diff options
| author | midipix <writeonce@midipix.org> | 2016-06-24 02:22:21 -0400 |
|---|---|---|
| committer | midipix <writeonce@midipix.org> | 2016-06-24 03:32:46 -0400 |
| commit | 5f1999c6f77e9abb827d61e4e89fa42841caaa9a (patch) | |
| tree | baa85523a11f4c0a5b9f049910e931144e49b9f0 /src | |
| parent | a3e9aaed1633e5ca5426758719486e001931eddd (diff) | |
| download | ntapi-5f1999c6f77e9abb827d61e4e89fa42841caaa9a.tar.bz2 ntapi-5f1999c6f77e9abb827d61e4e89fa42841caaa9a.tar.xz | |
process tokens: added __ntapi_tt_[enable/disable]_token_privilege().
Diffstat (limited to 'src')
| -rw-r--r-- | src/internal/ntapi.c | 4 | ||||
| -rw-r--r-- | src/internal/ntapi_fnapi.h | 4 | ||||
| -rw-r--r-- | src/token/ntapi_tt_token_privilege.c | 65 |
3 files changed, 73 insertions, 0 deletions
diff --git a/src/internal/ntapi.c b/src/internal/ntapi.c index 0749a97..e67bcf1 100644 --- a/src/internal/ntapi.c +++ b/src/internal/ntapi.c @@ -214,6 +214,10 @@ static int32_t __fastcall __ntapi_init_once(ntapi_vtbl ** pvtbl) __ntapi->tt_exec_map_image_as_data = __ntapi_tt_exec_map_image_as_data; __ntapi->tt_exec_unmap_image = __ntapi_tt_exec_unmap_image; + /* nt_token.h */ + __ntapi->tt_enable_token_privilege = __ntapi_tt_enable_token_privilege; + __ntapi->tt_disable_token_privilege = __ntapi_tt_disable_token_privilege; + /* nt_section.h */ __ntapi->tt_get_section_name = __ntapi_tt_get_section_name; diff --git a/src/internal/ntapi_fnapi.h b/src/internal/ntapi_fnapi.h index 396fb59..a7436c5 100644 --- a/src/internal/ntapi_fnapi.h +++ b/src/internal/ntapi_fnapi.h @@ -102,6 +102,10 @@ ntapi_tt_update_runtime_data __ntapi_tt_update_runtime_data; ntapi_tt_exec_map_image_as_data __ntapi_tt_exec_map_image_as_data; ntapi_tt_exec_unmap_image __ntapi_tt_exec_unmap_image; +/* nt_token.h */ +ntapi_tt_enable_token_privilege __ntapi_tt_enable_token_privilege; +ntapi_tt_disable_token_privilege __ntapi_tt_disable_token_privilege; + /* nt_section.h */ ntapi_tt_get_section_name __ntapi_tt_get_section_name; diff --git a/src/token/ntapi_tt_token_privilege.c b/src/token/ntapi_tt_token_privilege.c new file mode 100644 index 0000000..e86b31b --- /dev/null +++ b/src/token/ntapi_tt_token_privilege.c @@ -0,0 +1,65 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013--2016 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include <psxtypes/psxtypes.h> +#include <ntapi/nt_object.h> +#include <ntapi/nt_token.h> +#include <ntapi/ntapi.h> +#include "ntapi_impl.h" + + +static int32_t __stdcall __set_token_privilege( + __in void * htoken, + __in uint32_t privilege, + __in int attribute) +{ + uintptr_t buffer[64]; + nt_token_privileges * tokprivs; + + /* reasonable scope */ + if (privilege > 255) + return NT_STATUS_INVALID_PARAMETER; + + /* buffer */ + __ntapi->tt_aligned_block_memset( + buffer,0,sizeof(buffer)); + + tokprivs = (nt_token_privileges *)buffer; + + /* token privileges */ + tokprivs->privilege_count = 1; + + tokprivs->privileges[0].attributes = attribute; + tokprivs->privileges[0].luid.low = privilege; + tokprivs->privileges[0].luid.high = 0; + + /* set */ + return __ntapi->zw_adjust_privileges_token( + htoken,0, + tokprivs,sizeof(buffer), + 0,0); +} + + +int32_t __stdcall __ntapi_tt_enable_token_privilege( + __in void * htoken, + __in uint32_t privilege) +{ + return __set_token_privilege( + htoken, + privilege, + NT_SE_ENABLE_PRIVILEGE); +} + +int32_t __stdcall __ntapi_tt_disable_token_privilege( + __in void * htoken, + __in uint32_t privilege) +{ + return __set_token_privilege( + htoken, + privilege, + NT_SE_DISABLE_PRIVILEGE); +} |