How to recover privileges with GetTokenInformation () ? c++
Question
I would like to recover all privileges from a username. For example privileges : "SE_ASSIGN_PRIMARY_TOKEN_PRIVILEGE", "SE_AUDIT_PRIVILEGE", "SE_DEBUG_PRIVILEGE"... I searched on the microsoft documentation and I found GetTokenInformation() https://docs.microsoft.com/en-us/windows/desktop/api/securitybaseapi/nf-securitybaseapi-gettokeninformation but I do not understand how to access all the privileges and see the value of this privilege. Would anyone already use this method with an example or how to proceed please?
1 answers
solution1
2 ACCPTED 2019-05-09 05:40:56
You could try the code below:
#include <iostream>
#include <windows.h>
#include <tchar.h>
BOOL CheckWindowsPrivilege(const TCHAR *Privilege)
{
/* Checks for Privilege and returns True or False. */
LUID luid;
PRIVILEGE_SET privs;
HANDLE hProcess;
HANDLE hToken;
hProcess = GetCurrentProcess();
if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken)) return FALSE;
if (!LookupPrivilegeValue(NULL, Privilege, &luid)) return FALSE;
privs.PrivilegeCount = 1;
privs.Control = PRIVILEGE_SET_ALL_NECESSARY;
privs.Privilege[0].Luid = luid;
privs.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
BOOL bResult;
PrivilegeCheck(hToken, &privs, &bResult);
return bResult;
}
int wmain(void)
{
if (!CheckWindowsPrivilege(SE_ASSIGNPRIMARYTOKEN_NAME))
{
wprintf(L"I do not have SeAssignPrimaryTokenPrivilege!\n");
return 1;
}
wprintf(L"I do have SeAssignPrimaryTokenPrivilege!\n");
return 0;
}
And then call the SetPrivilege (not the win32 api but the function from the MSDN example)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.