ReactOS  0.4.13-dev-257-gfabbd7c
tokentest.c
Go to the documentation of this file.
1 #define UNICODE
2 #define _UNICODE
3 
4 #define ANONYMOUSUNIONS
5 #include <windows.h>
6 #include <stdlib.h>
7 
8 #define NTOS_MODE_USER
9 #include <ndk/ntndk.h>
10 
11 
12 #define INCLUDE_THE_DDK_HEADERS
13 #ifdef INCLUDE_THE_DDK_HEADERS
14 #include <ddk/ntddk.h>
15 #define ROS_ACE_HEADER ACE_HEADER
16 #define ROS_ACE ACE
17 
18 #else
19 typedef LONG NTSTATUS, *PNTSTATUS;
20 
21 typedef struct _UNICODE_STRING
22 {
23  USHORT Length;
25  PWSTR Buffer;
27 
28 typedef struct _OBJECT_ATTRIBUTES {
29  ULONG Length;
33  PVOID SecurityDescriptor; // Points to type SECURITY_DESCRIPTOR
34  PVOID SecurityQualityOfService; // Points to type SECURITY_QUALITY_OF_SERVICE
37 
38 typedef struct _ROS_ACE_HEADER
39 {
40  CHAR AceType;
41  CHAR AceFlags;
42  USHORT AceSize;
43 } ROS_ACE_HEADER, *PROS_ACE_HEADER;
44 
45 typedef struct
46 {
49 } ROS_ACE, *PROS_ACE;
50 
53 NTAPI
56  IN PSID Sid,
57  IN BOOLEAN AllocateString
58  );
59 
62 NTAPI
64  PACL Acl,
65  ULONG AclSize,
67 
70 NTAPI
72  PACL Acl,
75  PSID Sid
76  );
77 
80 NTAPI
81 RtlGetAce (
82  PACL Acl,
84  PROS_ACE *Ace
85  );
86 
89 NTAPI
91  OUT PLUID Luid
92  );
93 
96 NTAPI
102  IN PLUID AuthenticationId,
103  IN PLARGE_INTEGER ExpirationTime,
111  );
112 #define NT_SUCCESS(StatCode) ((NTSTATUS)(StatCode) >= 0)
113 #endif
114 
115 #include <stdio.h>
116 
117 #define INITIAL_PRIV_ENABLED SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED
118 #define INITIAL_PRIV_DISABLED 0
120 {
121  { { 0x00000007, 0x00000000 }, INITIAL_PRIV_ENABLED }, // SeTcbPrivilege
122  { { 0x00000002, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeCreateTokenPrivilege
123  { { 0x00000009, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeTakeOwnershipPrivilege
124  { { 0x0000000f, 0x00000000 }, INITIAL_PRIV_ENABLED }, // SeCreatePagefilePrivilege
125  { { 0x00000004, 0x00000000 }, INITIAL_PRIV_ENABLED }, // SeLockMemoryPrivilege
126  { { 0x00000003, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeAssignPrimaryTokenPrivilege
127  { { 0x00000005, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeIncreaseQuotaPrivilege
128  { { 0x0000000e, 0x00000000 }, INITIAL_PRIV_ENABLED }, // SeIncreaseBasePriorityPrivilege
129  { { 0x00000010, 0x00000000 }, INITIAL_PRIV_ENABLED }, // SeCreatePermanentPrivilege
130  { { 0x00000014, 0x00000000 }, INITIAL_PRIV_ENABLED }, // SeDebugPrivilege
131  { { 0x00000015, 0x00000000 }, INITIAL_PRIV_ENABLED }, // SeAuditPrivilege
132  { { 0x00000008, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeSecurityPrivilege
133  { { 0x00000016, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeSystemEnvironmentPrivilege
134  { { 0x00000017, 0x00000000 }, INITIAL_PRIV_ENABLED }, // SeChangeNotifyPrivilege
135  { { 0x00000011, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeBackupPrivilege
136  { { 0x00000012, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeRestorePrivilege
137  { { 0x00000013, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeShutdownPrivilege
138  { { 0x0000000a, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeLoadDriverPrivilege
139  { { 0x0000000d, 0x00000000 }, INITIAL_PRIV_ENABLED }, // SeProfileSingleProcessPrivilege
140  { { 0x0000000c, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeSystemtimePrivilege
