/////////////////////////// Privileges related functions ///////////////////////////
public static bool EnablePrivileges(IntPtr handle, List <string> privileges, SysCallManager sysCall)
{
DInvoke.PE.PE_MANUAL_MAP moduleDetails = sysCall.getMappedModule("C:\\Windows\\System32\\advapi32.dll");
foreach (var privilege in privileges)
{
try
{
var myLuid = new DInvoke.Win32.WinNT._LUID();
object[] lookupPrivileges = { null, privilege, myLuid };
var priv = (bool)DInvoke.Generic.CallMappedDLLModuleExport(moduleDetails.PEINFO, moduleDetails.ModuleBase, "LookupPrivilegeValue",
typeof(DInvoke.Win32.DELEGATES.LookupPrivilegeValue), lookupPrivileges);
if (!priv)
{
continue;
}
DInvoke.Win32.WinNT._TOKEN_PRIVILEGES myTokenPrivileges;
myTokenPrivileges.PrivilegeCount = 1;
myTokenPrivileges.Privileges = new DInvoke.Win32.WinNT._LUID_AND_ATTRIBUTES[1];
myTokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
myTokenPrivileges.Privileges[0].Luid = myLuid;
object[] adjustPrivileges = { handle, false, myTokenPrivileges, 0, IntPtr.Zero, IntPtr.Zero };
DInvoke.Generic.CallMappedDLLModuleExport(moduleDetails.PEINFO, moduleDetails.ModuleBase, "AdjustTokenPrivileges",
typeof(DInvoke.Win32.DELEGATES.AdjustTokenPrivileges), adjustPrivileges);
}
catch { return(false); }
}
return(true);
}
/////////////////////////// Privileges related functions ///////////////////////////
public static bool EnablePrivileges(IntPtr handle, List <string> privileges, SysCallManager sysCall)
{
DInvoke.PE.PE_MANUAL_MAP moduleDetails = sysCall.getMappedModule("C:\\Windows\\System32\\advapi32.dll");
foreach (var privilege in privileges)
{
try
{
var myLuid = new DInvoke.Win32.WinNT._LUID();
object[] lookupPrivileges = { null, privilege, myLuid };
var priv = (bool)DInvoke.Generic.CallMappedDLLModuleExport(moduleDetails.PEINFO, moduleDetails.ModuleBase, "LookupPrivilegeValueA",
typeof(DInvoke.Win32.DELEGATES.LookupPrivilegeValue), lookupPrivileges);
if (!priv)
{
continue;
}
DInvoke.Win32.WinNT._LUID_AND_ATTRIBUTES luidAndAttributes = new DInvoke.Win32.WinNT._LUID_AND_ATTRIBUTES();
luidAndAttributes.Luid = (DInvoke.Win32.WinNT._LUID)lookupPrivileges[2];
luidAndAttributes.Attributes = SE_PRIVILEGE_ENABLED;
DInvoke.Win32.WinNT._TOKEN_PRIVILEGES newState;
newState.PrivilegeCount = 1;
newState.Privileges = luidAndAttributes;
DInvoke.Win32.WinNT._TOKEN_PRIVILEGES previousState = new DInvoke.Win32.WinNT._TOKEN_PRIVILEGES();
uint returnLength = 0;
object[] adjustPrivileges = { handle, false, newState, (uint)Marshal.SizeOf(newState), previousState, returnLength };
DInvoke.Generic.CallMappedDLLModuleExport(moduleDetails.PEINFO, moduleDetails.ModuleBase, "AdjustTokenPrivileges",
typeof(DInvoke.Win32.DELEGATES.AdjustTokenPrivileges), adjustPrivileges);
}
catch { return(false); }
}
return(true);
}
