ReactOS 0.4.15-dev-7942-gd23573b
tokentest.c File Reference
#include <windows.h>
#include <stdlib.h>
#include <ndk/ntndk.h>
#include <ddk/ntddk.h>
#include <stdio.h>
Include dependency graph for tokentest.c:

Go to the source code of this file.

Classes

struct  _SID_2
 

Macros

#define UNICODE
 
#define _UNICODE
 
#define ANONYMOUSUNIONS
 
#define NTOS_MODE_USER
 
#define INCLUDE_THE_DDK_HEADERS
 
#define ROS_ACE_HEADER   ACE_HEADER
 
#define ROS_ACE   ACE
 
#define INITIAL_PRIV_ENABLED   SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED
 
#define INITIAL_PRIV_DISABLED   0
 

Typedefs

typedef struct _SID_2 SID_2
 

Functions

void PrintSid (SID_AND_ATTRIBUTES *pSid, TOKEN_OWNER *pOwner, TOKEN_PRIMARY_GROUP *pPrimary)
 
void DisplayTokenSids (TOKEN_USER *pUser, TOKEN_GROUPS *pGroups, TOKEN_OWNER *pOwner, TOKEN_PRIMARY_GROUP *pPrimary)
 
void DisplayTokenPrivileges (TOKEN_PRIVILEGES *pPriv)
 
void DisplayDacl (PACL pAcl)
 
PVOID GetFromToken (HANDLE hToken, TOKEN_INFORMATION_CLASS tic)
 
void DisplayToken (HANDLE hTokenSource)
 
BOOL EnablePrivilege (LPWSTR wszName)
 
NTSTATUS CreateInitialSystemToken (HANDLE *phSystemToken)
 
int main (int argc, char *argv[])
 

Variables

LUID_AND_ATTRIBUTES InitialPrivilegeSet []
 

Macro Definition Documentation

◆ _UNICODE

#define _UNICODE

Definition at line 2 of file tokentest.c.

◆ ANONYMOUSUNIONS

#define ANONYMOUSUNIONS

Definition at line 4 of file tokentest.c.

◆ INCLUDE_THE_DDK_HEADERS

#define INCLUDE_THE_DDK_HEADERS

Definition at line 12 of file tokentest.c.

◆ INITIAL_PRIV_DISABLED

#define INITIAL_PRIV_DISABLED   0

Definition at line 118 of file tokentest.c.

◆ INITIAL_PRIV_ENABLED

Definition at line 117 of file tokentest.c.

◆ NTOS_MODE_USER

#define NTOS_MODE_USER

Definition at line 8 of file tokentest.c.

◆ ROS_ACE

#define ROS_ACE   ACE

Definition at line 16 of file tokentest.c.

◆ ROS_ACE_HEADER

#define ROS_ACE_HEADER   ACE_HEADER

Definition at line 15 of file tokentest.c.

◆ UNICODE

Definition at line 1 of file tokentest.c.

Typedef Documentation

◆ SID_2

typedef struct _SID_2 SID_2

Function Documentation

◆ CreateInitialSystemToken()

NTSTATUS CreateInitialSystemToken ( HANDLE phSystemToken)

Definition at line 342 of file tokentest.c.

