private static extern bool DuplicateTokenEx(
Kernel32.SafeObjectHandle hExistingToken,
Kernel32.ACCESS_MASK dwDesiredAccess,
ref Kernel32.SECURITY_ATTRIBUTES lpTokenAttributes,
Kernel32.SECURITY_IMPERSONATION_LEVEL impersonationLevel,
TOKEN_TYPE tokenType,
out Kernel32.SafeObjectHandle phNewToken);
public unsafe void NtQueryInformationProcess_Test()
{
var desiredAccess = new Kernel32.ACCESS_MASK(Kernel32.ProcessAccess.PROCESS_QUERY_LIMITED_INFORMATION);
using (var process = Kernel32.OpenProcess(desiredAccess, false, Process.GetCurrentProcess().Id))
{
PROCESS_BASIC_INFORMATION pbi = default;
var result = NtQueryInformationProcess(
process,
PROCESSINFOCLASS.ProcessBasicInformation,
&pbi,
sizeof(PROCESS_BASIC_INFORMATION),
out int _);
Assert.Equal(NTSTATUS.Code.STATUS_SUCCESS, result.Value);
}
}
public Builder DesiredAccess(int accessType)
{
desiredAccess = accessType;
return(this);
}
private static extern bool OpenProcessToken(
IntPtr processHandle,
Kernel32.ACCESS_MASK desiredAccess,
out Kernel32.SafeObjectHandle tokenHandle);