1,486
社区成员
发帖
与我相关
我的任务
分享择录自WINDOWS源码的提权函数
#define SE_MIN_WELL_KNOWN_PRIVILEGE (2L)
#define SE_CREATE_TOKEN_PRIVILEGE (2L)
#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE (3L)
#define SE_LOCK_MEMORY_PRIVILEGE (4L)
#define SE_INCREASE_QUOTA_PRIVILEGE (5L)
// end_wdm
//
// Unsolicited Input is obsolete and unused.
//
#define SE_UNSOLICITED_INPUT_PRIVILEGE (6L)
// begin_wdm
#define SE_MACHINE_ACCOUNT_PRIVILEGE (6L)
#define SE_TCB_PRIVILEGE (7L)
#define SE_SECURITY_PRIVILEGE (8L)
#define SE_TAKE_OWNERSHIP_PRIVILEGE (9L)
#define SE_LOAD_DRIVER_PRIVILEGE (10L)
#define SE_SYSTEM_PROFILE_PRIVILEGE (11L)
#define SE_SYSTEMTIME_PRIVILEGE (12L)
#define SE_PROF_SINGLE_PROCESS_PRIVILEGE (13L)
#define SE_INC_BASE_PRIORITY_PRIVILEGE (14L)
#define SE_CREATE_PAGEFILE_PRIVILEGE (15L)
#define SE_CREATE_PERMANENT_PRIVILEGE (16L)
#define SE_BACKUP_PRIVILEGE (17L)
#define SE_RESTORE_PRIVILEGE (18L)
#define SE_SHUTDOWN_PRIVILEGE (19L)
#define SE_DEBUG_PRIVILEGE (20L)
#define SE_AUDIT_PRIVILEGE (21L)
#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE (22L)
#define SE_CHANGE_NOTIFY_PRIVILEGE (23L)
#define SE_REMOTE_SHUTDOWN_PRIVILEGE (24L)
#define SE_UNDOCK_PRIVILEGE (25L)
#define SE_SYNC_AGENT_PRIVILEGE (26L)
#define SE_ENABLE_DELEGATION_PRIVILEGE (27L)
#define SE_MANAGE_VOLUME_PRIVILEGE (28L)
#define SE_IMPERSONATE_PRIVILEGE (29L)
#define SE_CREATE_GLOBAL_PRIVILEGE (30L)
#define SE_MAX_WELL_KNOWN_PRIVILEGE (SE_CREATE_GLOBAL_PRIVILEGE)
#define STATUS_NO_TOKEN ((NTSTATUS)0xC000007CL)
BOOL EnablePrivilege(ULONG Privilege,BOOL Enable)
{
NTSTATUS Status;
BOOLEAN WasEnabled;
Status = RtlAdjustPrivilege(Privilege,
(BOOLEAN)Enable,
TRUE,
&WasEnabled);
if (Status == STATUS_NO_TOKEN) {
Status = RtlAdjustPrivilege(Privilege,
(BOOLEAN)Enable,
FALSE,
&WasEnabled);
}
if (!NT_SUCCESS(Status))
{
return(FALSE);
}
return(TRUE);
}
#define SE_CREATE_TOKEN_PRIVILEGE (2L)
#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE (3L)
#define SE_LOCK_MEMORY_PRIVILEGE (4L)
#define SE_INCREASE_QUOTA_PRIVILEGE (5L)
// end_wdm
//
// Unsolicited Input is obsolete and unused.
//
#define SE_UNSOLICITED_INPUT_PRIVILEGE (6L)
// begin_wdm
#define SE_MACHINE_ACCOUNT_PRIVILEGE (6L)
#define SE_TCB_PRIVILEGE (7L)
#define SE_SECURITY_PRIVILEGE (8L)
#define SE_TAKE_OWNERSHIP_PRIVILEGE (9L)
#define SE_LOAD_DRIVER_PRIVILEGE (10L)
#define SE_SYSTEM_PROFILE_PRIVILEGE (11L)
#define SE_SYSTEMTIME_PRIVILEGE (12L)
#define SE_PROF_SINGLE_PROCESS_PRIVILEGE (13L)
#define SE_INC_BASE_PRIORITY_PRIVILEGE (14L)
#define SE_CREATE_PAGEFILE_PRIVILEGE (15L)
#define SE_CREATE_PERMANENT_PRIVILEGE (16L)
#define SE_BACKUP_PRIVILEGE (17L)
#define SE_RESTORE_PRIVILEGE (18L)
#define SE_SHUTDOWN_PRIVILEGE (19L)
#define SE_DEBUG_PRIVILEGE (20L)
#define SE_AUDIT_PRIVILEGE (21L)
#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE (22L)
#define SE_CHANGE_NOTIFY_PRIVILEGE (23L)
#define SE_REMOTE_SHUTDOWN_PRIVILEGE (24L)
#define SE_UNDOCK_PRIVILEGE (25L)
#define SE_SYNC_AGENT_PRIVILEGE (26L)
#define SE_ENABLE_DELEGATION_PRIVILEGE (27L)
#define SE_MANAGE_VOLUME_PRIVILEGE (28L)
#define SE_IMPERSONATE_PRIVILEGE (29L)
#define SE_CREATE_GLOBAL_PRIVILEGE (30L)
#define SE_MAX_WELL_KNOWN_PRIVILEGE (SE_CREATE_GLOBAL_PRIVILEGE)
#define STATUS_NO_TOKEN ((NTSTATUS)0xC000007CL)
BOOL EnablePrivilege(ULONG Privilege,BOOL Enable)
{
NTSTATUS Status;
BOOLEAN WasEnabled;
Status = RtlAdjustPrivilege(Privilege,
(BOOLEAN)Enable,
TRUE,
&WasEnabled);
if (Status == STATUS_NO_TOKEN) {
Status = RtlAdjustPrivilege(Privilege,
(BOOLEAN)Enable,
FALSE,
&WasEnabled);
}
if (!NT_SUCCESS(Status))
{
return(FALSE);
}
return(TRUE);
}
...全文
请发表友善的回复…
发表回复
波导终结者 2008-05-24
- 打赏
- 举报
够精练
chenhui530 2008-05-24
- 打赏
- 举报
对NTSTATUS就是long在VB里基本上所有类型都可以用long来代替
#define long NTSTATUS
#define long NTSTATUS
Sandrer 2008-05-24
- 打赏
- 举报
NTSTATUS 是不是LONG类型?
头文件是哪个?
头文件是哪个?
Sandrer 2008-05-24
- 打赏
- 举报
虽然在很久前就已经看过VB版的提权代码了(用来关机的)
但是我只想知道你是怎么找到WINDOWS源码滴~~~~~~~~
但是我只想知道你是怎么找到WINDOWS源码滴~~~~~~~~
东方之珠 2008-05-23
- 打赏
- 举报
这么多常数,学习学习!
舉杯邀明月 2008-05-23
- 打赏
- 举报
学习......
jf...
up...
jf...
up...