343{
344 static SID sidSystem = { 1, 1, {SECURITY_NT_AUTHORITY}, {SECURITY_LOCAL_SYSTEM_RID} };
345 static SID sidEveryone = { 1, 1, {SECURITY_WORLD_SID_AUTHORITY}, {SECURITY_WORLD_RID} };
346 static SID sidAuthenticatedUser = { 1, 1, {SECURITY_NT_AUTHORITY}, {SECURITY_AUTHENTICATED_USER_RID} };
347 static SID_2 sidAdministrators = { 1, 2, {SECURITY_NT_AUTHORITY}, {SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS} };
348 static const int nGroupCount = 3;
349
351 ULONG uSize;
352 DWORD i;
353
354 TOKEN_USER tkUser;
355 TOKEN_OWNER tkDefaultOwner;
356 TOKEN_PRIMARY_GROUP tkPrimaryGroup;
357
358 TOKEN_GROUPS* ptkGroups = 0;
359 TOKEN_PRIVILEGES* ptkPrivileges = 0;
360 TOKEN_DEFAULT_DACL tkDefaultDacl = { 0 };
361
362 LARGE_INTEGER tkExpiration;
363
364 LUID authId = SYSTEM_LUID;
365
367 {
368 { '*', '*', 'A', 'N', 'O', 'N', '*', '*' },
369 {0, 0}
370 };
371
373 {
374 sizeof(sqos),
377 FALSE
378 };
379
381 {
382 sizeof(oa),
383 0,
384 0,
385 0,
386 0,
387 &sqos
388 };
389
390 tkExpiration.QuadPart = -1;
391 status = ZwAllocateLocallyUniqueId(&source.SourceIdentifier);
392 if ( status != 0 )
393 return status;
394
395 tkUser.User.Sid = &sidSystem;
396 tkUser.User.Attributes = 0;
397
398 // Under WinXP (the only MS OS I've tested) ZwCreateToken()
399 // squawks if we use sidAdministrators here -- though running
400 // a progrem under AT and using the DisplayToken() function
401 // shows that the system token does default ownership to
402 // Administrator.
403
404 // For now, default ownership to system, since that works
405 tkDefaultOwner.Owner = &sidSystem;
406 tkPrimaryGroup.PrimaryGroup = &sidSystem;
407
408 uSize = sizeof(TOKEN_GROUPS) - sizeof(ptkGroups->Groups);
409 uSize += sizeof(SID_AND_ATTRIBUTES) * nGroupCount;
410
411 ptkGroups = (TOKEN_GROUPS*) malloc(uSize);
412 ptkGroups->GroupCount = nGroupCount;
413
414 ptkGroups->Groups[0].Sid = (SID*) &sidAdministrators;
415 ptkGroups->Groups[0].Attributes = SE_GROUP_ENABLED;
416
417 ptkGroups->Groups[1].Sid = &sidEveryone;
419
420 ptkGroups->Groups[2].Sid = &sidAuthenticatedUser;
422
423 uSize = sizeof(TOKEN_PRIVILEGES) - sizeof(ptkPrivileges->Privileges);
424 uSize += sizeof(LUID_AND_ATTRIBUTES) * sizeof(InitialPrivilegeSet) / sizeof(InitialPrivilegeSet[0]);
425 ptkPrivileges = (TOKEN_PRIVILEGES*) malloc(uSize);
426 ptkPrivileges->PrivilegeCount = sizeof(InitialPrivilegeSet) / sizeof(InitialPrivilegeSet[0]);
427 for (i = 0; i < ptkPrivileges->PrivilegeCount; i++)
428 {
432 }
433
434 // Calculate the length needed for the ACL
435 uSize = sizeof(ACL);
436 uSize += sizeof(ACE) + sizeof(sidSystem);
437 uSize += sizeof(ACE) + sizeof(sidAdministrators);
438 uSize = (uSize & (~3)) + 8;
439 tkDefaultDacl.DefaultDacl = (PACL) malloc(uSize);
440
441 status = RtlCreateAcl(tkDefaultDacl.DefaultDacl, uSize, ACL_REVISION);
442 if ( ! NT_SUCCESS(status) )
443 printf("RtlCreateAcl() failed: 0x%08x\n", status);
444
446 if ( ! NT_SUCCESS(status) )
447 printf("RtlAddAccessAllowedAce() failed: 0x%08x\n", status);
448
450 if ( ! NT_SUCCESS(status) )
451 printf("RtlAddAccessAllowedAce() failed: 0x%08x\n", status);
452
453 printf("Parameters being passed into ZwCreateToken:\n\n");
454 DisplayTokenSids(&tkUser, ptkGroups, &tkDefaultOwner, &tkPrimaryGroup);
455 DisplayDacl(tkDefaultDacl.DefaultDacl);
456
457 printf("Calling ZwCreateToken()...\n");
458 status = ZwCreateToken(phSystemToken,
460 &oa,
462 &authId,
463 &tkExpiration,
464 &tkUser,
465 ptkGroups,
466 ptkPrivileges,
467 &tkDefaultOwner,
468 &tkPrimaryGroup,
469 &tkDefaultDacl,
470 &source);
471
472 // Cleanup
473 free(ptkGroups);
474 free(ptkPrivileges);
475 free(tkDefaultDacl.DefaultDacl);
476
477 return status;
478}
LONG NTSTATUS
Definition: precomp.h:26
#define free
Definition: debug_ros.c:5
#define malloc
Definition: debug_ros.c:4
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define GENERIC_READ
Definition: compat.h:135
unsigned long DWORD
Definition: ntddk_ex.h:95
#define printf
Definition: freeldr.h:97
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
@ SecurityAnonymous
Definition: lsa.idl:55
@ TokenPrimary
Definition: imports.h:273
struct _ACL ACL
struct _ACL * PACL
Definition: security.c:105
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
struct _ACE ACE
NTSYSAPI NTSTATUS NTAPI ZwCreateToken(_Out_ PHANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PTOKEN_USER TokenUser, _In_ PTOKEN_GROUPS TokenGroups, _In_ PTOKEN_PRIVILEGES TokenPrivileges, _In_ PTOKEN_OWNER TokenOwner, _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup, _In_ PTOKEN_DEFAULT_DACL TokenDefaultDacl, _In_ PTOKEN_SOURCE TokenSource)
NTSYSAPI NTSTATUS NTAPI ZwAllocateLocallyUniqueId(_Out_ LUID *LocallyUniqueId)
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
#define SE_GROUP_ENABLED
Definition: setypes.h:92
#define GENERIC_ALL
Definition: nt_native.h:92
#define READ_CONTROL
Definition: nt_native.h:58
#define GENERIC_EXECUTE
Definition: nt_native.h:91
LONG HighPart
DWORD LowPart
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:1018
$ULONG GroupCount
Definition: setypes.h:1014
PSID Owner
Definition: setypes.h:1028
$ULONG PrivilegeCount
Definition: setypes.h:1023
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:1024
SID_AND_ATTRIBUTES User
Definition: setypes.h:1010
Definition: ps.c:97
void DisplayDacl(PACL pAcl)
Definition: tokentest.c:231
void DisplayTokenSids(TOKEN_USER *pUser, TOKEN_GROUPS *pGroups, TOKEN_OWNER *pOwner, TOKEN_PRIMARY_GROUP *pPrimary)
Definition: tokentest.c:189
LUID_AND_ATTRIBUTES InitialPrivilegeSet[]
Definition: tokentest.c:119
uint32_t ULONG
Definition: typedefs.h:59
LONGLONG QuadPart
Definition: typedefs.h:114
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
#define SECURITY_WORLD_SID_AUTHORITY
Definition: setypes.h:527
struct _TOKEN_PRIVILEGES TOKEN_PRIVILEGES
#define SECURITY_WORLD_RID
Definition: setypes.h:541
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:568
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
#define SYSTEM_LUID
Definition: setypes.h:700
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
#define ACL_REVISION
Definition: setypes.h:39
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652
struct _TOKEN_GROUPS TOKEN_GROUPS
#define TOKEN_ALL_ACCESS
Definition: setypes.h:946

Referenced by main().

◆ DisplayDacl()

void DisplayDacl ( PACL  pAcl)

Definition at line 231 of file tokentest.c.

232{
233 DWORD i;
235
236 if ( ! pAcl )
237 {
238 printf("\nNo Default Dacl.\n");
239 return;
240 }
241
242 printf("\nDacl:\n");
243 for (i = 0; i < pAcl->AceCount; i++)
244 {
245 UNICODE_STRING scSid;
246 ROS_ACE* pAce;
247 LPWSTR wszType = 0;
248 PSID pSid;
249
250 status = RtlGetAce(pAcl, i, (ROS_ACE**) &pAce);
251 if ( ! NT_SUCCESS(status) )
252 {
253 printf("RtlGetAce(): status = 0x%08x\n", status);
254 break;
255 }
256
257 pSid = (PSID) (pAce + 1);
258 if ( pAce->Header.AceType == ACCESS_ALLOWED_ACE_TYPE )
259 wszType = L"allow";
260 if ( pAce->Header.AceType == ACCESS_DENIED_ACE_TYPE )
261 wszType = L"deny ";
262
264 if ( ! NT_SUCCESS(status) )
265 {
266 printf("RtlConvertSidToUnicodeString(): status = 0x%08x\n", status);
267 break;
268 }
269
270 printf("%d.) %S %wZ 0x%08x\n", i, wszType, &scSid, pAce->AccessMask);
271 LocalFree(scSid.Buffer);
272 }
273}
#define TRUE
Definition: types.h:120
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
static PSID pSid
Definition: security.c:74
struct _SID * PSID
Definition: eventlog.c:35
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
NTSYSAPI NTSTATUS NTAPI RtlConvertSidToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PVOID Sid, IN BOOLEAN AllocateDestinationString)
#define L(x)
Definition: ntvdm.h:50
USHORT AceCount
Definition: ms-dtyp.idl:297
#define ROS_ACE
Definition: tokentest.c:16
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:717
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:718
WCHAR * LPWSTR
Definition: xmlstorage.h:184

