public static extern BOOL AdjustTokenPrivileges(
HANDLE TokenHandle,
BOOL DisableAllPrivileges,
PTOKEN_PRIVILEGES NewState,
DWORD BufferLength,
PTOKEN_PRIVILEGES PreviousState,
out DWORD ReturnLength);
public static extern int AdjustTokenPrivileges(
HANDLE TokenHandle,
int DisableAllPrivileges,
PTOKEN_PRIVILEGES NewState,
uint BufferLength,
PTOKEN_PRIVILEGES PreviousState,
out uint ReturnLength);
public static extern int AdjustTokenPrivileges(
HANDLE TokenHandle,
int DisableAllPrivileges,
PTOKEN_PRIVILEGES NewState,
uint BufferLength,
PTOKEN_PRIVILEGES PreviousState,
out uint ReturnLength);
public static void AdjustPrivileges(this SafeHTOKEN hObj, PTOKEN_PRIVILEGES privileges)
{
if (privileges == null)
{
return;
}
if (!AdjustTokenPrivileges(hObj, false, privileges))
{
throw new Win32Exception();
}
}
private void ElevatePrivileges(string[] privs)
{
var newPriv = new PTOKEN_PRIVILEGES(Array.ConvertAll(privs, s => new LUID_AND_ATTRIBUTES(LUID.FromName(s), PrivilegeAttributes.SE_PRIVILEGE_ENABLED)));
prevState = PTOKEN_PRIVILEGES.GetAllocatedAndEmptyInstance();
if (!AdjustTokenPrivileges(tok, false, newPriv, prevState.Size, prevState, out var retLen))
{
Win32Error.ThrowLastError();
}
prevState.Size = (int)retLen;
}
public static SafeCoTaskMemHandle AdjustPrivilege(this SafeHTOKEN hObj, SystemPrivilege priv, PrivilegeAttributes attr)
{
var newState = new PTOKEN_PRIVILEGES(priv.GetLUID(), attr);
var prevState = PTOKEN_PRIVILEGES.GetAllocatedAndEmptyInstance();
if (!AdjustTokenPrivileges(hObj, false, newState, (uint)prevState.Size, prevState, out var retLen))
{
throw new Win32Exception();
}
prevState.Size = (int)retLen;
return(prevState);
}
public void AdjustTokenPrivilegesTest()
{
using (var t = SafeHTOKEN.FromThread(SafeHTHREAD.Current, TokenAccess.TOKEN_ADJUST_PRIVILEGES | TokenAccess.TOKEN_QUERY))
{
Assert.That(LookupPrivilegeValue(null, "SeShutdownPrivilege", out var luid));
var ptp = new PTOKEN_PRIVILEGES(luid, PrivilegeAttributes.SE_PRIVILEGE_ENABLED);
var old = PTOKEN_PRIVILEGES.GetAllocatedAndEmptyInstance();
Assert.That(AdjustTokenPrivileges(t, false, ptp, (uint)old.Size, old, out var rLen));
Assert.That(AdjustTokenPrivileges(t, false, ptp));
}
}
public static void AdjustPrivileges(this SafeTokenHandle hObj, PTOKEN_PRIVILEGES privileges)
{
if (privileges == null)
{
return;
}
uint retLen = 0;
if (!AdjustTokenPrivileges(hObj, false, privileges, (uint)privileges.SizeInBytes, null, ref retLen))
{
throw new Win32Exception();
}
}
public void AdjustTokenPrivilegesTest()
{
using (var t = SafeHTOKEN.FromThread(GetCurrentThread(), TokenAccess.TOKEN_ADJUST_PRIVILEGES | TokenAccess.TOKEN_QUERY))
{
Assert.That(LookupPrivilegeValue(null, "SeShutdownPrivilege", out var luid));
var ptp = new PTOKEN_PRIVILEGES(luid, PrivilegeAttributes.SE_PRIVILEGE_ENABLED);
var old = PTOKEN_PRIVILEGES.GetAllocatedAndEmptyInstance();
var rLen = (uint)old.Size;
Assert.That(AdjustTokenPrivileges(t, false, ptp, ptp.SizeInBytes, old, ref rLen));
rLen = 0U;
Assert.That(AdjustTokenPrivileges(t, false, ptp, ptp.SizeInBytes, SafeCoTaskMemHandle.Null, ref rLen));
