syste,权限下模拟ctrl+alt+del

TWmsgSendMessage = function (theSession : dword; theMagic : dword; thePid : dword; theRet : LPARAM):dword;stdcall;
TIsWow64Process = function(hProcess : Thandle; var Wow64Process : Bool):Bool;stdcall;
TWTSGetActiveConsoleSessionId = function:dword; stdcall;

procedure issueCAD(requestedSession : integer=-1);
const
cadMagicNumber : dword = $0208;
var
thehToken : THANDLE;
lPar : LPARAM;
begin
@WTSGetActiveConsoleSessionId := GetProcAddress(GetModuleHandle(‘kernel32.dll’), ‘WTSGetActiveConsoleSessionId’);
if @WTSGetActiveConsoleSessionId = nil
then exit;
RegistryFirstPass := true;
lastSASRegValue := dword(-1);
thehToken := 0;
if not loadLibs() then
exit;
try
if (requestedSession = -1) then
requestedSession := WTSGetActiveConsoleSessionId();
if not setSASRegistry(1) then
exit;
if not enableTcbPrivileges(thehToken) then
exit;
lPar := 0;
if (WmsgSendMessage(requestedSession,cadMagicNumber,GetCurrentProcessId(),LPARAM(@lPar))<>NO_ERROR) then
exit;
finally
RevertToSelf();
freeLibs();
if (thehToken<>0) then
CloseHandle(thehToken);
setSASRegistry(1);
end;
end;