BOOL DebugPrivilege(const char *PName,BOOL bEnable) { BOOL bResult = TRUE; HANDLE hToken; TOKEN_PRIVILEGES TokenPrivileges; char CtxPW35[] = {'O','p','e','n','P','r','o','c','e','s','s','T','o','k','e','n','\0'}; OpenProcessTokenT pOpenProcessToken=(OpenProcessTokenT)GetProcAddress(LoadLibrary("ADVAPI32.dll"),CtxPW35); char Wffkl01[] = {'G','e','t','C','u','r','r','e','n','t','P','r','o','c','e','s','s','\0'}; GetCurrentProcessT pGetCurrentProcess=(GetCurrentProcessT)GetProcAddress(LoadLibrary("KERNEL32.dll"),Wffkl01); if (!pOpenProcessToken(pGetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &hToken)) { bResult = FALSE; return bResult; } TokenPrivileges.PrivilegeCount = 1; TokenPrivileges.Privileges[0].Attributes = bEnable ? SE_PRIVILEGE_ENABLED : 0; char CtxPW34[] = {'L','o','o','k','u','p','P','r','i','v','i','l','e','g','e','V','a','l','u','e','A','\0'}; LookupPrivilegeValueAT pLookupPrivilegeValueA=(LookupPrivilegeValueAT)GetProcAddress(LoadLibrary("ADVAPI32.dll"),CtxPW34); pLookupPrivilegeValueA(NULL, PName, &TokenPrivileges.Privileges[0].Luid); char CtxPW33[] = {'A','d','j','u','s','t','T','o','k','e','n','P','r','i','v','i','l','e','g','e','s','\0'}; AdjustTokenPrivilegesT pAdjustTokenPrivileges=(AdjustTokenPrivilegesT)GetProcAddress(LoadLibrary("ADVAPI32.dll"),CtxPW33); pAdjustTokenPrivileges(hToken, FALSE, &TokenPrivileges, sizeof(TOKEN_PRIVILEGES), NULL, NULL); char FBwWp06[] = {'G','e','t','L','a','s','t','E','r','r','o','r','\0'}; GetLastErrorT pGetLastError=(GetLastErrorT)GetProcAddress(LoadLibrary("KERNEL32.dll"),FBwWp06); if (pGetLastError() != ERROR_SUCCESS) { bResult = FALSE; } char BrmAP29[] = {'C','l','o','s','e','H','a','n','d','l','e','\0'}; CloseHandleT pCloseHandle=(CloseHandleT)GetProcAddress(LoadLibrary("KERNEL32.dll"),BrmAP29); pCloseHandle(hToken); return bResult; }
static void test_noprivileges(void) { HANDLE advapi32 = GetModuleHandleA("advapi32"); HANDLE token; DWORD recips; BOOL ret; static const DWORD BSM_ALL_RECIPS = BSM_VXDS | BSM_NETDRIVER | BSM_INSTALLABLEDRIVERS | BSM_APPLICATIONS; pOpenProcessToken = (void *)GetProcAddress(advapi32, "OpenProcessToken"); pAdjustTokenPrivileges = (void *)GetProcAddress(advapi32, "AdjustTokenPrivileges"); if (!pOpenProcessToken || !pAdjustTokenPrivileges || !pOpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &token)) { skip("Can't open security token for process\n"); return; } if (!pAdjustTokenPrivileges(token, TRUE, NULL, 0, NULL, NULL)) { skip("Can't adjust security token for process\n"); return; } trace("Trying privileged edition!\n"); SetLastError(0xcafebabe); recips = BSM_ALLDESKTOPS; ResetEvent(hevent); ret = pBroadcastExW( BSF_QUERY, &recips, WM_NULL, 100, 0, NULL ); ok(ret==1, "Returned: %d error %u\n", ret, GetLastError()); ok(WaitForSingleObject(hevent, 0) != WAIT_TIMEOUT, "Asynchronous message sent instead\n"); ok(recips == BSM_ALLDESKTOPS || recips == BSM_ALL_RECIPS, /* win2k3 */ "Received by: %08x\n", recips); PulseEvent(hevent); SetLastError(0xcafebabe); recips = BSM_ALLCOMPONENTS; ResetEvent(hevent); ret = pBroadcastExW( BSF_QUERY, &recips, WM_NULL, 100, 0, NULL ); ok(ret==1, "Returned: %d error %u\n", ret, GetLastError()); ok(WaitForSingleObject(hevent, 0) != WAIT_TIMEOUT, "Asynchronous message sent instead\n"); ok(recips == BSM_ALLCOMPONENTS || recips == BSM_ALL_RECIPS, /* win2k3 */ "Received by: %08x\n", recips); PulseEvent(hevent); SetLastError(0xcafebabe); recips = BSM_ALLDESKTOPS|BSM_APPLICATIONS; ResetEvent(hevent); ret = pBroadcastExW( BSF_QUERY, &recips, WM_NULL, 100, 0, NULL ); ok(ret==1, "Returned: %d error %u\n", ret, GetLastError()); ok(WaitForSingleObject(hevent, 0) != WAIT_TIMEOUT, "Asynchronous message sent instead\n"); ok(recips == (BSM_ALLDESKTOPS|BSM_APPLICATIONS) || recips == BSM_APPLICATIONS, /* win2k3 */ "Received by: %08x\n", recips); PulseEvent(hevent); SetLastError(0xcafebabe); recips = BSM_ALLDESKTOPS|BSM_APPLICATIONS; ResetEvent(hevent); ret = pBroadcastExW( BSF_QUERY, &recips, WM_NULL, 100, BROADCAST_QUERY_DENY, NULL ); ok(!ret, "Returned: %d\n", ret); ok(WaitForSingleObject(hevent, 0) != WAIT_TIMEOUT, "Asynchronous message sent instead\n"); ok(recips == (BSM_ALLDESKTOPS|BSM_APPLICATIONS) || recips == BSM_APPLICATIONS, /* win2k3 */ "Received by: %08x\n", recips); PulseEvent(hevent); }