141  { { 0x00000019, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeUndockPrivilege
142  { { 0x0000001c, 0x00000000 }, INITIAL_PRIV_DISABLED }, // SeManageVolumePrivilege
143 };
144 
145 typedef struct _SID_2
146 {
151 } SID_2;
152 
153 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
154 void
156 {
157  UNICODE_STRING scSid;
158 
159  RtlConvertSidToUnicodeString(&scSid, pSid->Sid, TRUE);
160  printf("%wZ [", &scSid);
161  LocalFree(scSid.Buffer);
162 
163  if ( EqualSid(pSid->Sid, pOwner->Owner) )
164  printf("owner,");
165 
166  if ( EqualSid(pSid->Sid, pPrimary->PrimaryGroup) )
167  printf("primary,");
168 
169  if ( pSid->Attributes & SE_GROUP_ENABLED )
170  {
171  if ( pSid->Attributes & SE_GROUP_ENABLED_BY_DEFAULT )
172  printf("enabled-default,");
173  else
174  printf("enabled,");
175  }
176 
177  if ( pSid->Attributes & SE_GROUP_LOGON_ID )
178  printf("logon,");
179 
180 
181  if ( pSid->Attributes & SE_GROUP_MANDATORY )
182  printf("mandatory,");
183 
184  printf("]\n");
185 }
186 
187 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
188 void
190  TOKEN_GROUPS* pGroups,
191  TOKEN_OWNER* pOwner,
192  TOKEN_PRIMARY_GROUP* pPrimary)
193 {
194  DWORD i;
195 
196  printf("\nSids:\n");
197  PrintSid(&pUser->User, pOwner, pPrimary);
198  printf("\nGroups:\n");
199  for (i = 0; i < pGroups->GroupCount; i++)
200  PrintSid(&pGroups->Groups[i], pOwner, pPrimary);
201 }
202 
203 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
204 void
206 {
207  WCHAR buffer[256];
208  DWORD i;
209 
210  printf("\nprivileges:\n");
211  for (i = 0; i < pPriv->PrivilegeCount; i++)
212  {
213  DWORD cbName = sizeof(buffer) / sizeof(buffer[0]);
214  LookupPrivilegeName(0, &pPriv->Privileges[i].Luid, buffer, &cbName);
215 
216  printf("%S{0x%08x, 0x%08x} [", buffer, pPriv->Privileges[i].Luid.HighPart, pPriv->Privileges[i].Luid.LowPart);
217 
219  printf("enabled,");
221  printf("default,");
223  printf("used");
224 
225  printf("]\n");
226  }
227 }
228 
229 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
230 void
232 {
233  DWORD i;
235 
236  if ( ! pAcl )
237  {
238  printf("\nNo Default Dacl.\n");
239  return;
240  }
241 
242  printf("\nDacl:\n");
243  for (i = 0; i < pAcl->AceCount; i++)
244  {
245  UNICODE_STRING scSid;
246  ROS_ACE* pAce;
247  LPWSTR wszType = 0;
248  PSID pSid;
249 
250  status = RtlGetAce(pAcl, i, (ROS_ACE**) &pAce);
251  if ( ! NT_SUCCESS(status) )
252  {
253  printf("RtlGetAce(): status = 0x%08x\n", status);
254  break;
255  }
256 
257  pSid = (PSID) (pAce + 1);
258  if ( pAce->Header.AceType == ACCESS_ALLOWED_ACE_TYPE )
259  wszType = L"allow";
260  if ( pAce->Header.AceType == ACCESS_DENIED_ACE_TYPE )
261  wszType = L"deny ";
262 
264  if ( ! NT_SUCCESS(status) )
265  {
266  printf("RtlConvertSidToUnicodeString(): status = 0x%08x\n", status);
267  break;
268  }
269 
270  printf("%d.) %S %wZ 0x%08x\n", i, wszType, &scSid, pAce->AccessMask);
271  LocalFree(scSid.Buffer);
272  }
273 }
274 
275 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
276 PVOID
278 {
279  BOOL bResult;
280  DWORD n;
281  PBYTE p = 0;
282 
283  bResult = GetTokenInformation(hToken, tic, 0, 0, &n);
284  if ( ! bResult && GetLastError() != ERROR_INSUFFICIENT_BUFFER)
285  return 0;
286 
287  p = (PBYTE) malloc(n);
288  if ( ! GetTokenInformation(hToken, tic, p, n, &n) )
289  {
290  printf("GetFromToken() failed for TOKEN_INFORMATION_CLASS(%d): %d\n", tic, GetLastError());
291  free(p);
292  return 0;
293  }
294 
295  return p;
296 }
297 
298 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
299 void
300 DisplayToken(HANDLE hTokenSource)
301 {
302  TOKEN_USER* pTokenUser = (PTOKEN_USER) GetFromToken(hTokenSource, TokenUser);
303  TOKEN_GROUPS* pTokenGroups = (PTOKEN_GROUPS) GetFromToken(hTokenSource, TokenGroups);
304  TOKEN_OWNER* pTokenOwner = (PTOKEN_OWNER) GetFromToken(hTokenSource, TokenOwner);
305  TOKEN_PRIMARY_GROUP* pTokenPrimaryGroup = (PTOKEN_PRIMARY_GROUP) GetFromToken(hTokenSource, TokenPrimaryGroup);
306  TOKEN_PRIVILEGES* pTokenPrivileges = (PTOKEN_PRIVILEGES) GetFromToken(hTokenSource, TokenPrivileges);
307  TOKEN_DEFAULT_DACL* pTokenDefaultDacl = (PTOKEN_DEFAULT_DACL) GetFromToken(hTokenSource, TokenDefaultDacl);
308 
309  DisplayTokenSids(pTokenUser, pTokenGroups, pTokenOwner, pTokenPrimaryGroup);
310  // DisplayTokenPrivileges(pTokenPrivileges);
311  DisplayDacl(pTokenDefaultDacl->DefaultDacl);
312 
313  free(pTokenUser);
314  free(pTokenGroups);
315  free(pTokenOwner);
316  free(pTokenPrimaryGroup);
317  free(pTokenPrivileges);
318  free(pTokenDefaultDacl);
319 }
320 
321 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
322 BOOL
324 {
325  HANDLE hToken;
326  TOKEN_PRIVILEGES priv = {1, {{{0, 0}, SE_PRIVILEGE_ENABLED}}};
327  BOOL bResult;
328 
329  LookupPrivilegeValue(0, wszName, &priv.Privileges[0].Luid);
330 
332 
333  AdjustTokenPrivileges(hToken, FALSE, &priv, sizeof priv, 0, 0);
334  bResult = GetLastError() == ERROR_SUCCESS;
335 
336  CloseHandle(hToken);
337  return bResult;
338 }
339 
340 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
341 NTSTATUS
343 {
344  static SID sidSystem = { 1, 1, {SECURITY_NT_AUTHORITY}, {SECURITY_LOCAL_SYSTEM_RID} };
345  static SID sidEveryone = { 1, 1, {SECURITY_WORLD_SID_AUTHORITY}, {SECURITY_WORLD_RID} };
346  static SID sidAuthenticatedUser = { 1, 1, {SECURITY_NT_AUTHORITY}, {SECURITY_AUTHENTICATED_USER_RID} };
347  static SID_2 sidAdministrators = { 1, 2, {SECURITY_NT_AUTHORITY}, {SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS} };
348  static const int nGroupCount = 3;
349 
351  ULONG uSize;
352  DWORD i;
353 
354  TOKEN_USER tkUser;
355  TOKEN_OWNER tkDefaultOwner;
356  TOKEN_PRIMARY_GROUP tkPrimaryGroup;
357 
358  TOKEN_GROUPS* ptkGroups = 0;
359  TOKEN_PRIVILEGES* ptkPrivileges = 0;
360  TOKEN_DEFAULT_DACL tkDefaultDacl = { 0 };
361 
362  LARGE_INTEGER tkExpiration;
363 
364  LUID authId = SYSTEM_LUID;
365 
367  {
368  { '*', '*', 'A', 'N', 'O', 'N', '*', '*' },
369  {0, 0}
370  };
371 
373  {
374  sizeof(sqos),
377  FALSE
378  };
379 
380  OBJECT_ATTRIBUTES oa =
381  {
382  sizeof(oa),
383  0,
384  0,
385  0,
386  0,
387  &sqos
388  };
389 
390  tkExpiration.QuadPart = -1;
391  status = ZwAllocateLocallyUniqueId(&source.SourceIdentifier);
392  if ( status != 0 )
393  return status;
394 
395  tkUser.User.Sid = &sidSystem;
396  tkUser.User.Attributes = 0;
397 
398  // Under WinXP (the only MS OS I've tested) ZwCreateToken()
399  // squawks if we use sidAdministrators here -- though running
400  // a progrem under AT and using the DisplayToken() function
401  // shows that the system token does default ownership to
402  // Administrator.
403 
404  // For now, default ownership to system, since that works
405  tkDefaultOwner.Owner = &sidSystem;
406  tkPrimaryGroup.PrimaryGroup = &sidSystem;
407 
408  uSize = sizeof(TOKEN_GROUPS) - sizeof(ptkGroups->Groups);
409  uSize += sizeof(SID_AND_ATTRIBUTES) * nGroupCount;
410 
411  ptkGroups = (TOKEN_GROUPS*) malloc(uSize);
412  ptkGroups->GroupCount = nGroupCount;
413 
414  ptkGroups->Groups[0].Sid = (SID*) &sidAdministrators;
415  ptkGroups->Groups[0].Attributes = SE_GROUP_ENABLED;
416 
417  ptkGroups->Groups[1].Sid = &sidEveryone;
419 
420  ptkGroups->Groups[2].Sid = &sidAuthenticatedUser;
422 
423  uSize = sizeof(TOKEN_PRIVILEGES) - sizeof(ptkPrivileges->Privileges);
424  uSize += sizeof(LUID_AND_ATTRIBUTES) * sizeof(InitialPrivilegeSet) / sizeof(InitialPrivilegeSet[0]);
425  ptkPrivileges = (TOKEN_PRIVILEGES*) malloc(uSize);
426  ptkPrivileges->PrivilegeCount = sizeof(InitialPrivilegeSet) / sizeof(InitialPrivilegeSet[0]);
427  for (i = 0; i < ptkPrivileges->PrivilegeCount; i++)
428  {
432  }
433 
434  // Calculate the length needed for the ACL
435  uSize = sizeof(ACL);
436  uSize += sizeof(ACE) + sizeof(sidSystem);
437  uSize += sizeof(ACE) + sizeof(sidAdministrators);
438  uSize = (uSize & (~3)) + 8;
439  tkDefaultDacl.DefaultDacl = (PACL) malloc(uSize);
440 
441  status = RtlCreateAcl(tkDefaultDacl.DefaultDacl, uSize, ACL_REVISION);
442  if ( ! NT_SUCCESS(status) )
443  printf("RtlCreateAcl() failed: 0x%08x\n", status);
444 
445  status = RtlAddAccessAllowedAce(tkDefaultDacl.DefaultDacl, ACL_REVISION, GENERIC_ALL, &sidSystem);
446  if ( ! NT_SUCCESS(status) )
447  printf("RtlAddAccessAllowedAce() failed: 0x%08x\n", status);
448 
450  if ( ! NT_SUCCESS(status) )
451  printf("RtlAddAccessAllowedAce() failed: 0x%08x\n", status);
452 
453  printf("Parameters being passed into ZwCreateToken:\n\n");
454  DisplayTokenSids(&tkUser, ptkGroups, &tkDefaultOwner, &tkPrimaryGroup);
455  DisplayDacl(tkDefaultDacl.DefaultDacl);
456 
457  printf("Calling ZwCreateToken()...\n");
458  status = ZwCreateToken(phSystemToken,
460  &oa,
461  TokenPrimary,
462  &authId,
463  &tkExpiration,
464  &tkUser,
465  ptkGroups,
466  ptkPrivileges,
467  &tkDefaultOwner,
468  &tkPrimaryGroup,
469  &tkDefaultDacl,
470  &source);
471 
472  // Cleanup
473  free(ptkGroups);
474  free(ptkPrivileges);
475  free(tkDefaultDacl.DefaultDacl);
476 
477  return status;
478 }
479 
480 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
481 int
482 main(int argc, char* argv[])
483 {
485  HANDLE hSystemToken;
486  CHAR buffer[512];
487  HANDLE hOurToken;
488 
489  printf("Current process Token:\n");
490 
492  if ( NT_SUCCESS(Status) )
493  {
494  DisplayToken(hOurToken);
495  CloseHandle(hOurToken);
496  }
497  else
498  {
499  printf("ZwOpenProcessToken() failed: 0x%08x\n", Status);
500  }
501 
502 //#define ENABLE_PRIVILEGE
503 #ifdef ENABLE_PRIVILEGE
505 #endif
506 
507  // Now do the other one
508  Status = CreateInitialSystemToken(&hSystemToken);
509  if ( NT_SUCCESS(Status) )
510  {
511  printf("System Token: 0x%08x\n", hSystemToken);
512  DisplayToken(hSystemToken);
513  CloseHandle(hSystemToken);
514  }
515  else
516  {
517  printf("CreateInitialSystemToken() return: 0x%08x\n", Status);
518  }
519 
520  printf("press return");
521  gets(buffer);
522 
523  return 0;
524 }
* PNTSTATUS
Definition: strlen.c:14
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
static int argc
Definition: ServiceArgs.c:12
#define IN
Definition: typedefs.h:38
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:540
#define GENERIC_ALL
Definition: nt_native.h:92
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:546
#define TRUE
Definition: types.h:120
#define CloseHandle
Definition: compat.h:398
