如何使用GetTokenInformation（）恢复特权？ C ++

Question

I would like to recover all privileges from a username. For example privileges : "SE_ASSIGN_PRIMARY_TOKEN_PRIVILEGE", "SE_AUDIT_PRIVILEGE", "SE_DEBUG_PRIVILEGE"... I searched on the microsoft documentation and I found GetTokenInformation() https://docs.microsoft.com/en-us/windows/desktop/api/securitybaseapi/nf-securitybaseapi-gettokeninformation but I do not understand how to access all the privileges and see the value of this privilege. Would anyone already use this method with an example or how to proceed please?

Answer 1

You could try the code below:

#include <iostream>
#include <windows.h>
#include <tchar.h>

BOOL CheckWindowsPrivilege(const TCHAR *Privilege)
{
    /* Checks for Privilege and returns True or False. */
    LUID luid;
    PRIVILEGE_SET privs;
    HANDLE hProcess;
    HANDLE hToken;
    hProcess = GetCurrentProcess();
    if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken)) return FALSE;
    if (!LookupPrivilegeValue(NULL, Privilege, &luid)) return FALSE;
    privs.PrivilegeCount = 1;
    privs.Control = PRIVILEGE_SET_ALL_NECESSARY;
    privs.Privilege[0].Luid = luid;
    privs.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
    BOOL bResult;
    PrivilegeCheck(hToken, &privs, &bResult);
    return bResult;
}

int wmain(void)
{
    if (!CheckWindowsPrivilege(SE_ASSIGNPRIMARYTOKEN_NAME))
    {
        wprintf(L"I do not have SeAssignPrimaryTokenPrivilege!\n");
        return 1;
    }
    wprintf(L"I do have SeAssignPrimaryTokenPrivilege!\n");
    return 0;
}

And then call the SetPrivilege (not the win32 api but the function from the MSDN example)