Referenced by CreateInitialSystemToken(), and DisplayToken().

◆ DisplayToken()

void DisplayToken ( HANDLE  hTokenSource)

Definition at line 300 of file tokentest.c.

301{
302 TOKEN_USER* pTokenUser = (PTOKEN_USER) GetFromToken(hTokenSource, TokenUser);
303 TOKEN_GROUPS* pTokenGroups = (PTOKEN_GROUPS) GetFromToken(hTokenSource, TokenGroups);
304 TOKEN_OWNER* pTokenOwner = (PTOKEN_OWNER) GetFromToken(hTokenSource, TokenOwner);
305 TOKEN_PRIMARY_GROUP* pTokenPrimaryGroup = (PTOKEN_PRIMARY_GROUP) GetFromToken(hTokenSource, TokenPrimaryGroup);
306 TOKEN_PRIVILEGES* pTokenPrivileges = (PTOKEN_PRIVILEGES) GetFromToken(hTokenSource, TokenPrivileges);
307 TOKEN_DEFAULT_DACL* pTokenDefaultDacl = (PTOKEN_DEFAULT_DACL) GetFromToken(hTokenSource, TokenDefaultDacl);
308
309 DisplayTokenSids(pTokenUser, pTokenGroups, pTokenOwner, pTokenPrimaryGroup);
310 // DisplayTokenPrivileges(pTokenPrivileges);
311 DisplayDacl(pTokenDefaultDacl->DefaultDacl);
312
313 free(pTokenUser);
314 free(pTokenGroups);
315 free(pTokenOwner);
316 free(pTokenPrimaryGroup);
317 free(pTokenPrivileges);
318 free(pTokenDefaultDacl);
319}
PVOID GetFromToken(HANDLE hToken, TOKEN_INFORMATION_CLASS tic)
Definition: tokentest.c:277
struct _TOKEN_GROUPS * PTOKEN_GROUPS
struct _TOKEN_PRIMARY_GROUP * PTOKEN_PRIMARY_GROUP
struct _TOKEN_DEFAULT_DACL * PTOKEN_DEFAULT_DACL
struct _TOKEN_USER * PTOKEN_USER
@ TokenDefaultDacl
Definition: setypes.h:971
@ TokenGroups
Definition: setypes.h:967
@ TokenPrivileges
Definition: setypes.h:968
@ TokenUser
Definition: setypes.h:966
@ TokenPrimaryGroup
Definition: setypes.h:970
@ TokenOwner
Definition: setypes.h:969
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES
struct _TOKEN_OWNER * PTOKEN_OWNER

Referenced by main().

◆ DisplayTokenPrivileges()

void DisplayTokenPrivileges ( TOKEN_PRIVILEGES pPriv)

Definition at line 205 of file tokentest.c.

206{
207 WCHAR buffer[256];
208 DWORD i;
209
210 printf("\nprivileges:\n");
211 for (i = 0; i < pPriv->PrivilegeCount; i++)
212 {
213 DWORD cbName = sizeof(buffer) / sizeof(buffer[0]);
214 LookupPrivilegeName(0, &pPriv->Privileges[i].Luid, buffer, &cbName);
215
216 printf("%S{0x%08x, 0x%08x} [", buffer, pPriv->Privileges[i].Luid.HighPart, pPriv->Privileges[i].Luid.LowPart);
217
219 printf("enabled,");
221 printf("default,");
223 printf("used");
224
225 printf("]\n");
226 }
227}
GLuint buffer
Definition: glext.h:5915
#define LookupPrivilegeName
Definition: winbase.h:3869
#define SE_PRIVILEGE_USED_FOR_ACCESS
Definition: setypes.h:65
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
#define SE_PRIVILEGE_ENABLED_BY_DEFAULT
Definition: setypes.h:62
__wchar_t WCHAR
Definition: xmlstorage.h:180