#define ERROR_SUCCESS
Definition: deptool.c:10
struct _OBJECT_ATTRIBUTES * POBJECT_ATTRIBUTES
Definition: file.c:85
USHORT MaximumLength
Definition: env_spec_w32.h:370
struct _TOKEN_PRIMARY_GROUP * PTOKEN_PRIMARY_GROUP
_CRTIMP char *__cdecl gets(char *_Buffer)
Definition: file.c:3643
uint16_t * PWSTR
Definition: typedefs.h:54
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
Definition: security.c:708
struct _ACE ACE
char CHAR
Definition: xmlstorage.h:175
#define free
Definition: debug_ros.c:5
LONG NTSTATUS
Definition: precomp.h:26
UCHAR SubAuthorityCount
Definition: tokentest.c:148
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
GLdouble n
Definition: glext.h:7729
$ULONG PrivilegeCount
Definition: setypes.h:969
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
GLuint buffer
Definition: glext.h:5915
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
static WCHAR String[]
Definition: stringtable.c:55
void PrintSid(SID_AND_ATTRIBUTES *pSid, TOKEN_OWNER *pOwner, TOKEN_PRIMARY_GROUP *pPrimary)
Definition: tokentest.c:155
#define argv
Definition: mplay32.c:18
#define NTSYSAPI
Definition: ntoskrnl.h:14
#define LookupPrivilegeValue
Definition: winbase.h:3684
USHORT AceCount
Definition: ms-dtyp.idl:297
_In_ ULONG Revision
Definition: rtlfuncs.h:1104
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
#define ROS_ACE
Definition: tokentest.c:16
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
struct _TOKEN_DEFAULT_DACL * PTOKEN_DEFAULT_DACL
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
Definition: Header.h:8
unsigned int BOOL
Definition: ntddk_ex.h:94
long LONG
Definition: pedump.c:60
#define INITIAL_PRIV_ENABLED
Definition: tokentest.c:117
Definition: card.h:12
unsigned char BOOLEAN
struct _TOKEN_PRIVILEGES TOKEN_PRIVILEGES
NTSTATUS CreateInitialSystemToken(HANDLE *phSystemToken)
Definition: tokentest.c:342
struct _ACL ACL
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
PSID Owner
Definition: setypes.h:974
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
NTSYSAPI NTSTATUS NTAPI ZwAllocateLocallyUniqueId(_Out_ LUID *LocallyUniqueId)
struct _TOKEN_GROUPS * PTOKEN_GROUPS
#define SE_PRIVILEGE_USED_FOR_ACCESS
Definition: setypes.h:65
void DisplayTokenSids(TOKEN_USER *pUser, TOKEN_GROUPS *pGroups, TOKEN_OWNER *pOwner, TOKEN_PRIMARY_GROUP *pPrimary)
Definition: tokentest.c:189
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:526
struct _OBJECT_ATTRIBUTES OBJECT_ATTRIBUTES
UCHAR Revision
Definition: tokentest.c:147
struct _ACL * PACL
Definition: security.c:104
PVOID GetFromToken(HANDLE hToken, TOKEN_INFORMATION_CLASS tic)
Definition: tokentest.c:277
#define SE_PRIVILEGE_ENABLED_BY_DEFAULT
Definition: setypes.h:62
void DisplayToken(HANDLE hTokenSource)
Definition: tokentest.c:300
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: tokentest.c:149
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
#define TOKEN_QUERY
Definition: setypes.h:874
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SE_GROUP_ENABLED
Definition: setypes.h:92
#define SECURITY_WORLD_SID_AUTHORITY
Definition: setypes.h:499
DWORD LowPart
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
HANDLE WINAPI GetCurrentProcess(VOID)
Definition: proc.c:1168
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
unsigned long DWORD
Definition: ntddk_ex.h:95
#define TOKEN_ALL_ACCESS
Definition: setypes.h:892
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:685
#define TOKEN_QUERY_SOURCE
Definition: setypes.h:875
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
void DisplayTokenPrivileges(TOKEN_PRIVILEGES *pPriv)
Definition: tokentest.c:205
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
#define SECURITY_WORLD_RID
Definition: setypes.h:513
