#ifndef _NT_TOKEN_H_ #define _NT_TOKEN_H_ #include "nt_abi.h" #include "nt_object.h" typedef enum _nt_token_type { NT_TOKEN_PRIMARY = 1, NT_TOKEN_IMPERSONATION = 2, } nt_token_type; typedef enum _nt_token_info_class { NT_TOKEN_USER = 1, NT_TOKEN_GROUPS = 2, NT_TOKEN_PRIVILEGES = 3, NT_TOKEN_OWNER = 4, NT_TOKEN_PRIMARY_GROUP = 5, NT_TOKEN_DEFAULT_DACL = 6, NT_TOKEN_SOURCE = 7, NT_TOKEN_TYPE = 8, NT_TOKEN_IMPERSONATION_LEVEL = 9, NT_TOKEN_STATISTICS = 10, NT_TOKEN_RESTRICTED_SIDS = 11, NT_TOKEN_SESSION_ID = 12, } nt_token_info_class; /* token privilege constants */ #define NT_SE_CREATE_TOKEN_PRIVILEGE 2 #define NT_SE_ASSIGN_PRIMARY_TOKEN_PRIVILEGE 3 #define NT_SE_LOCK_MEMORY_PRIVILEGE 4 #define NT_SE_INCREASE_QUOTA_PRIVILEGE 5 #define NT_SE_MACHINE_ACCOUNT_PRIVILEGE 6 #define NT_SE_TCB_PRIVILEGE 7 #define NT_SE_SECURITY_PRIVILEGE 8 #define NT_SE_TAKE_OWNERSHIP_PRIVILEGE 9 #define NT_SE_LOAD_DRIVER_PRIVILEGE 10 #define NT_SE_SYSTEM_PROFILE_PRIVILEGE 11 #define NT_SE_SYSTEMTIME_PRIVILEGE 12 #define NT_SE_PROFILE_SINGLE_PROCESS_PRIVILEGE 13 #define NT_SE_INCREASE_BASE_PRIORITY_PRIVILEGE 14 #define NT_SE_CREATE_PAGEFILE_PRIVILEGE 15 #define NT_SE_CREATE_PERMANENT_PRIVILEGE 16 #define NT_SE_BACKUP_PRIVILEGE 17 #define NT_SE_RESTORE_PRIVILEGE 18 #define NT_SE_SHUTDOWN_PRIVILEGE 19 #define NT_SE_DEBUG_PRIVILEGE 20 #define NT_SE_AUDIT_PRIVILEGE 21 #define NT_SE_SYSTEM_ENVIRONMENT_PRIVILEGE 22 #define NT_SE_CHANGE_NOTIFY_PRIVILEGE 23 #define NT_SE_REMOTE_SHUTDOWN_PRIVILEGE 24 #define NT_SE_UNDOCK_PRIVILEGE 25 #define NT_SE_SYNC_AGENT_PRIVILEGE 26 #define NT_SE_ENABLE_DELEGATION_PRIVILEGE 27 #define NT_SE_MANAGE_VOLUME_PRIVILEGE 28 #define NT_SE_IMPERSONATE_PRIVILEGE 29 #define NT_SE_CREATE_GLOBAL_PRIVILEGE 30 #define NT_SE_TRUSTED_CRED_MAN_ACCESS_PRIVILEGE 31 #define NT_SE_RELABEL_PRIVILEGE 32 #define NT_SE_INCREASE_WORKING_SET_PRIVILEGE 33 #define NT_SE_TIME_ZONE_PRIVILEGE 34 #define NT_SE_CREATE_SYMBOLIC_LINK_PRIVILEGE 35 /* token attribute bits */ #define NT_SE_DISABLE_PRIVILEGE (0x0001U) #define NT_SE_ENABLE_PRIVILEGE (0x0002U) /* token access bits */ #define NT_TOKEN_ASSIGN_PRIMARY 0x00000001U #define NT_TOKEN_DUPLICATE 0x00000002U #define NT_TOKEN_IMPERSONATE 0x00000004U #define NT_TOKEN_QUERY 0x00000008U #define NT_TOKEN_QUERY_SOURCE 0x00000010U #define NT_TOKEN_ADJUST_PRIVILEGES 0x00000020U #define NT_TOKEN_ADJUST_GROUPS 0x00000040U #define NT_TOKEN_ADJUST_DEFAULT 0x00000080U #define NT_TOKEN_ADJUST_SESSIONID 0x00000100U #define NT_TOKEN_ALL_ACCESS NT_SEC_STANDARD_RIGHTS_REQUIRED \ | NT_TOKEN_ASSIGN_PRIMARY \ | NT_TOKEN_DUPLICATE \ | NT_TOKEN_IMPERSONATE \ | NT_TOKEN_QUERY \ | NT_TOKEN_QUERY_SOURCE \ | NT_TOKEN_ADJUST_PRIVILEGES \ | NT_TOKEN_ADJUST_GROUPS \ | NT_TOKEN_ADJUST_SESSIONID \ | NT_TOKEN_ADJUST_DEFAULT #define NT_TOKEN_READ NT_SEC_STANDARD_RIGHTS_READ \ | NT_TOKEN_QUERY #define NT_TOKEN_WRITE NT_SEC_STANDARD_RIGHTS_WRITE \ | TOKEN_ADJUST_PRIVILEGES \ | NT_OKEN_ADJUST_GROUPS \ | NT_TOKEN_ADJUST_DEFAULT #define NT_TOKEN_EXECUTE NT_SEC_STANDARD_RIGHTS_EXECUTE /* filtered token flags */ #define NT_DISABLE_MAX_PRIVILEGE 0x01 typedef struct _nt_token_statistics { nt_luid token_id; nt_luid authentication_id; nt_large_integer expiration_time; nt_token_type token_type; nt_security_impersonation_level impersonation_level; uint32_t dynamic_charged; uint32_t dynamic_available; uint32_t group_count; uint32_t privilege_count; nt_luid modified_id; } nt_token_statistics; typedef int32_t __stdcall ntapi_zw_create_token( __out void ** htoken, __in uint32_t desired_access, __in nt_object_attributes * obj_attr, __in nt_token_type type, __in nt_luid * authentication_id, __in nt_large_integer * expiration_time, __in nt_token_user * user, __in nt_token_groups * groups, __in nt_token_privileges * privileges, __in nt_token_owner * owner, __in nt_token_primary_group * primary_group, __in nt_token_default_dacl * default_dacl, __in nt_token_source * source); typedef int32_t __stdcall ntapi_zw_open_process_token( __in void * hprocess, __in uint32_t desired_access, __out void ** htoken); typedef int32_t __stdcall ntapi_zw_open_thread_token( __in void * hthread, __in uint32_t desired_access, __in int32_t open_as_self, __out void ** htoken); typedef int32_t __stdcall ntapi_zw_duplicate_token( __in void * htoken_existing, __in uint32_t desired_access, __in nt_object_attributes * obj_attr, __in int32_t effective_only, __in nt_token_type token_type, __out void ** htoken_new); typedef int32_t __stdcall ntapi_zw_filter_token( __in void * htoken_existing, __in uint32_t flags, __in nt_token_groups * sids_to_disable, __in nt_token_privileges * privileges_to_delete, __in nt_token_groups * sids_to_restrict, __out void ** htoken_new); typedef int32_t __stdcall ntapi_zw_adjust_privileges_token( __in void * htoken, __in int32_t disable_all_privileges, __in nt_token_privileges * new_state, __in size_t buffer_length, __in nt_token_privileges * prev_state __optional, __out size_t * returned_length); typedef int32_t __stdcall ntapi_zw_adjust_groups_token( __in void * htoken, __in int32_t reset_to_default, __in nt_token_groups * new_state, __in size_t buffer_length, __in nt_token_groups * prev_state __optional, __out size_t * returned_length); typedef int32_t __stdcall ntapi_zw_query_information_token( __in void * htoken, __in nt_token_info_class token_info_class, __out void * token_info, __in size_t token_info_length, __out size_t * returned_length); typedef int32_t __stdcall ntapi_zw_set_information_token( __in void * htoken, __in nt_token_info_class token_info_class, __in void * token_info, __in size_t token_info_length); /* extension functions */ typedef int32_t __stdcall ntapi_tt_enable_token_privilege( __in void * htoken, __in uint32_t privilege); typedef int32_t __stdcall ntapi_tt_disable_token_privilege( __in void * htoken, __in uint32_t privilege); #endif