示例#1
0
        public static Boolean FreeObjectHandle(IntPtr Handle)
        {
            UInt32 CallRes = APIDef.NtClose(Handle);

            if (CallRes != APIDef.NTSTATUS_STATUS_SUCCESS)
            {
                return(false);
            }
            else
            {
                return(true);
            }
        }
示例#2
0
        public static Boolean AssignTokenPrivilege(UInt32 TokenPrivilege)
        {
            // Open current process token
            IntPtr hToken  = IntPtr.Zero;
            UInt32 CallRes = APIDef.NtOpenProcessToken((IntPtr)(-1), APIDef.TOKEN_ADJUST_PRIVILEGES | APIDef.TOKEN_QUERY, ref hToken);

            if (CallRes != APIDef.NTSTATUS_STATUS_SUCCESS)
            {
                Console.WriteLine("[!] Failed to access current process token..");
                return(false);
            }

            // Create new token privilege struct
            APIDef.LUID LuidPrivilege = new APIDef.LUID();
            LuidPrivilege.LowPart = TokenPrivilege;

            APIDef.TOKEN_PRIVILEGES    NewState = new APIDef.TOKEN_PRIVILEGES();
            APIDef.LUID_AND_ATTRIBUTES laa      = new APIDef.LUID_AND_ATTRIBUTES();
            laa.Luid                = LuidPrivilege;
            laa.Attributes          = APIDef.SE_PRIVILEGE_ENABLED;
            NewState.PrivilegeCount = 1;
            NewState.Privileges     = laa;

            // Adjust
            UInt32 RetLen = 0;

            CallRes = APIDef.NtAdjustPrivilegesToken(hToken, false, ref NewState, (UInt32)Marshal.SizeOf(NewState), IntPtr.Zero, ref RetLen);
            APIDef.NtClose(hToken);
            if (CallRes == APIDef.NTSTATUS_STATUS_SUCCESS)
            {
                return(true);
            }
            else if (CallRes == APIDef.NTSTATUS_STATUS_NOT_ALL_ASSIGNED)
            {
                Console.WriteLine("[!] Failed to add privilege: STATUS_PRIVILEGE_NOT_HELD");
                return(false);
            }
            else
            {
                Console.WriteLine("[!] Failed to add privilege..");
                return(false);
            }
        }