Good afternoon, someone knows some solution to elevate privileges (SeDebugPrivilege) of a User level Software, using a system level software in the windows 7 and compiled with delphi 7.
Regards
Francisco Cavalcante
Elevate Privilege (SeDebugPrivilege) in the Windows 7
Re: Elevate Privilege (SeDebugPrivilege) in the Windows 7
Maybe it is possible, but I don't know how.
Re: Elevate Privilege (SeDebugPrivilege) in the Windows 7
I think they are asking for something like this...
Example
--Iconic
Code: Select all
function GetDebugPrivilege: BOOL;
var
bEnabled: BOOL;
ntdll: Array [0..MAX_PATH] of WCHAR;
RtlAdjustPrivilege: function(Privilege: DWORD;
Enable: BOOL;
CurrentThread: BOOL;
Enabled: PBOOL): Integer; stdcall;
const SE_DEBUG_PRIVILEGE = $14;
begin
ZeroMemory(@ntdll, sizeof(ntdll));
GetSystemDirectoryW(@ntdll, sizeof(ntdll));
lstrcatW(@ntdll, '\ntdll.dll');
@RtlAdjustPrivilege := GetProcAddress(GetModuleHandleW(ntdll), 'RtlAdjustPrivilege');
result := (@RtlAdjustPrivilege <> nil) and
(RtlAdjustPrivilege(SE_DEBUG_PRIVILEGE, True, False, @bEnabled) = 0);
end;
function AdjustProcessPrivilege(const dwProcessId: DWORD; lpwcPrivilege: PWChar; bEnable: BOOL): BOOL;
var
hProcess: THandle;
hToken: THandle;
TokenPriv: TOKEN_PRIVILEGES;
PrevTokenPriv: TOKEN_PRIVILEGES;
ReturnLength: DWORD;
begin
result := False;
{We ask for DebugPrivilege ourself as it betters the chances of OpenProcess succeeding}
GetDebugPrivilege;
hProcess := OpenProcess(PROCESS_QUERY_INFORMATION, False, dwProcessId);
if (hProcess <> 0) then
begin
if OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, hToken) then
begin
if LookupPrivilegeValueW(nil, lpwcPrivilege, TokenPriv.Privileges[0].Luid) then
begin
TokenPriv.PrivilegeCount := 1;
case (bEnable) of
True: TokenPriv.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
False: TokenPriv.Privileges[0].Attributes := 0;
end;
ReturnLength := 0;
PrevTokenPriv := TokenPriv;
AdjustTokenPrivileges(hToken, False, TokenPriv,
sizeof(PrevTokenPriv), PrevTokenPriv, ReturnLength);
end;
CloseHandle(hToken);
end;
CloseHandle(hProcess);
result := GetLastError() = ERROR_SUCCESS;
end;
end;
Code: Select all
AdjustProcessPrivilege(ProcessID, 'SeDebugPrivilege', True); // Enable
AdjustProcessPrivilege(ProcessID, 'SeDebugPrivilege', False); // Disable
Re: Elevate Privilege (SeDebugPrivilege) in the Windows 7
That code will just enable/disable the privilege if it's already there. I think the OP's question is how to add the debug privilege to process which doesn't have it at all (e.g. non-admin account).