O
okardak onur
Guest
public class privilege
{
public privilege(string privilegeName) //"SeLoadDriverPrivilege"
{
IntPtr tokenHandle = IntPtr.Zero;
try
{
if (!OpenProcessToken(Process.GetCurrentProcess().Handle,TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES,out tokenHandle))throw new Win32Exception(Marshal.GetLastWin32Error(),"Failed to open process token handle");
TOKEN_PRIVILEGES tokenPrivs = new TOKEN_PRIVILEGES();
tokenPrivs.PrivilegeCount = 1;
tokenPrivs.Privileges = new LUID_AND_ATTRIBUTES[1];
tokenPrivs.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if (!LookupPrivilegeValue(null,privilegeName,out tokenPrivs.Privileges[0].Luid))throw new Win32Exception(Marshal.GetLastWin32Error(),"Failed to open lookup shutdown privilege");
if (!AdjustTokenPrivileges(tokenHandle,false,ref tokenPrivs,0,IntPtr.Zero,IntPtr.Zero))throw new Win32Exception(Marshal.GetLastWin32Error(),"Failed to adjust process token privileges");
}
finally
{
if (tokenHandle != IntPtr.Zero)CloseHandle(tokenHandle);
}
}
[StructLayout(LayoutKind.Sequential)]
private struct LUID
{
public uint LowPart;
public int HighPart;
}
[StructLayout(LayoutKind.Sequential)]
private struct LUID_AND_ATTRIBUTES
{
public LUID Luid;
public UInt32 Attributes;
}
private struct TOKEN_PRIVILEGES
{
public UInt32 PrivilegeCount;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 1)]
public LUID_AND_ATTRIBUTES[] Privileges;
}
private const UInt32 TOKEN_QUERY = 0x0008;
private const UInt32 TOKEN_ADJUST_PRIVILEGES = 0x0020;
private const UInt32 SE_PRIVILEGE_ENABLED = 0x00000002;
[DllImport("advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool OpenProcessToken(IntPtr ProcessHandle,UInt32 DesiredAccess,out IntPtr TokenHandle);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool LookupPrivilegeValue(string lpSystemName,string lpName,out LUID lpLuid);
[DllImport("kernel32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool CloseHandle(IntPtr hObject);
[DllImport("advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool AdjustTokenPrivileges(IntPtr TokenHandle,[MarshalAs(UnmanagedType.Bool)]bool DisableAllPrivileges,ref TOKEN_PRIVILEGES NewState,UInt32 Zero,IntPtr Null1,IntPtr Null2);
}
above code sets me SeLoadDriverPrivilege but below code says that i still do not have one
[StructLayout(LayoutKind.Sequential, Pack = 0)]
public struct UNICODE_STRING
{
public ushort Length;
public ushort MaximumLength;
public IntPtr Buffer;
}
[DllImport("ntdll.dll")]
public static extern void RtlInitUnicodeString(out UNICODE_STRING DestinationString,[MarshalAs(UnmanagedType.LPWStr)] string SourceString);
[DllImport("ntdll.dll")]
//public static extern int ZwLoadDriver(UNICODE_STRING DestinationString);
public static extern int ZwLoadDriver(IntPtr ff);
private void dataGridView2_DoubleClick(object sender, EventArgs e)
{
UNICODE_STRING unicodeString;
RtlInitUnicodeString(out unicodeString, "Registry\\Machine\\System\\CurrentControlSet\\Services\\" + (string)dataGridView2.SelectedRows[0].Cells["BaseName"].Value);
byte[] bytes = new byte[unicodeString.Length];
Marshal.Copy(unicodeString.Buffer,bytes, 0, bytes.Length);
textBox1.Text = "";
foreach (byte bt in bytes)
{
textBox1.Text += bt.ToString("X2");
}
privilege driverPrivilege = new privilege("SeLoadDriverPrivilege");
//int wynik = ZwLoadDriver(0);
int wynik=ZwLoadDriver(unicodeString);
textBox2.Text = wynik.ToString("X8");
}
how to make [DllImport("ntdll.dll")]ZwLoadDriver import and what parameters give to function call??