◆ DisplayTokenSids()

void DisplayTokenSids ( TOKEN_USER pUser,
TOKEN_GROUPS pGroups,
TOKEN_OWNER pOwner,
TOKEN_PRIMARY_GROUP pPrimary 
)

Definition at line 189 of file tokentest.c.

193{
194 DWORD i;
195
196 printf("\nSids:\n");
197 PrintSid(&pUser->User, pOwner, pPrimary);
198 printf("\nGroups:\n");
199 for (i = 0; i < pGroups->GroupCount; i++)
200 PrintSid(&pGroups->Groups[i], pOwner, pPrimary);
201}
void PrintSid(SID_AND_ATTRIBUTES *pSid, TOKEN_OWNER *pOwner, TOKEN_PRIMARY_GROUP *pPrimary)
Definition: tokentest.c:155

Referenced by CreateInitialSystemToken(), and DisplayToken().

◆ EnablePrivilege()

BOOL EnablePrivilege ( LPWSTR  wszName)

Definition at line 323 of file tokentest.c.

324{
325 HANDLE hToken;
326 TOKEN_PRIVILEGES priv = {1, {{{0, 0}, SE_PRIVILEGE_ENABLED}}};
327 BOOL bResult;
328
329 LookupPrivilegeValue(0, wszName, &priv.Privileges[0].Luid);
330
332
333 AdjustTokenPrivileges(hToken, FALSE, &priv, sizeof priv, 0, 0);
334 bResult = GetLastError() == ERROR_SUCCESS;
335
336 CloseHandle(hToken);
337 return bResult;
338}
#define ERROR_SUCCESS
Definition: deptool.c:10
BOOL WINAPI AdjustTokenPrivileges(HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength)
Definition: security.c:374
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:294
#define CloseHandle
Definition: compat.h:739
#define GetCurrentProcess()
Definition: compat.h:759
unsigned int BOOL
Definition: ntddk_ex.h:94
#define LookupPrivilegeValue
Definition: winbase.h:3870
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
#define TOKEN_ADJUST_PRIVILEGES
Definition: setypes.h:930

Referenced by main().

◆ GetFromToken()

PVOID GetFromToken ( HANDLE  hToken,
TOKEN_INFORMATION_CLASS  tic 
)

Definition at line 277 of file tokentest.c.

278{
279 BOOL bResult;
280 DWORD n;
281 PBYTE p = 0;
282
283 bResult = GetTokenInformation(hToken, tic, 0, 0, &n);
284 if ( ! bResult && GetLastError() != ERROR_INSUFFICIENT_BUFFER)
285 return 0;
286
287 p = (PBYTE) malloc(n);
288 if ( ! GetTokenInformation(hToken, tic, p, n, &n) )
289 {
290 printf("GetFromToken() failed for TOKEN_INFORMATION_CLASS(%d): %d\n", tic, GetLastError());
291 free(p);
292 return 0;
293 }
294
295 return p;
296}
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
Definition: security.c:411
GLdouble n
Definition: glext.h:7729
GLfloat GLfloat p
Definition: glext.h:8902
BYTE * PBYTE
Definition: pedump.c:66

Referenced by DisplayToken().

◆ main()

int main ( int argc  ,
char argv[] 
)

Definition at line 482 of file tokentest.c.

