using System; using System.ComponentModel; using System.Runtime.InteropServices; namespace UncRock { public static class Permissions { [DllImport("advapi32.dll", CharSet = CharSet.Unicode, SetLastError = true)] [return: MarshalAs(UnmanagedType.Bool)] internal static extern bool LookupPrivilegeValue(string lpsystemname, string lpname, [MarshalAs(UnmanagedType.Struct)] ref Luid lpLuid); [DllImport("advapi32.dll", CharSet = CharSet.Unicode, SetLastError = true)] [return: MarshalAs(UnmanagedType.Bool)] internal static extern bool AdjustTokenPrivileges(IntPtr tokenhandle, [MarshalAs(UnmanagedType.Bool)] bool disableAllPrivileges, [MarshalAs(UnmanagedType.Struct)] ref TokenPrivledges newstate, uint bufferlength, IntPtr previousState, IntPtr returnlength); internal const int SePrivledgeEnabled = 0x00000002; internal const int ErrorNotAllAssigned = 1300; internal const UInt32 TokenQuery = 0x0008; internal const UInt32 TokenAdjustPrivledges = 0x0020; [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)] internal static extern IntPtr GetCurrentProcess(); [DllImport("Advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)] [return: MarshalAs(UnmanagedType.Bool)] internal static extern bool OpenProcessToken(IntPtr processHandle, uint desiredAccesss, out IntPtr tokenHandle); [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)] [return: MarshalAs(UnmanagedType.Bool)] internal static extern Boolean CloseHandle(IntPtr hObject); [StructLayout(LayoutKind.Sequential)] internal struct Luid { internal Int32 LowPart; internal UInt32 HighPart; } [StructLayout(LayoutKind.Sequential)] internal struct TokenPrivledges { internal Int32 PrivilegeCount; internal Luid Luid; internal Int32 Attributes; } public static void EnablePrivilege(string securityEntity) { string securityEntityValue = securityEntity; try { Luid locallyUniqueIdentifier = new Luid(); if (LookupPrivilegeValue(null, securityEntityValue, ref locallyUniqueIdentifier)) { TokenPrivledges tokenPrivledges = new TokenPrivledges(); tokenPrivledges.PrivilegeCount = 1; tokenPrivledges.Attributes = SePrivledgeEnabled; tokenPrivledges.Luid = locallyUniqueIdentifier; IntPtr tokenHandle = IntPtr.Zero; try { IntPtr currentProcess = GetCurrentProcess(); if (OpenProcessToken(currentProcess, TokenAdjustPrivledges | TokenQuery, out tokenHandle)) { if (AdjustTokenPrivileges(tokenHandle, false, ref tokenPrivledges, 1024, IntPtr.Zero, IntPtr.Zero)) { Int32 lastError = Marshal.GetLastWin32Error(); if (lastError == ErrorNotAllAssigned) { Win32Exception win32Exception = new Win32Exception(); throw new InvalidOperationException("AdjustTokenPrivileges fail.", win32Exception); } } else { Win32Exception win32Exception = new Win32Exception(); throw new InvalidOperationException("AdjustTokenPrivileges fail.", win32Exception); } } else { Win32Exception win32Exception = new Win32Exception(); string exceptionMessage = "OpenProcessToken fail. Process: " + currentProcess.ToInt32().ToString(); throw new InvalidOperationException(exceptionMessage, win32Exception); } } finally { if (tokenHandle != IntPtr.Zero) CloseHandle(tokenHandle); } } else { Win32Exception win32Exception = new Win32Exception(); string exceptionMessage = "LookupPrivilegeValue failed. SecurityEntityValue: " + securityEntityValue.ToString(); throw new InvalidOperationException(exceptionMessage, win32Exception); } } catch (Exception e) { string exceptionMessage = "GrandPrivilege failed. SecurityEntity: " + securityEntityValue.ToString(); throw new InvalidOperationException(exceptionMessage, e); } } } }