12#define INCLUDE_THE_DDK_HEADERS
13#ifdef INCLUDE_THE_DDK_HEADERS
15#define ROS_ACE_HEADER ACE_HEADER
38typedef struct _ROS_ACE_HEADER
112#define NT_SUCCESS(StatCode) ((NTSTATUS)(StatCode) >= 0)
117#define INITIAL_PRIV_ENABLED SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED
118#define INITIAL_PRIV_DISABLED 0
172 printf(
"enabled-default,");
210 printf(
"\nprivileges:\n");
238 printf(
"\nNo Default Dacl.\n");
266 printf(
"RtlConvertSidToUnicodeString(): status = 0x%08x\n",
status);
270 printf(
"%d.) %S %wZ 0x%08x\n",
i, wszType, &scSid, pAce->AccessMask);
290 printf(
"GetFromToken() failed for TOKEN_INFORMATION_CLASS(%d): %d\n", tic,
GetLastError());
309 DisplayTokenSids(pTokenUser, pTokenGroups, pTokenOwner, pTokenPrimaryGroup);
316 free(pTokenPrimaryGroup);
317 free(pTokenPrivileges);
318 free(pTokenDefaultDacl);
348 static const int nGroupCount = 3;
368 {
'*',
'*',
'A',
'N',
'O',
'N',
'*',
'*' },
405 tkDefaultOwner.
Owner = &sidSystem;
420 ptkGroups->
Groups[2].
Sid = &sidAuthenticatedUser;
436 uSize +=
sizeof(
ACE) +
sizeof(sidSystem);
437 uSize +=
sizeof(
ACE) +
sizeof(sidAdministrators);
438 uSize = (uSize & (~3)) + 8;
447 printf(
"RtlAddAccessAllowedAce() failed: 0x%08x\n",
status);
451 printf(
"RtlAddAccessAllowedAce() failed: 0x%08x\n",
status);
453 printf(
"Parameters being passed into ZwCreateToken:\n\n");
457 printf(
"Calling ZwCreateToken()...\n");
489 printf(
"Current process Token:\n");
499 printf(
"ZwOpenProcessToken() failed: 0x%08x\n",
Status);
503#ifdef ENABLE_PRIVILEGE
511 printf(
"System Token: 0x%08x\n", hSystemToken);
517 printf(
"CreateInitialSystemToken() return: 0x%08x\n",
Status);
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
#define ERROR_INSUFFICIENT_BUFFER
#define NT_SUCCESS(StatCode)
BOOL WINAPI AdjustTokenPrivileges(HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength)
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
static const ACEFLAG AceFlags[]
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
static const ACEFLAG AceType[]
#define GetCurrentProcess()
UNICODE_STRING * PUNICODE_STRING
struct _UNICODE_STRING UNICODE_STRING
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
HLOCAL NTAPI LocalFree(HLOCAL hMem)
_CRTIMP char *__cdecl gets(char *_Buffer)
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
_In_ ACCESS_MASK AccessMask
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
NTSYSAPI NTSTATUS NTAPI ZwCreateToken(_Out_ PHANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PTOKEN_USER TokenUser, _In_ PTOKEN_GROUPS TokenGroups, _In_ PTOKEN_PRIVILEGES TokenPrivileges, _In_ PTOKEN_OWNER TokenOwner, _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup, _In_ PTOKEN_DEFAULT_DACL TokenDefaultDacl, _In_ PTOKEN_SOURCE TokenSource)
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
NTSYSAPI NTSTATUS NTAPI ZwAllocateLocallyUniqueId(_Out_ LUID *LocallyUniqueId)
#define SE_GROUP_LOGON_ID
#define SE_GROUP_MANDATORY
#define SE_GROUP_ENABLED_BY_DEFAULT
NTSYSAPI NTSTATUS NTAPI RtlConvertSidToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PVOID Sid, IN BOOLEAN AllocateDestinationString)
PVOID SecurityQualityOfService
PUNICODE_STRING ObjectName
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
NTSTATUS CreateInitialSystemToken(HANDLE *phSystemToken)
void DisplayTokenPrivileges(TOKEN_PRIVILEGES *pPriv)
void DisplayDacl(PACL pAcl)
void PrintSid(SID_AND_ATTRIBUTES *pSid, TOKEN_OWNER *pOwner, TOKEN_PRIMARY_GROUP *pPrimary)
BOOL EnablePrivilege(LPWSTR wszName)
#define INITIAL_PRIV_ENABLED
#define INITIAL_PRIV_DISABLED
PVOID GetFromToken(HANDLE hToken, TOKEN_INFORMATION_CLASS tic)
void DisplayTokenSids(TOKEN_USER *pUser, TOKEN_GROUPS *pGroups, TOKEN_OWNER *pOwner, TOKEN_PRIMARY_GROUP *pPrimary)
LUID_AND_ATTRIBUTES InitialPrivilegeSet[]
void DisplayToken(HANDLE hTokenSource)
struct _OBJECT_ATTRIBUTES * POBJECT_ATTRIBUTES
struct _OBJECT_ATTRIBUTES OBJECT_ATTRIBUTES
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ WDFSTRING String
#define LookupPrivilegeName
#define LookupPrivilegeValue
DWORD WINAPI GetLastError(void)
#define SE_CREATE_TOKEN_NAME
_In_ ULONG _In_ ULONG AclRevision
#define TOKEN_QUERY_SOURCE
struct _TOKEN_GROUPS * PTOKEN_GROUPS
#define SECURITY_BUILTIN_DOMAIN_RID
struct _TOKEN_PRIMARY_GROUP * PTOKEN_PRIMARY_GROUP
struct _TOKEN_DEFAULT_DACL * PTOKEN_DEFAULT_DACL
#define SECURITY_WORLD_SID_AUTHORITY
#define TOKEN_ADJUST_PRIVILEGES
struct _TOKEN_PRIVILEGES TOKEN_PRIVILEGES
struct _TOKEN_USER * PTOKEN_USER
#define SECURITY_WORLD_RID
#define SECURITY_STATIC_TRACKING
#define ACCESS_ALLOWED_ACE_TYPE
#define SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_AUTHENTICATED_USER_RID
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
#define SE_PRIVILEGE_USED_FOR_ACCESS
#define SECURITY_NT_AUTHORITY
#define ACCESS_DENIED_ACE_TYPE
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
#define SE_PRIVILEGE_ENABLED
#define DOMAIN_ALIAS_RID_ADMINS
#define SE_PRIVILEGE_ENABLED_BY_DEFAULT
struct _TOKEN_GROUPS TOKEN_GROUPS
struct _TOKEN_OWNER * PTOKEN_OWNER
NTSYSAPI NTSTATUS NTAPI ZwOpenProcessToken(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle)