/// <summary> /// Get A List of Privilages Assigned To The Specified Process /// </summary> /// <param name="processTokenHandle">Process Handle</param> /// <returns>List of Assigned Privileges</returns> public static Win32API.LUID_AND_ATTRIBUTES[] GetPrivileges(IntPtr processTokenHandle) { //generic try-catch to make sure we gracefully handle any errors! try { // hold the length of TOKEN_PRIVILEGES Struct that is returned on the first call Int32 _TokenInformationLength = 0; //_TokenInformationLength variable in the first instance is not required, its the "out" version of this variable we need Win32API.GetTokenInformation(processTokenHandle, Win32API.TOKEN_INFORMATION_CLASS.TokenPrivileges, IntPtr.Zero, _TokenInformationLength, out _TokenInformationLength); //Allocate a block of memory to hold the required info IntPtr _TokenInformation = Marshal.AllocHGlobal(_TokenInformationLength); //now we have an allocated block of memory to handle the privilage structre lets grab the list of privilages if (Win32API.GetTokenInformation(processTokenHandle, Win32API.TOKEN_INFORMATION_CLASS.TokenPrivileges, _TokenInformation, _TokenInformationLength, out _TokenInformationLength) == false) { Console.WriteLine("## ERROR ## - Problem Executing GetTokenInformation on ProcessHandle '{1}'!\nWin32 Error: '{0}'", Marshal.GetLastWin32Error(), processTokenHandle); }//end of if (Win32API.GetTokenInformation Int32 _PrivilegeCount = Marshal.ReadInt32(_TokenInformation); //do we have some privileges to cycle through? if (_PrivilegeCount <= 0) { Console.WriteLine("## ERROR ## - Privilege Count Aprears To Be Invalid on Process Handle '{0}', Count '{1}'", processTokenHandle, _PrivilegeCount); Marshal.FreeHGlobal(_TokenInformation); //clean up return(new Win32API.LUID_AND_ATTRIBUTES[0]); }//end of if (_PrivilegeCount <= 0) Win32API.LUID_AND_ATTRIBUTES[] _TokenPrivileges = new Win32API.LUID_AND_ATTRIBUTES[_PrivilegeCount]; //pointer to hold the location within memory, take the last pointer plus the size of the last read structure IntPtr _ReadPointer = new IntPtr(_TokenInformation.ToInt32() + sizeof(int)); //cycle through the structure memory and fish out all of the pointer info for (Int32 i = 1; i < _PrivilegeCount; i++) { //Load the record Win32API.LUID_AND_ATTRIBUTES _TempTokenPrivs = (Win32API.LUID_AND_ATTRIBUTES)Marshal.PtrToStructure(_ReadPointer, typeof(Win32API.LUID_AND_ATTRIBUTES)); _ReadPointer = new IntPtr(_ReadPointer.ToInt32() + Marshal.SizeOf(_TempTokenPrivs)); _TokenPrivileges[i] = _TempTokenPrivs; }//end of for loop Marshal.FreeHGlobal(_TokenInformation); //clean up //return our list of privilages return(_TokenPrivileges); } catch (Exception) { Console.WriteLine("## ERROR ## - Problem Listing System Privileges!\nWin32 Error: '{0}'", Marshal.GetLastWin32Error()); }//end of try-catch //default catch all, we should not get to this point if everything worked! return(new Win32API.LUID_AND_ATTRIBUTES[0]); }//end of public static Boolean ListPrivilages(IntPtr processHandle)
/// <summary> /// Get A List of Privilages Assigned To The Specified Process /// </summary> /// <param name="processTokenHandle">Process Handle</param> /// <returns>List of Assigned Privileges</returns> public static Win32API.LUID_AND_ATTRIBUTES[] GetPrivileges(IntPtr processTokenHandle) { //generic try-catch to make sure we gracefully handle any errors! try { // hold the length of TOKEN_PRIVILEGES Struct that is returned on the first call Int32 _TokenInformationLength = 0; //_TokenInformationLength variable in the first instance is not required, its the "out" version of this variable we need Win32API.GetTokenInformation(processTokenHandle, Win32API.TOKEN_INFORMATION_CLASS.TokenPrivileges, IntPtr.Zero, _TokenInformationLength, out _TokenInformationLength); //Allocate a block of memory to hold the required info IntPtr _TokenInformation = Marshal.AllocHGlobal(_TokenInformationLength); //now we have an allocated block of memory to handle the privilage structre lets grab the list of privilages if (Win32API.GetTokenInformation(processTokenHandle, Win32API.TOKEN_INFORMATION_CLASS.TokenPrivileges, _TokenInformation, _TokenInformationLength, out _TokenInformationLength) == false) { Console.WriteLine("## ERROR ## - Problem Executing GetTokenInformation on ProcessHandle '{1}'!\nWin32 Error: '{0}'", Marshal.GetLastWin32Error(), processTokenHandle); }//end of if (Win32API.GetTokenInformation Int32 _PrivilegeCount = Marshal.ReadInt32(_TokenInformation); //do we have some privileges to cycle through? if (_PrivilegeCount <= 0) { Console.WriteLine("## ERROR ## - Privilege Count Aprears To Be Invalid on Process Handle '{0}', Count '{1}'", processTokenHandle, _PrivilegeCount); Marshal.FreeHGlobal(_TokenInformation); //clean up return new Win32API.LUID_AND_ATTRIBUTES[0]; }//end of if (_PrivilegeCount <= 0) Win32API.LUID_AND_ATTRIBUTES[] _TokenPrivileges = new Win32API.LUID_AND_ATTRIBUTES[_PrivilegeCount]; //pointer to hold the location within memory, take the last pointer plus the size of the last read structure IntPtr _ReadPointer = new IntPtr(_TokenInformation.ToInt32() + sizeof(int)); //cycle through the structure memory and fish out all of the pointer info for (Int32 i = 1; i < _PrivilegeCount; i++) { //Load the record Win32API.LUID_AND_ATTRIBUTES _TempTokenPrivs = (Win32API.LUID_AND_ATTRIBUTES)Marshal.PtrToStructure(_ReadPointer, typeof(Win32API.LUID_AND_ATTRIBUTES)); _ReadPointer = new IntPtr(_ReadPointer.ToInt32() + Marshal.SizeOf(_TempTokenPrivs)); _TokenPrivileges[i] = _TempTokenPrivs; }//end of for loop Marshal.FreeHGlobal(_TokenInformation); //clean up //return our list of privilages return _TokenPrivileges; } catch (Exception) { Console.WriteLine("## ERROR ## - Problem Listing System Privileges!\nWin32 Error: '{0}'", Marshal.GetLastWin32Error()); }//end of try-catch //default catch all, we should not get to this point if everything worked! return new Win32API.LUID_AND_ATTRIBUTES[0]; }