12#if (NTDDI_VERSION >= NTDDI_VISTA)
20 ULONG PrivilegesToKeep[2];
26 ok(0,
"Failed to open current process token with TOKEN_DUPLICATE access (Status code %lx)!\n",
Status);
34 ok(0,
"Failed to duplicate current process token (Status code %lx)!\n",
Status);
43 ok(0,
"Failed to retrieve token privileges (Status code %lx)!\n",
Status);
50 ok(0,
"No enough privileges to run the test (Number of privilege: %lu)!\n",
Privileges->PrivilegeCount);
55 PrivilegesToKeep[0] =
Privileges->Privileges[1].Luid.LowPart;
56 PrivilegesToKeep[1] =
Privileges->Privileges[2].Luid.LowPart;
72 ok(0,
"Failed to retrieve token privileges (Status code %lx)!\n",
Status);
76 "Number of privileges after RtlRemovePrivileges is %lu, expected %u\n",
Privileges->PrivilegeCount,
78 ok(PrivilegesToKeep[0] + PrivilegesToKeep[1] ==
80 "Incorrect privileges kept by RtlRemovePrivileges: %lu and %lu, expected %lu and %lu",
81 Privileges->Privileges[0].Luid.LowPart,
Privileges->Privileges[1].Luid.LowPart, PrivilegesToKeep[0],
100 ok(0,
"Failed to retrieve token privileges (Status code %lx)!\n",
Status);
103 ok(
Privileges->PrivilegeCount == 0,
"There are %lu privileges still exist after RtlRemovePrivileges\n",
109 skip(
"RtlRemovePrivileges available on NT6.0+ (NTDDI_VERSION >= NTDDI_VISTA)");
#define ok_ntstatus(status, expected)
#define NT_SUCCESS(StatCode)
#define GetCurrentProcess()
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
#define SE_MIN_WELL_KNOWN_PRIVILEGE
#define SE_MAX_WELL_KNOWN_PRIVILEGE
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
NTSYSAPI NTSTATUS NTAPI RtlRemovePrivileges(_In_ HANDLE TokenHandle, _In_reads_opt_(PrivilegeCount) _When_(PrivilegeCount !=0, _Notnull_) PULONG PrivilegesToKeep, _In_ ULONG PrivilegeCount)
Removes all privileges in the specified access token.
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
NTSTATUS NTAPI NtOpenProcessToken(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
struct _TOKEN_PRIVILEGES TOKEN_PRIVILEGES
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES