public static extern Boolean AdjustTokenPrivileges(
IntPtr TokenHandle,
Boolean DisableAllPrivileges,
ref Winnt._TOKEN_PRIVILEGES NewState,
UInt32 BufferLengthInBytes,
ref Winnt._TOKEN_PRIVILEGES PreviousState,
out UInt32 ReturnLengthInBytes
);
public static extern bool AdjustTokenPrivileges(
IntPtr TokenHandle,
bool DisableAllPrivileges,
ref Winnt._TOKEN_PRIVILEGES NewState,
uint BufferLengthInBytes,
ref Winnt._TOKEN_PRIVILEGES PreviousState,
out uint ReturnLengthInBytes
);
////////////////////////////////////////////////////////////////////////////////
// Sets a Token to have a specified privilege
// http://www.leeholmes.com/blog/2010/09/24/adjusting-token-privileges-in-powershell/
// https://support.microsoft.com/en-us/help/131065/how-to-obtain-a-handle-to-any-process-with-sedebugprivilege
////////////////////////////////////////////////////////////////////////////////
public static void NukeTokenPrivilege(ref IntPtr hToken)
{
Winnt._TOKEN_PRIVILEGES newState = new Winnt._TOKEN_PRIVILEGES();
Winnt._TOKEN_PRIVILEGES previousState = new Winnt._TOKEN_PRIVILEGES();
Console.WriteLine(" [*] AdjustTokenPrivilege");
if (!advapi32.AdjustTokenPrivileges(hToken, true, ref newState, (UInt32)Marshal.SizeOf(typeof(Winnt._TOKEN_PRIVILEGES)), ref previousState, out UInt32 returnLength))
{
GetWin32Error("AdjustTokenPrivileges");
}
return;
}
////////////////////////////////////////////////////////////////////////////////
// Sets a Token to have a specified privilege
// http://www.leeholmes.com/blog/2010/09/24/adjusting-token-privileges-in-powershell/
// https://support.microsoft.com/en-us/help/131065/how-to-obtain-a-handle-to-any-process-with-sedebugprivilege
////////////////////////////////////////////////////////////////////////////////
public static void SetTokenPrivilege(ref IntPtr hToken, String privilege, Winnt.TokenPrivileges attribute)
{
if (!validPrivileges.Contains(privilege))
{
Console.WriteLine("[-] Invalid Privilege Specified");
return;
}
Console.WriteLine("[*] Adjusting Token Privilege");
////////////////////////////////////////////////////////////////////////////////
Winnt._LUID luid = new Winnt._LUID();
if (!advapi32.LookupPrivilegeValue(null, privilege, ref luid))
{
GetWin32Error("LookupPrivilegeValue");
return;
}
Console.WriteLine(" [+] Recieved luid");
////////////////////////////////////////////////////////////////////////////////
Winnt._LUID_AND_ATTRIBUTES luidAndAttributes = new Winnt._LUID_AND_ATTRIBUTES
{
Luid = luid,
Attributes = (uint)attribute
};
Winnt._TOKEN_PRIVILEGES newState = new Winnt._TOKEN_PRIVILEGES
{
PrivilegeCount = 1,
Privileges = luidAndAttributes
};
Winnt._TOKEN_PRIVILEGES previousState = new Winnt._TOKEN_PRIVILEGES();
Console.WriteLine(" [*] AdjustTokenPrivilege");
UInt32 returnLength = 0;
if (!advapi32.AdjustTokenPrivileges(hToken, false, ref newState, (UInt32)Marshal.SizeOf(newState), ref previousState, out returnLength))
{
GetWin32Error("AdjustTokenPrivileges");
return;
}
Console.WriteLine(" [+] Adjusted Privilege: {0}", privilege);
Console.WriteLine(" [+] Privilege State: {0}", attribute);
return;
}
////////////////////////////////////////////////////////////////////////////////
// Sets a Token to have a specified privilege
// http://www.leeholmes.com/blog/2010/09/24/adjusting-token-privileges-in-powershell/
// https://support.microsoft.com/en-us/help/131065/how-to-obtain-a-handle-to-any-process-with-sedebugprivilege
////////////////////////////////////////////////////////////////////////////////
public bool SetTokenPrivilege(string privilege, Winnt.TokenPrivileges attribute)
{
Console.WriteLine("[*] Adjusting Token Privilege {0} => {1}", privilege, attribute);
////////////////////////////////////////////////////////////////////////////////
Winnt._LUID luid = new Winnt._LUID();
if (!advapi32.LookupPrivilegeValue(null, privilege, ref luid))
{
Misc.GetWin32Error("LookupPrivilegeValue");
return(false);
}
Console.WriteLine(" [+] Recieved luid");
////////////////////////////////////////////////////////////////////////////////
Winnt._LUID_AND_ATTRIBUTES luidAndAttributes = new Winnt._LUID_AND_ATTRIBUTES
{
Luid = luid,
Attributes = (uint)attribute
};
Winnt._TOKEN_PRIVILEGES newState = new Winnt._TOKEN_PRIVILEGES
{
PrivilegeCount = 1,
Privileges = luidAndAttributes
};
Winnt._TOKEN_PRIVILEGES previousState = new Winnt._TOKEN_PRIVILEGES();
Console.WriteLine(" [*] AdjustTokenPrivilege");
uint returnLength;
if (!advapi32.AdjustTokenPrivileges(hWorkingToken, false, ref newState, (uint)Marshal.SizeOf(newState), ref previousState, out returnLength))
{
Misc.GetWin32Error("AdjustTokenPrivileges");
return(false);
}
Console.WriteLine(" [+] Adjusted Privilege: {0}", privilege);
Console.WriteLine(" [+] Privilege State: {0}", attribute);
return(true);
}
