public unsafe byte[] ToTOKEN_PRIVILEGES()
{
if (Count == 0)
{
return(null);
}
int bufferSize =
(Marshal.SizeOf(typeof(TOKEN_PRIVILEGES))) +
(Marshal.SizeOf(typeof(LUID_AND_ATTRIBUTES)) * (Count - 1));
byte[] buffer = new byte[bufferSize];
fixed(void *ptr = buffer)
{
TOKEN_PRIVILEGES * tp = (TOKEN_PRIVILEGES *)(ptr);
LUID_AND_ATTRIBUTES *la = &tp->Privileges;
tp->PrivilegeCount = Count;
for (int i = 0; i < Count; i++)
{
*la++ = this[i].Value;
}
}
return(buffer);
}
public unsafe TokenPrivilegeCollection(WindowsIdentity identity)
{
int bufferSize = 1024;
byte[] buffer = new byte[bufferSize];
using (SafeTokenHandle tokenHandle = new SafeTokenHandle(identity.Token, false))
{
if (!TryGetTokenPrivileges(tokenHandle, buffer, out bufferSize))
{
buffer = new byte[bufferSize];
if (!TryGetTokenPrivileges(tokenHandle, buffer, out bufferSize))
{
throw PscxException.LastWin32Exception();
}
}
}
fixed(void *ptr = buffer)
{
TOKEN_PRIVILEGES * tp = (TOKEN_PRIVILEGES *)(ptr);
LUID_AND_ATTRIBUTES *la = &tp->Privileges;
int remaining = tp->PrivilegeCount;
while (remaining-- > 0)
{
Add(new TokenPrivilege(*la++));
}
}
}
public unsafe static LUID_AND_ATTRIBUTES[] MarshalFromIntPtr(IntPtr pNativeData)
{
if (pNativeData == IntPtr.Zero)
{
return(null);
}
int count = Marshal.ReadInt32(pNativeData);
LUID_AND_ATTRIBUTES[] ary = new LUID_AND_ATTRIBUTES[count];
IntPtr pArrayData = new IntPtr(pNativeData.ToInt64() + 4);
LUID_AND_ATTRIBUTES *src = (LUID_AND_ATTRIBUTES *)pArrayData.ToPointer();
fixed(LUID_AND_ATTRIBUTES *dst_base = ary)
{
LUID_AND_ATTRIBUTES *dst = dst_base;
for (int i = 0; i < count; i++)
{
*dst = *src;
dst++;
src++;
}
}
return(ary);
}
public unsafe static IntPtr MarshalManagedToNative(LUID_AND_ATTRIBUTES[] attributes)
{
if (attributes == null)
{
return(IntPtr.Zero);
}
int total_size = 4 + attributes.Length * Marshal.SizeOf(typeof(LUID_AND_ATTRIBUTES));
IntPtr pNativeData = Marshal.AllocHGlobal(total_size);
Marshal.WriteInt32(pNativeData, attributes.Length);
IntPtr pArrayData = new IntPtr(pNativeData.ToInt64() + 4);
LUID_AND_ATTRIBUTES *dst = (LUID_AND_ATTRIBUTES *)pArrayData.ToPointer();
fixed(LUID_AND_ATTRIBUTES *src_base = attributes)
{
LUID_AND_ATTRIBUTES *src = src_base;
for (int i = 0; i < attributes.Length; i++)
{
*dst = *src;
dst++;
src++;
}
}
return(pNativeData);
}
internal static unsafe void KeepOnlyPrivilegeInProcess(string privilege)
{
SafeCloseHandle process = OpenCurrentProcessForWrite();
try
{
SafeCloseHandle processToken = GetProcessToken(process, 0x20028);
try
{
LUID luid;
if (!ListenerUnsafeNativeMethods.LookupPrivilegeValue(IntPtr.Zero, privilege, &luid))
{
int error = Marshal.GetLastWin32Error();
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error));
}
byte[] tokenInformation = new byte[GetTokenInformationLength(processToken, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenPrivileges)];
try
{
fixed(byte *numRef = tokenInformation)
{
GetTokenInformation(processToken, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenPrivileges, tokenInformation);
ListenerUnsafeNativeMethods.TOKEN_PRIVILEGES *newState = (ListenerUnsafeNativeMethods.TOKEN_PRIVILEGES *)numRef;
