Пример #1
0
        ////////////////////////////////////////////////////////////////////////////////
        // Impersonates a SYSTEM token or creates a new process with the cloned token
        ////////////////////////////////////////////////////////////////////////////////
        private static void _GetSystem(CommandLineParsing cLP, IntPtr hToken)
        {
            bool exists, enabled;

            TokenInformation.CheckTokenPrivilege(hToken, "SeDebugPrivilege", out exists, out enabled);

            if (exists)
            {
                using (TokenManipulation t = new TokenManipulation(hToken))
                {
                    t.SetWorkingTokenToSelf();

                    if (!enabled)
                    {
                        t.SetTokenPrivilege(Winnt.SE_DEBUG_NAME, Winnt.TokenPrivileges.SE_PRIVILEGE_ENABLED);
                    }


                    if (string.IsNullOrEmpty(cLP.Command))
                    {
                        t.GetSystem();
                    }
                    else
                    {
                        t.GetSystem(cLP.CommandAndArgs);
                    }
                }
            }
            else
            {
                if (string.IsNullOrEmpty(cLP.Command))
                {
                    NamedPipes.GetSystem();
                }
                else
                {
                    NamedPipes.GetSystem(cLP.Command, cLP.Arguments);
                }
            }
        }