}
}
public static SafeCoTaskMemHandle AdjustPrivileges(this SafeHTOKEN hObj, params PrivilegeAndAttributes[] privileges)
{
if (privileges == null || privileges.Length == 0)
{
return(SafeCoTaskMemHandle.Null);
}
var newState = new PTOKEN_PRIVILEGES(privileges.Select(pa => new LUID_AND_ATTRIBUTES(pa.Privilege.GetLUID(), pa.Attributes)).ToArray());
var prevState = PTOKEN_PRIVILEGES.GetAllocatedAndEmptyInstance();
if (!AdjustTokenPrivileges(hObj, false, newState, (uint)prevState.Size, prevState, out var retLen))
{
throw new Win32Exception();
}
prevState.Size = (int)retLen;
return(prevState);
}
public ElevPriv(string priv, HPROCESS hProc = default, TokenAccess access = TokenAccess.TOKEN_ADJUST_PRIVILEGES | TokenAccess.TOKEN_QUERY)
{
if (hProc.IsNull)
{
hProc = GetCurrentProcess();
}
tok = SafeHTOKEN.FromProcess(hProc, access);
var newPriv = new PTOKEN_PRIVILEGES(LUID.FromName(priv), PrivilegeAttributes.SE_PRIVILEGE_ENABLED);
prevState = PTOKEN_PRIVILEGES.GetAllocatedAndEmptyInstance();
if (!AdjustTokenPrivileges(tok, false, newPriv, (uint)prevState.Size, prevState, out var retLen))
{
Win32Error.ThrowLastError();
}
prevState.Size = (int)retLen;
}
public void GetTokenInformationTest()
{
//var p = SafeTokenHandle.CurrentProcessToken.GetInfo<PTOKEN_PRIVILEGES>(TOKEN_INFORMATION_CLASS.TokenPrivileges).Privileges;
using (var t = SafeHTOKEN.FromProcess(Process.GetCurrentProcess(), TokenAccess.TOKEN_QUERY))
{
Assert.That(t, Is.Not.Null);
var p = t.GetInfo <PTOKEN_PRIVILEGES>(TOKEN_INFORMATION_CLASS.TokenPrivileges);
Assert.That(p, Is.Not.Null);
Assert.That(p.PrivilegeCount, Is.GreaterThan(0));
TestContext.WriteLine("Privs: " + string.Join("; ", p.Privileges.Select(i => i.ToString())));
using (var hMem = PTOKEN_PRIVILEGES.GetAllocatedAndEmptyInstance(50))
{
var b = GetTokenInformation(t, TOKEN_INFORMATION_CLASS.TokenPrivileges, hMem, hMem.Size, out var sz);
Assert.That(b);
var p1 = PTOKEN_PRIVILEGES.FromPtr((IntPtr)hMem);
Assert.That(p1.PrivilegeCount, Is.EqualTo(p.PrivilegeCount));
Assert.That(p.Privileges, Is.EquivalentTo(p1.Privileges));
}
}
using (var t = SafeHTOKEN.FromThread(GetCurrentThread(), TokenAccess.TOKEN_QUERY))
{
var id = t.GetInfo <uint>(TOKEN_INFORMATION_CLASS.TokenSessionId);
Assert.That(id, Is.Not.Zero);
TestContext.WriteLine($"SessId: {id}");
var ve = t.GetInfo <uint>(TOKEN_INFORMATION_CLASS.TokenVirtualizationEnabled);
Assert.That(ve, Is.Zero);
TestContext.WriteLine($"VirtEnable: {ve}");
var et = t.GetInfo <TOKEN_ELEVATION_TYPE>(TOKEN_INFORMATION_CLASS.TokenElevationType);
Assert.That(et, Is.Not.Zero);
TestContext.WriteLine($"ElevType: {et}");
var e = t.GetInfo <TOKEN_ELEVATION>(TOKEN_INFORMATION_CLASS.TokenElevation);
Assert.That(e, Is.Not.Zero);
TestContext.WriteLine($"Elev: {e.TokenIsElevated}");
}
}
public static extern BOOL AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, out DWORD ReturnLength);
public static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref PTOKEN_PRIVILEGES newst, int len, IntPtr prev, IntPtr relen);
