GetCurrentProcessToken() is Win8+, so open our own token
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
parent
0e5c1a7a94
commit
bc22e2dd25
@ -35,7 +35,7 @@ ConsoleLogger(_In_ LOGGER_LEVEL Level, _In_ const TCHAR *LogLine)
|
|||||||
|
|
||||||
static BOOL ElevateToSystem(VOID)
|
static BOOL ElevateToSystem(VOID)
|
||||||
{
|
{
|
||||||
HANDLE ThreadToken, ProcessSnapshot, WinlogonProcess, WinlogonToken, DuplicatedToken;
|
HANDLE CurrentProcessToken, ThreadToken, ProcessSnapshot, WinlogonProcess, WinlogonToken, DuplicatedToken;
|
||||||
PROCESSENTRY32 ProcessEntry = { .dwSize = sizeof(PROCESSENTRY32) };
|
PROCESSENTRY32 ProcessEntry = { .dwSize = sizeof(PROCESSENTRY32) };
|
||||||
BOOL Ret;
|
BOOL Ret;
|
||||||
DWORD LastError = ERROR_SUCCESS;
|
DWORD LastError = ERROR_SUCCESS;
|
||||||
@ -50,8 +50,13 @@ static BOOL ElevateToSystem(VOID)
|
|||||||
TOKEN_USER MaybeLocalSystem;
|
TOKEN_USER MaybeLocalSystem;
|
||||||
CHAR LargeEnoughForLocalSystem[0x400];
|
CHAR LargeEnoughForLocalSystem[0x400];
|
||||||
} TokenUserBuffer;
|
} TokenUserBuffer;
|
||||||
if (!GetTokenInformation(
|
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &CurrentProcessToken))
|
||||||
GetCurrentProcessToken(), TokenUser, &TokenUserBuffer, sizeof(TokenUserBuffer), &RequiredBytes))
|
goto cleanup;
|
||||||
|
Ret =
|
||||||
|
GetTokenInformation(CurrentProcessToken, TokenUser, &TokenUserBuffer, sizeof(TokenUserBuffer), &RequiredBytes);
|
||||||
|
LastError = GetLastError();
|
||||||
|
CloseHandle(CurrentProcessToken);
|
||||||
|
if (!Ret)
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
if (EqualSid(TokenUserBuffer.MaybeLocalSystem.User.Sid, LocalSystemSid))
|
if (EqualSid(TokenUserBuffer.MaybeLocalSystem.User.Sid, LocalSystemSid))
|
||||||
return TRUE;
|
return TRUE;
|
||||||
@ -116,7 +121,12 @@ RunAsAdministrator(HWND hwnd, TCHAR *Verb, int nCmdShow)
|
|||||||
{
|
{
|
||||||
TOKEN_ELEVATION Elevation;
|
TOKEN_ELEVATION Elevation;
|
||||||
DWORD Required;
|
DWORD Required;
|
||||||
if (!GetTokenInformation(GetCurrentProcessToken(), TokenElevation, &Elevation, sizeof(Elevation), &Required))
|
HANDLE CurrentProcessToken;
|
||||||
|
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &CurrentProcessToken))
|
||||||
|
return;
|
||||||
|
BOOL Ret = GetTokenInformation(CurrentProcessToken, TokenElevation, &Elevation, sizeof(Elevation), &Required);
|
||||||
|
CloseHandle(CurrentProcessToken);
|
||||||
|
if (!Ret)
|
||||||
return;
|
return;
|
||||||
if (Elevation.TokenIsElevated)
|
if (Elevation.TokenIsElevated)
|
||||||
return;
|
return;
|
||||||
|
Loading…
Reference in New Issue
Block a user