1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
/********************************************************/
/* ntapi: Native API core library */
/* Copyright (C) 2013--2017 Z. Gilboa */
/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */
/********************************************************/
#include <psxtypes/psxtypes.h>
#include <ntapi/nt_object.h>
#include <ntapi/nt_token.h>
#include <ntapi/ntapi.h>
#include "ntapi_impl.h"
static int32_t __stdcall __set_token_privilege(
__in void * htoken,
__in uint32_t privilege,
__in int attribute)
{
uintptr_t buffer[64];
nt_token_privileges * tokprivs;
/* reasonable scope */
if (privilege > 255)
return NT_STATUS_INVALID_PARAMETER;
/* buffer */
__ntapi->tt_aligned_block_memset(
buffer,0,sizeof(buffer));
tokprivs = (nt_token_privileges *)buffer;
/* token privileges */
tokprivs->privilege_count = 1;
tokprivs->privileges[0].attributes = attribute;
tokprivs->privileges[0].luid.low = privilege;
tokprivs->privileges[0].luid.high = 0;
/* set */
return __ntapi->zw_adjust_privileges_token(
htoken,0,
tokprivs,sizeof(buffer),
0,0);
}
int32_t __stdcall __ntapi_tt_enable_token_privilege(
__in void * htoken,
__in uint32_t privilege)
{
return __set_token_privilege(
htoken,
privilege,
NT_SE_ENABLE_PRIVILEGE);
}
int32_t __stdcall __ntapi_tt_disable_token_privilege(
__in void * htoken,
__in uint32_t privilege)
{
return __set_token_privilege(
htoken,
privilege,
NT_SE_DISABLE_PRIVILEGE);
}
|