NTSTATUS PhRunAsServiceStart(
_In_ PPH_STRING ServiceName
)
{
HANDLE tokenHandle;
SERVICE_TABLE_ENTRY entry;
// Enable some required privileges.
if (NT_SUCCESS(NtOpenProcessToken(
NtCurrentProcess(),
TOKEN_ADJUST_PRIVILEGES,
&tokenHandle
)))
{
PhSetTokenPrivilege(tokenHandle, L"SeAssignPrimaryTokenPrivilege", NULL, SE_PRIVILEGE_ENABLED);
PhSetTokenPrivilege(tokenHandle, L"SeBackupPrivilege", NULL, SE_PRIVILEGE_ENABLED);
PhSetTokenPrivilege(tokenHandle, L"SeImpersonatePrivilege", NULL, SE_PRIVILEGE_ENABLED);
PhSetTokenPrivilege(tokenHandle, L"SeIncreaseQuotaPrivilege", NULL, SE_PRIVILEGE_ENABLED);
PhSetTokenPrivilege(tokenHandle, L"SeRestorePrivilege", NULL, SE_PRIVILEGE_ENABLED);
NtClose(tokenHandle);
}
RunAsServiceName = ServiceName;
entry.lpServiceName = ServiceName->Buffer;
entry.lpServiceProc = RunAsServiceMain;
StartServiceCtrlDispatcher(&entry);
return STATUS_SUCCESS;
}
VOID NTAPI LoadCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
HANDLE tokenHandle;
if (NT_SUCCESS(NtOpenProcessToken(NtCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &tokenHandle)))
{
PhSetTokenPrivilege(tokenHandle, SE_SYSTEM_ENVIRONMENT_NAME, NULL, SE_PRIVILEGE_ENABLED);
NtClose(tokenHandle);
}
}
