ程序\" dir=in program=\"D:\\sc\\git\\T\\QQ.exe\" security=authnoencap action=allow";//startInfo.RedirectStandardInput = true;//startInfo.RedirectStandardOutput = true;//startInfo.RedirectStandardError = true;startInfo.Verb = "RunAs";Process process = new Process();process.StartInfo = startInfo;process.Start();//process.StandardInput.WriteLine("bcdedit");//process.StandardInput.WriteLine("exit");//string strRst = process.StandardOutput.ReadToEnd();//process.WaitForExit();}#endregion#region 其它(C++无用)如何以TrustedInstaller用户权限修改注册表通过代码将当前权限提升到TrustedInstaller很麻烦,但是可以通过获取备份还原权限来绕过DACL的监测机制。//#pragma comment(lib,"advapi32")//# include <stdio.h>//# include <string.h>//# include <windows.h>//bool EnablePriviledge(LPCTSTR lpSystemName)//{// HANDLE hToken;// TOKEN_PRIVILEGES tkp = { 1 };// if (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))// {// if (LookupPrivilegeValue(NULL, lpSystemName, &tkp.Privileges[0].Luid))// {// tkp.PrivilegeCount = 1;// tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;// AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES)NULL, 0);// if (GetLastError() != ERROR_SUCCESS)// {// CloseHandle(hToken);// return false;// }// }// CloseHandle(hToken);// }// return true;//}//int main()//{// bool bRet;// LONG lResult;// bRet = EnablePriviledge(SE_BACKUP_NAME);//这个函数是重点,让当前进程具备备份/还原的特权。// if (bRet)// {// bRet = EnablePriviledge(SE_RESTORE_NAME);// if (bRet)// {// HKEY hResult = NULL;// DWORD dwDisposition;// lResult = RegCreateKeyExW(HKEY_LOCAL_MACHINE,// L"SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\shell\\NoAddOns",// 0,// NULL,// REG_OPTION_BACKUP_RESTORE,//这个是重点,传入这个参数可以直接忽视KEY_ALL_ACCESS这个参数的作用,直接以备份/还原的特权去操作注册表// KEY_ALL_ACCESS,// NULL,// &hResult,// &dwDisposition);// if (lResult != ERROR_SUCCESS)// {// return 3;// }// wchar_t cValue[256] = L"";// lResult = RegSetValueExW(hResult, L"LegacyDisable", NULL, REG_SZ, (LPBYTE)cValue, (wcslen(cValue) + 1) * sizeof(wchar_t));// if (lResult != ERROR_SUCCESS)// {// return 4;// }// RegCloseKey(hResult);// printf("OK.\n");// return 0;// }// else return 2;// }// else return 1;//}#endregion}
}
更多推荐
添加程序到防火墙例外项中(windos防火墙信任项)
发布评论