diff options
Diffstat (limited to 'src/internal/ntapi.c')
-rw-r--r-- | src/internal/ntapi.c | 36 |
1 files changed, 33 insertions, 3 deletions
diff --git a/src/internal/ntapi.c b/src/internal/ntapi.c index abddd1e..817a21f 100644 --- a/src/internal/ntapi.c +++ b/src/internal/ntapi.c @@ -89,6 +89,38 @@ static union __ntapi_img_rdata __ntapi_rdata = {{ #define import_table __ntapi_rdata.img_sec_data.__ntapi_import_table +static void __ntapi_init_adjust_privileges(void) +{ + uintptr_t buffer[64]; + nt_token_privileges * tokprivs; + + /* token privileges */ + tokprivs = (nt_token_privileges *)buffer; + tokprivs->privilege_count = 4; + + tokprivs->privileges[0].attributes = NT_SE_ENABLE_PRIVILEGE; + tokprivs->privileges[0].luid.low = NT_SE_CREATE_SYMBOLIC_LINK_PRIVILEGE; + tokprivs->privileges[0].luid.high = 0; + + tokprivs->privileges[1].attributes = NT_SE_ENABLE_PRIVILEGE; + tokprivs->privileges[1].luid.low = NT_SE_TAKE_OWNERSHIP_PRIVILEGE; + tokprivs->privileges[1].luid.high = 0; + + tokprivs->privileges[2].attributes = NT_SE_ENABLE_PRIVILEGE; + tokprivs->privileges[2].luid.low = NT_SE_BACKUP_PRIVILEGE; + tokprivs->privileges[2].luid.high = 0; + + tokprivs->privileges[3].attributes = NT_SE_ENABLE_PRIVILEGE; + tokprivs->privileges[3].luid.low = NT_SE_RESTORE_PRIVILEGE; + tokprivs->privileges[3].luid.high = 0; + + /* (attempt to) set any or all */ + __ntapi->zw_adjust_privileges_token( + internals->htoken,0,tokprivs, + 0,0,0); +} + + static int32_t __fastcall __ntapi_init_once(ntapi_vtbl ** pvtbl) { int32_t status; @@ -501,9 +533,7 @@ static int32_t __fastcall __ntapi_init_once(ntapi_vtbl ** pvtbl) &internals->htoken))) return status; - __ntapi->tt_enable_token_privilege( - internals->htoken, - NT_SE_CREATE_SYMBOLIC_LINK_PRIVILEGE); + __ntapi_init_adjust_privileges(); /* user */ if ((status = __ntapi->zw_query_information_token( |