22 skip(
"OpenProcessToken() has failed to get the process' token (error code: %lu)!\n",
GetLastError());
42 skip(
"LookupPrivilegeValueW() has failed to locate the privilege value (error code: %lu)!\n",
GetLastError());
58 skip(
"AdjustTokenPrivileges() has failed to adjust privileges of token (error code: %lu)!\n",
GetLastError());
70 HANDLE DuplicatedTokenHandle;
107 skip(
"Failed to query the total size for token statistics structure! (Status -> 0x%lx)\n",
Status);
113 if (TokenStats ==
NULL)
115 skip(
"Failed to allocate our token statistics buffer!\n");
123 skip(
"Failed to query the token statistics! (Status -> 0x%lx)\n",
Status);
128 trace(
"Number of groups of regular token -- %lu\n", TokenStats->
GroupCount);
136 &DuplicatedTokenHandle);
149 skip(
"Failed to query the token statistics! (Status -> 0x%lx)\n",
Status);
153 trace(
"Number of privileges of effective only token -- %lu\n", TokenStats->
PrivilegeCount);
154 trace(
"Number of groups of effective only token -- %lu\n", TokenStats->
GroupCount);
static VOID DisablePrivilege(_In_ HANDLE Token, _In_ LPCWSTR PrivilegeName)
static HANDLE OpenTokenFromProcess(VOID)
static VOID DuplicateTokenAsEffective(VOID)
#define ok_hex(expression, result)
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
#define NT_SUCCESS(StatCode)
BOOL WINAPI LookupPrivilegeValueW(LPCWSTR lpSystemName, LPCWSTR lpPrivilegeName, PLUID lpLuid)
BOOL WINAPI AdjustTokenPrivileges(HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength)
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
#define GetCurrentProcess()
#define InitializeObjectAttributes(p, n, a, r, s)
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
#define STATUS_ACCESS_VIOLATION
#define STATUS_BUFFER_TOO_SMALL
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
DWORD WINAPI GetLastError(void)
#define TOKEN_ADJUST_PRIVILEGES
#define TOKEN_ADJUST_GROUPS