protected void adjustDebugPriv( int pid ) { IntPtr hProcess = UnsafeFunctions.OpenProcess(ProcessAccessFlags.All, false, pid); if (IntPtr.Zero == hProcess) { throw new Exception("Cann't open process."); } TOKEN_PRIVILEGES tp = new TOKEN_PRIVILEGES { PrivilegeCount = 1, Attributes = SE_NAMES.SE_PRIVILEGE_ENABLED }; if (!UnsafeFunctions.LookupPrivilegeValue(null, SE_NAMES.SE_DEBUG_NAME, out tp.Luid)) { UnsafeFunctions.CloseHandle(hProcess); throw new Exception("Cann't lookup value"); } IntPtr hToken; if (!UnsafeFunctions.OpenProcessToken(hProcess, TOKEN_ACCESS.TOKEN_ADJUST_PRIVILEGES, out hToken)) { UnsafeFunctions.CloseHandle(hProcess); throw new Exception("Cann't open process token value"); } if (!UnsafeFunctions.AdjustTokenPrivileges(hToken, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero)) { UnsafeFunctions.CloseHandle(hProcess); UnsafeFunctions.CloseHandle(hToken); throw new Exception("Cann't AdjustTokenPrivileges"); } UnsafeFunctions.CloseHandle(hProcess); UnsafeFunctions.CloseHandle(hToken); }
public static extern bool AdjustTokenPrivileges( IntPtr TokenHandle, [MarshalAs(UnmanagedType.Bool)]bool DisableAllPrivileges, ref TOKEN_PRIVILEGES NewState, UInt32 Zero, IntPtr Null1, IntPtr Null2);