30{
37
38
40 0,
44 &FilteredToken);
46
47
49
50
52 0,
56 &FilteredToken);
58
59
62 {
63 skip(
"Failed to query the total size for token statistics structure! (Status -> 0x%lx)\n",
Status);
64 return;
65 }
66
67
69 if (TokenStats ==
NULL)
70 {
71 skip(
"Failed to allocate our token statistics buffer!\n");
72 return;
73 }
74
75
78 {
79 skip(
"Failed to query the token statistics! (Status -> 0x%lx)\n",
Status);
80 return;
81 }
82
83 trace(
"Number of privileges before token filtering -- %lu\n\n", TokenStats->
PrivilegeCount);
84
85
91 &FilteredToken);
93
94
97 {
98 skip(
"Failed to query the token statistics! (Status -> 0x%lx)\n",
Status);
99 return;
100 }
101
102 trace(
"Number of privileges after token filtering (privileges disabled with DISABLE_MAX_PRIVILEGE) -- %lu\n\n", TokenStats->
PrivilegeCount);
103
104
106
107
109
113
114
116 0,
118 &Priv,
120 &FilteredToken);
122
123
126 {
127 skip(
"Failed to query the token statistics! (Status -> 0x%lx)\n",
Status);
128 return;
129 }
130
131 trace(
"Number of privileges after token filtering (manually deleted privilege) -- %lu\n\n", TokenStats->
PrivilegeCount);
132
133
137}
static HANDLE GetTokenProcess(VOID)
#define ok_hex(expression, result)
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
#define NT_SUCCESS(StatCode)
#define ConvertPrivLongToLuid(PrivilegeVal, ConvertedPrivLuid)
#define SE_BACKUP_PRIVILEGE
#define DISABLE_MAX_PRIVILEGE
#define STATUS_INVALID_HANDLE
#define STATUS_BUFFER_TOO_SMALL
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
NTSTATUS NTAPI NtFilterToken(_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle)
Creates an access token in a restricted form from the original existing token, that is,...
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size