483{
485 HANDLE hSystemToken;
486 CHAR buffer[512];
487 HANDLE hOurToken;
488
489 printf("Current process Token:\n");
490
492 if ( NT_SUCCESS(Status) )
493 {
494 DisplayToken(hOurToken);
495 CloseHandle(hOurToken);
496 }
497 else
498 {
499 printf("ZwOpenProcessToken() failed: 0x%08x\n", Status);
500 }
501
502//#define ENABLE_PRIVILEGE
503#ifdef ENABLE_PRIVILEGE
505#endif
506
507 // Now do the other one
508 Status = CreateInitialSystemToken(&hSystemToken);
509 if ( NT_SUCCESS(Status) )
510 {
511 printf("System Token: 0x%08x\n", hSystemToken);
512 DisplayToken(hSystemToken);
513 CloseHandle(hSystemToken);
514 }
515 else
516 {
517 printf("CreateInitialSystemToken() return: 0x%08x\n", Status);
518 }
519
520 printf("press return");
521 gets(buffer);
522
523 return 0;
524}
Status
Definition: gdiplustypes.h:25
_CRTIMP char *__cdecl gets(char *_Buffer)
Definition: file.c:3645
NTSTATUS CreateInitialSystemToken(HANDLE *phSystemToken)
Definition: tokentest.c:342
BOOL EnablePrivilege(LPWSTR wszName)
Definition: tokentest.c:323
void DisplayToken(HANDLE hTokenSource)
Definition: tokentest.c:300
#define SE_CREATE_TOKEN_NAME
Definition: winnt_old.h:366
#define TOKEN_QUERY_SOURCE
Definition: setypes.h:929
#define TOKEN_QUERY
Definition: setypes.h:928
char CHAR
Definition: xmlstorage.h:175
NTSYSAPI NTSTATUS NTAPI ZwOpenProcessToken(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle)

◆ PrintSid()

void PrintSid ( SID_AND_ATTRIBUTES pSid,
TOKEN_OWNER pOwner,
TOKEN_PRIMARY_GROUP pPrimary 
)

Definition at line 155 of file tokentest.c.

156{
157 UNICODE_STRING scSid;
158
160 printf("%wZ [", &scSid);
161 LocalFree(scSid.Buffer);
162
163 if ( EqualSid(pSid->Sid, pOwner->Owner) )
164 printf("owner,");
165
166 if ( EqualSid(pSid->Sid, pPrimary->PrimaryGroup) )
167 printf("primary,");
168
169 if ( pSid->Attributes & SE_GROUP_ENABLED )
170 {
171 if ( pSid->Attributes & SE_GROUP_ENABLED_BY_DEFAULT )
172 printf("enabled-default,");
173 else
174 printf("enabled,");
175 }
176
177 if ( pSid->Attributes & SE_GROUP_LOGON_ID )
178 printf("logon,");
179
180
181 if ( pSid->Attributes & SE_GROUP_MANDATORY )
182 printf("mandatory,");
183
184 printf("]\n");
185}
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
Definition: security.c:829
#define SE_GROUP_LOGON_ID
Definition: setypes.h:98

Referenced by DisplayTokenSids().

Variable Documentation

◆ InitialPrivilegeSet

LUID_AND_ATTRIBUTES InitialPrivilegeSet[]
Initial value:
=
{
{ { 0x00000007, 0x00000000 }, INITIAL_PRIV_ENABLED },
{ { 0x00000002, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x00000009, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x0000000f, 0x00000000 }, INITIAL_PRIV_ENABLED },
{ { 0x00000004, 0x00000000 }, INITIAL_PRIV_ENABLED },
{ { 0x00000003, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x00000005, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x0000000e, 0x00000000 }, INITIAL_PRIV_ENABLED },
{ { 0x00000010, 0x00000000 }, INITIAL_PRIV_ENABLED },
{ { 0x00000014, 0x00000000 }, INITIAL_PRIV_ENABLED },
{ { 0x00000015, 0x00000000 }, INITIAL_PRIV_ENABLED },
{ { 0x00000008, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x00000016, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x00000017, 0x00000000 }, INITIAL_PRIV_ENABLED },
{ { 0x00000011, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x00000012, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x00000013, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x0000000a, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x0000000d, 0x00000000 }, INITIAL_PRIV_ENABLED },
{ { 0x0000000c, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x00000019, 0x00000000 }, INITIAL_PRIV_DISABLED },
{ { 0x0000001c, 0x00000000 }, INITIAL_PRIV_DISABLED },
}
#define INITIAL_PRIV_ENABLED
Definition: tokentest.c:117
#define INITIAL_PRIV_DISABLED
Definition: tokentest.c:118

Definition at line 119 of file tokentest.c.

Referenced by CreateInitialSystemToken().