protected void adjustDebugPriv( int pid )
{
IntPtr hProcess = UnsafeFunctions.OpenProcess(ProcessAccessFlags.All, false, pid);
if (IntPtr.Zero == hProcess)
{
throw new Exception("Cann't open process.");
}
TOKEN_PRIVILEGES tp = new TOKEN_PRIVILEGES
{
PrivilegeCount = 1,
Attributes = SE_NAMES.SE_PRIVILEGE_ENABLED
};
if (!UnsafeFunctions.LookupPrivilegeValue(null, SE_NAMES.SE_DEBUG_NAME, out tp.Luid))
{
UnsafeFunctions.CloseHandle(hProcess);
throw new Exception("Cann't lookup value");
}
IntPtr hToken;
if (!UnsafeFunctions.OpenProcessToken(hProcess, TOKEN_ACCESS.TOKEN_ADJUST_PRIVILEGES, out hToken))
{
UnsafeFunctions.CloseHandle(hProcess);
throw new Exception("Cann't open process token value");
}
if (!UnsafeFunctions.AdjustTokenPrivileges(hToken, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero))
{
UnsafeFunctions.CloseHandle(hProcess);
UnsafeFunctions.CloseHandle(hToken);
throw new Exception("Cann't AdjustTokenPrivileges");
}
UnsafeFunctions.CloseHandle(hProcess);
UnsafeFunctions.CloseHandle(hToken);
}
public static extern bool AdjustTokenPrivileges( IntPtr TokenHandle, [MarshalAs(UnmanagedType.Bool)]bool DisableAllPrivileges, ref TOKEN_PRIVILEGES NewState,
UInt32 Zero, IntPtr Null1, IntPtr Null2);
