 |
 |
|
|||||||
 |
 |
| Reverse Engineering Game hacking discussion and open source development. |
 |
|
|
LinkBack | Thread Tools |
|
|
08-07-2008, 09:10 AM
|
#1 (permalink) |
|
=)
Senior Member
Retired Staff Member     Messiah 
Join Date: Oct 2004
Location: Okinawa
Posts: 9,347
   |
Giving my process the SeDebugPrivilege
.data?
Code:
ThisProcessToken dd ?
ThisProcessTokPriv TOKEN_PRIVILEGES <>
Code:
invoke GetCurrentProcess
invoke OpenProcessToken,eax,TOKEN_ALL_ACCESS,addr ThisProcessToken
.if eax==0
invoke MessageBox,0,CTXT("Could not retrieve process token."),CTXT("Error"),MB_ICONERROR
invoke SendMessage,hWin,WM_CLOSE,0,0
.endif
invoke LookupPrivilegeValue,0,CTXT("SeDebugPrivilege"),addr ThisProcessTokPriv.Privileges.Luid
.if eax==0
invoke MessageBox,0,CTXT("Could not get local debug value."),CTXT("Error"),MB_ICONERROR
invoke SendMessage,hWin,WM_CLOSE,0,0
.endif
mov ThisProcessTokPriv.PrivilegeCount, 1
mov ThisProcessTokPriv.Privileges.Attributes, SE_PRIVILEGE_ENABLED
invoke AdjustTokenPrivileges, ThisProcessToken,0, ADDR ThisProcessTokPriv, NULL, NULL, NULL
.if eax!=0
invoke MessageBox,0,CTXT("Could not adjust token privileges."),CTXT("Error"),MB_ICONERROR
invoke SendMessage,hWin,WM_CLOSE,0,0
.endif
__________________
|
|
|
|
|
|
Advertisement
|
Sponsored links
|
|
|
|
08-07-2008, 09:16 AM
|
#2 (permalink) | |
|
inactive
Gold Member
    Disciple 
Join Date: Sep 2005
Location: South Africa
Posts: 510
 |
here's my code (worked last time I used it):
Code:
.const szDebugName db 'SeDebugPrivilege',0 .data? stTkp TOKEN_PRIVILEGES <> hToken dd ? and my function: Code:
GetDebugPriv proc invoke GetCurrentProcess invoke OpenProcessToken,eax,TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY,addr hToken invoke LookupPrivilegeValue,NULL,offset szDebugName,addr stTkp.Privileges[0].Luid mov stTkp.PrivilegeCount,1 mov stTkp.Privileges[0].Attributes,SE_PRIVILEGE_ENABLED invoke AdjustTokenPrivileges,hToken,FALSE,addr stTkp,NULL,NULL,NULL invoke CloseHandle,hToken ret GetDebugPriv endp Quote:
__________________
http://www.hypn.za.net |
|
|
|
|
|
|
|
|
|
08-07-2008, 09:26 AM
|
#4 (permalink) |
|
=)
Senior Member
Retired Staff Member Messiah
Join Date: Oct 2004
Location: Okinawa
Posts: 9,347
|
Well, I made those changes and I still get that error. Damn.
EDIT: Well I feel rather silly, I went back and looked at the docs for AdjustTokenPrivileges, and it seems that if the return value is 0 then it failed, not non zero >_>; Problem solved, thanks for your help hypn.
__________________
|
|
|
|
|
|
|
|
|
08-07-2008, 10:09 PM
|
#5 (permalink) | |
|
Deviant Join Date: Jun 2007
Posts: 151
|
lol those pesky 0's and non 0's ;/
__________________
Quote:
|
|
|
|
|
|
|
|
|
|
08-08-2008, 09:08 AM
|
#6 (permalink) |
|
inactive
Gold Member
Disciple
Join Date: Sep 2005
Location: South Africa
Posts: 510
|
hahah, cool - glad you got it sorted
__________________
http://www.hypn.za.net |
|
|
|
|
|
|
|
|
09-26-2008, 05:59 AM
|
#7 (permalink) | |
    Enlightened 
Join Date: Jun 2005
Location: Jacksonville, FL, USA
Posts: 2,586
  |
Don't mean to necro-post, but I was cleaning out my documents folders and found something relevant to this thread, and I wanted to add a thread pointer to the guide's index for this topic.
Code:
bool SetDebugPrivileges() {
LUID Luid;
TOKEN_PRIVILEGES tpToken;
HANDLE hToken;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &hToken)) {
return false;
}
if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &Luid)) {
CloseHandle (hToken);
return false;
}
tpToken.PrivilegeCount = 1;
tpToken.Privileges[0].Luid = Luid;
tpToken.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if (!AdjustTokenPrivileges(hToken, false, &tpToken, NULL, NULL, NULL)) {
CloseHandle(hToken);
return false;
}
CloseHandle(hToken);
return true;
}
__________________
Ultimate Guide/Resource/Tutorial/Book Thread
Technobabble! - My Blog About All Things Technological Quote:
Last edited by Dyndrilliac : 09-28-2008 at 12:00 AM. |
|
|
|
|
|
|
|
|
|
09-27-2008, 02:49 PM
|
#8 (permalink) | ||
|
Senior Member
Gold Member Moderator Deviant 
Join Date: Sep 2005
Location: 0xC0DEDBAD
Posts: 145
 |
Dyndrilliac you have to close hToken even if return value is 'true' since the handle was opened inside that function.
Not being snide ;p My code shared same issue. Code:
BOOL EnableDebugPrivledges( void )
{
HANDLE hToken;
LUID Luid;
TOKEN_PRIVILEGES tpToken;
BOOL bRet = FALSE;
// enable the SeDebugPrivilege
if( 0 != OpenProcessToken( GetCurrentProcess( ) ,TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ) &&
0 != LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &Luid ) )
{
tpToken.PrivilegeCount = 1;
tpToken.Privileges[ 0 ].Luid = Luid;
tpToken.Privileges[ 0 ].Attributes = SE_PRIVILEGE_ENABLED;
bRet = 0 != AdjustTokenPrivileges( hToken, FALSE, &tpToken, NULL, NULL, NULL );
CloseHandle( hToken );
}
return bRet;
}
__________________
Quote:
Quote:
|
||
|
|
|
|
|
|
|
|
09-28-2008, 12:02 AM
|
#9 (permalink) | |
|
Enlightened
Join Date: Jun 2005
Location: Jacksonville, FL, USA
Posts: 2,586
|
Fixed
Thanks for pointing that out, it was incredibly old code and I didn't look it over thoroughly before posting it.
__________________
Ultimate Guide/Resource/Tutorial/Book Thread
Technobabble! - My Blog About All Things Technological Quote:
|
|
|
|
|
|
|
| Sponsored links | |
|
Advertisement
|
|
|
«
Previous Thread
|
Next Thread
»
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Process Explorer: GTFO Task Manager | gamepin126 | System & Utilities | 9 | 09-13-2008 06:07 AM |
| SeDebugPrivilege in VB6 | ATH500 | Starcraft Hacking Related | 2 | 09-04-2007 04:39 PM |
| Mirosoft C# | ProMasser | Programming | 3 | 08-01-2007 03:09 PM |
| Whats the easiest way to determine which process you are in? | Dyndrilliac | Programming | 10 | 08-06-2006 02:07 AM |
| SC Process Handle | llafnwod | Starcraft Hacking Related | 10 | 10-19-2004 05:57 AM |
| All times are GMT. The time now is 02:11 AM. |