Continue reading...
{
public privilege(string privilegeName) //"SeLoadDriverPrivilege"
{
IntPtr tokenHandle = IntPtr.Zero;
try
{
if (!OpenProcessToken(Process.GetCurrentProcess().Handle,TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES,out tokenHandle))throw new Win32Exception(Marshal.GetLastWin32Error(),"Failed to open process token handle");
TOKEN_PRIVILEGES tokenPrivs = new TOKEN_PRIVILEGES();
tokenPrivs.PrivilegeCount = 1;
tokenPrivs.Privileges = new LUID_AND_ATTRIBUTES[1];
tokenPrivs.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if (!LookupPrivilegeValue(null,privilegeName,out tokenPrivs.Privileges[0].Luid))throw new Win32Exception(Marshal.GetLastWin32Error(),"Failed to open lookup shutdown privilege");
if (!AdjustTokenPrivileges(tokenHandle,false,ref tokenPrivs,0,IntPtr.Zero,IntPtr.Zero))throw new Win32Exception(Marshal.GetLastWin32Error(),"Failed to adjust process token privileges");
}
finally
{
if (tokenHandle != IntPtr.Zero)CloseHandle(tokenHandle);
}
}
[StructLayout(LayoutKind.Sequential)]
private struct LUID
{
public uint LowPart;
public int HighPart;
}
[StructLayout(LayoutKind.Sequential)]
private struct LUID_AND_ATTRIBUTES
{
public LUID Luid;
public UInt32 Attributes;
}
private struct TOKEN_PRIVILEGES
{
public UInt32 PrivilegeCount;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 1)]
public LUID_AND_ATTRIBUTES[] Privileges;
}
private const UInt32 TOKEN_QUERY = 0x0008;
private const UInt32 TOKEN_ADJUST_PRIVILEGES = 0x0020;
private const UInt32 SE_PRIVILEGE_ENABLED = 0x00000002;
[DllImport("advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool OpenProcessToken(IntPtr ProcessHandle,UInt32 DesiredAccess,out IntPtr TokenHandle);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool LookupPrivilegeValue(string lpSystemName,string lpName,out LUID lpLuid);
[DllImport("kernel32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool CloseHandle(IntPtr hObject);
[DllImport("advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool AdjustTokenPrivileges(IntPtr TokenHandle,[MarshalAs(UnmanagedType.Bool)]bool DisableAllPrivileges,ref TOKEN_PRIVILEGES NewState,UInt32 Zero,IntPtr Null1,IntPtr Null2);
}
above code sets me SeLoadDriverPrivilege but below code says that i still do not have one
[StructLayout(LayoutKind.Sequential, Pack = 0)]
public struct UNICODE_STRING
{
public ushort Length;
public ushort MaximumLength;
public IntPtr Buffer;
}
[DllImport("ntdll.dll")]
public static extern void RtlInitUnicodeString(out UNICODE_STRING DestinationString,[MarshalAs(UnmanagedType.LPWStr)] string SourceString);
[DllImport("ntdll.dll")]
//public static extern int ZwLoadDriver(UNICODE_STRING DestinationString);
public static extern int ZwLoadDriver(IntPtr ff);
private void dataGridView2_DoubleClick(object sender, EventArgs e)
{
UNICODE_STRING unicodeString;
RtlInitUnicodeString(out unicodeString, "Registry\\Machine\\System\\CurrentControlSet\\Services\\" + (string)dataGridView2.SelectedRows[0].Cells["BaseName"].Value);
byte[] bytes = new byte[unicodeString.Length];
Marshal.Copy(unicodeString.Buffer,bytes, 0, bytes.Length);
textBox1.Text = "";
foreach (byte bt in bytes)
{
textBox1.Text += bt.ToString("X2");
}
privilege driverPrivilege = new privilege("SeLoadDriverPrivilege");
//int wynik = ZwLoadDriver(0);
int wynik=ZwLoadDriver(unicodeString);
textBox2.Text = wynik.ToString("X8");
}
how to make [DllImport("ntdll.dll")]ZwLoadDriver import and what parameters give to function call??
Continue reading...