C# (CSharp) WheresMyImplant Unmanaged.GetTokenInformation 예제들

프로그래밍 언어: C# (CSharp)

네임스페이스/패키지 이름: WheresMyImplant

클래스/타입: Unmanaged

메소드/함수: GetTokenInformation

hotexamples.com에서의 예제들: 1

C# (CSharp) WheresMyImplant Unmanaged.GetTokenInformation - 1개의 예제가 발견되었습니다. 이것들은 오픈소스 프로젝트에서 추출된 C# (CSharp)의 WheresMyImplant.Unmanaged.GetTokenInformation에 대한 실세계 최고 등급의 예제들입니다. 예제들을 평가하여 예제의 품질 향상에 도움을 줄 수 있습니다.

자주 사용되는 메소드들

보기 숨기기

WriteProcessMemory(5)

CreateRemoteThread(4)

GetProcAddress(4)

VirtualAllocEx(4)

OpenProcess(4)

WaitForSingleObjectEx(3)

VirtualProtectEx(3)

GetModuleHandle(3)

VirtualAlloc(3)

OpenProcessToken(2)

CreateThread(2)

WaitForSingleObject(2)

VirtualProtect(2)

LoadLibrary(2)

ReadProcessMemory(2)

OpenThreadToken(1)

AdjustTokenPrivileges(1)

LookupPrivilegeValue(1)

CloseHandle(1)

ImpersonateSelf(1)

ImpersonateLoggedOnUser(1)

GetTokenInformation(1)

GetCurrentThread(1)

DuplicateTokenEx(1)

CreateProcessWithTokenW(1)

LookupPrivilegeName(1)

예제 #1

파일 보기

파일: Tokens.cs 프로젝트: shantanu561993/WheresMyImplant

        ////////////////////////////////////////////////////////////////////////////////
        ////////////////////////////////////////////////////////////////////////////////
        public static void EnumerateTokenPrivileges(IntPtr hToken)
        {
            ////////////////////////////////////////////////////////////////////////////////
            UInt32 TokenInfLength = 0;

            Console.WriteLine("[*] Enumerating Token Privileges");
            Unmanaged.GetTokenInformation(
                hToken,
                Enums._TOKEN_INFORMATION_CLASS.TokenPrivileges,
                IntPtr.Zero,
                TokenInfLength,
                out TokenInfLength
                );

            if (TokenInfLength < 0 || TokenInfLength > Int32.MaxValue)
            {
                GetError("GetTokenInformation - 1 " + TokenInfLength);
                return;
            }
            Console.WriteLine(" [*] GetTokenInformation - Pass 1");
            IntPtr lpTokenInformation = Marshal.AllocHGlobal((Int32)TokenInfLength);

            ////////////////////////////////////////////////////////////////////////////////
            if (!Unmanaged.GetTokenInformation(
                    hToken,
                    Enums._TOKEN_INFORMATION_CLASS.TokenPrivileges,
                    lpTokenInformation,
                    TokenInfLength,
                    out TokenInfLength))
            {
                GetError("GetTokenInformation - 2" + TokenInfLength);
                return;
            }
            Console.WriteLine(" [*] GetTokenInformation - Pass 2");
            Structs._TOKEN_PRIVILEGES_ARRAY tokenPrivileges = (Structs._TOKEN_PRIVILEGES_ARRAY)Marshal.PtrToStructure(lpTokenInformation, typeof(Structs._TOKEN_PRIVILEGES_ARRAY));
            Console.WriteLine(" [+] Enumerated " + tokenPrivileges.PrivilegeCount + " Privileges");

            ////////////////////////////////////////////////////////////////////////////////
            for (Int32 i = 0; i < tokenPrivileges.PrivilegeCount; i++)
            {
                StringBuilder lpName  = new StringBuilder();
                Int32         cchName = 0;
                IntPtr        lpLuid  = Marshal.AllocHGlobal(Marshal.SizeOf(tokenPrivileges.Privileges[i]));
                Marshal.StructureToPtr(tokenPrivileges.Privileges[i].Luid, lpLuid, true);
                Unmanaged.LookupPrivilegeName(null, lpLuid, null, ref cchName);
                if (cchName < 0 || cchName > Int32.MaxValue)
                {
                    GetError("LookupPrivilegeName " + cchName);
                    return;
                }

                lpName.EnsureCapacity(cchName + 1);
                if (Unmanaged.LookupPrivilegeName(null, lpLuid, lpName, ref cchName))
                {
                    Console.WriteLine("  [*] " + lpName.ToString());
                }
                Marshal.FreeHGlobal(lpLuid);
            }
        }