LUID_AND_ATTRIBUTES *luid_and_attributesPtr = &newState->Privileges;
int index = 0;
for (int i = 0; i < newState->PrivilegeCount; i++)
{
if (!luid_and_attributesPtr[i].Luid.Equals(luid))
{
luid_and_attributesPtr[index].Attributes = PrivilegeAttribute.SE_PRIVILEGE_DISABLED | PrivilegeAttribute.SE_PRIVILEGE_REMOVED;
luid_and_attributesPtr[index].Luid = luid_and_attributesPtr[i].Luid;
index++;
}
}
newState->PrivilegeCount = index;
bool flag = ListenerUnsafeNativeMethods.AdjustTokenPrivileges(processToken, false, newState, tokenInformation.Length, IntPtr.Zero, IntPtr.Zero);
int num5 = Marshal.GetLastWin32Error();
if (!flag || (num5 != 0))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(num5));
}
}
}
finally
{
numRef = null;
}
}
finally
{
processToken.Close();
}
}
finally
{
process.Close();
}
}
internal static void KeepOnlyPrivilegeInProcess(string privilege)
{
SafeCloseHandle process = OpenCurrentProcessForWrite();
try
{
SafeCloseHandle token = GetProcessToken(process, ListenerUnsafeNativeMethods.TOKEN_QUERY | ListenerUnsafeNativeMethods.TOKEN_ADJUST_PRIVILEGES | ListenerUnsafeNativeMethods.READ_CONTROL);
try
{
LUID luid;
bool success = ListenerUnsafeNativeMethods.LookupPrivilegeValue(IntPtr.Zero, privilege, &luid);
if (!success)
{
int error = Marshal.GetLastWin32Error();
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error));
}
int length = GetTokenInformationLength(token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenPrivileges);
byte[] tokenInformation = new byte[length];
fixed(byte *pTokenPrivileges = tokenInformation)
{
GetTokenInformation(token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenPrivileges,
tokenInformation);
ListenerUnsafeNativeMethods.TOKEN_PRIVILEGES *pTP = (ListenerUnsafeNativeMethods.TOKEN_PRIVILEGES *)pTokenPrivileges;
LUID_AND_ATTRIBUTES *pLuidAndAttributes = (LUID_AND_ATTRIBUTES *)(&(pTP->Privileges));
int privilegeCount = 0;
for (int i = 0; i < pTP->PrivilegeCount; i++)
{
if (!pLuidAndAttributes[i].Luid.Equals(luid))
{
pLuidAndAttributes[privilegeCount].Attributes = PrivilegeAttribute.SE_PRIVILEGE_REMOVED;
pLuidAndAttributes[privilegeCount].Luid = pLuidAndAttributes[i].Luid;
privilegeCount++;
}
}
pTP->PrivilegeCount = privilegeCount;
success = ListenerUnsafeNativeMethods.AdjustTokenPrivileges(token, false, pTP, tokenInformation.Length, IntPtr.Zero, IntPtr.Zero);
int error = Marshal.GetLastWin32Error();
if (!success || error != UnsafeNativeMethods.ERROR_SUCCESS)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error));
}
}
}
finally
{
token.Close();
}
}
finally
{
process.Close();
}
}
public static extern int CreateRestrictedToken([NativeTypeName("HANDLE")] IntPtr ExistingTokenHandle, [NativeTypeName("DWORD")] uint Flags, [NativeTypeName("DWORD")] uint DisableSidCount, [NativeTypeName("PSID_AND_ATTRIBUTES")] SID_AND_ATTRIBUTES *SidsToDisable, [NativeTypeName("DWORD")] uint DeletePrivilegeCount, [NativeTypeName("PLUID_AND_ATTRIBUTES")] LUID_AND_ATTRIBUTES *PrivilegesToDelete, [NativeTypeName("DWORD")] uint RestrictedSidCount, [NativeTypeName("PSID_AND_ATTRIBUTES")] SID_AND_ATTRIBUTES *SidsToRestrict, [NativeTypeName("PHANDLE")] IntPtr *NewTokenHandle);