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:686
NTSYSAPI NTSTATUS NTAPI RtlConvertSidToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PVOID Sid, IN BOOLEAN AllocateDestinationString)
#define LookupPrivilegeName
Definition: winbase.h:3683
struct _SID * PSID
Definition: eventlog.c:35
#define READ_CONTROL
Definition: nt_native.h:58
ULONG SubAuthority[2]
Definition: tokentest.c:150
struct _SID_2 SID_2
unsigned char UCHAR
Definition: xmlstorage.h:181
struct _TOKEN_OWNER * PTOKEN_OWNER
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES
static const WCHAR L[]
Definition: oid.c:1250
LONG HighPart
#define NTSTATUS
Definition: precomp.h:20
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:414
_In_ ULONG _In_ ULONG AclRevision
Definition: rtlfuncs.h:1844
LUID_AND_ATTRIBUTES InitialPrivilegeSet[]
Definition: tokentest.c:119
#define GENERIC_READ
Definition: compat.h:124
_In_ ULONG AceIndex
Definition: rtlfuncs.h:1864
enum _TOKEN_TYPE TOKEN_TYPE
#define SYSTEM_LUID
Definition: setypes.h:672
struct _TOKEN_GROUPS TOKEN_GROUPS
BOOL WINAPI AdjustTokenPrivileges(HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength)
Definition: security.c:376
Status
Definition: gdiplustypes.h:24
#define SE_GROUP_LOGON_ID
Definition: setypes.h:98
static const ACEFLAG AceType[]
Definition: security.c:2259
#define ROS_ACE_HEADER
Definition: tokentest.c:15
PVOID SecurityDescriptor
Definition: umtypes.h:187
BOOL EnablePrivilege(LPWSTR wszName)
Definition: tokentest.c:323
unsigned short USHORT
Definition: pedump.c:61
NTSYSAPI NTSTATUS NTAPI ZwOpenProcessToken(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle)
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:964
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:296
static PSID pSid
Definition: security.c:74
#define SE_CREATE_TOKEN_NAME
Definition: winnt_old.h:365
UNICODE_STRING * PUNICODE_STRING
Definition: env_spec_w32.h:373
void DisplayDacl(PACL pAcl)
Definition: tokentest.c:231
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:970
struct _UNICODE_STRING UNICODE_STRING
#define ACL_REVISION
Definition: setypes.h:39
PVOID SecurityQualityOfService
Definition: umtypes.h:188
$ULONG GroupCount
Definition: setypes.h:960
#define OUT
Definition: typedefs.h:39
#define INITIAL_PRIV_DISABLED
Definition: tokentest.c:118
PUNICODE_STRING ObjectName
Definition: umtypes.h:185
HANDLE RootDirectory
Definition: umtypes.h:184
unsigned int ULONG
Definition: retypes.h:1
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
Definition: security.c:413
struct _TOKEN_USER * PTOKEN_USER
SID_AND_ATTRIBUTES User
Definition: setypes.h:956
#define malloc
Definition: debug_ros.c:4
GLfloat GLfloat p
Definition: glext.h:8902
WCHAR * LPWSTR
Definition: xmlstorage.h:184
#define GENERIC_EXECUTE
Definition: nt_native.h:91
#define TOKEN_ADJUST_PRIVILEGES
Definition: setypes.h:876
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:624
static SERVICE_STATUS status
Definition: service.c:31
BYTE * PBYTE
Definition: pedump.c:66
NTSYSAPI NTSTATUS NTAPI ZwCreateToken(_Out_ PHANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PTOKEN_USER TokenUser, _In_ PTOKEN_GROUPS TokenGroups, _In_ PTOKEN_PRIVILEGES TokenPrivileges, _In_ PTOKEN_OWNER TokenOwner, _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup, _In_ PTOKEN_DEFAULT_DACL TokenDefaultDacl, _In_ PTOKEN_SOURCE TokenSource)
ULONG ACCESS_MASK
Definition: nt_native.h:40
static const ACEFLAG AceFlags[]
Definition: security.c:2300
LONGLONG QuadPart
Definition: typedefs.h:112
int main(int argc, char *argv[])
Definition: tokentest.c:482
#define printf
Definition: config.h:203
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:417
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10
Definition: ps.c:97