Sign in to follow this  
Followers 0
Valik

Display privileges.

4 posts in this topic

I wrote this function once a long time ago but deleted it, apparently. I needed it again and this time I'm going to document it somewhere. Here's a simple function that lists the privileges of the process that calls it.

bool ShowPrivileges()
{
    // Get a token handle.
    HANDLE hToken;
    if (!OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, FALSE, &hToken))
    {
        if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
            return false;
    }

    // Get the token privilege information.
    DWORD dwNeeded = 0;
    GetTokenInformation(hToken, TokenPrivileges, NULL, 0, &dwNeeded);
    LPBYTE pBuffer = new BYTE[dwNeeded + 1];
    GetTokenInformation(hToken, TokenPrivileges, pBuffer, dwNeeded, &dwNeeded);

    // Cast to the proper type.
    PTOKEN_PRIVILEGES pTokenPrivileges = reinterpret_cast<PTOKEN_PRIVILEGES>(pBuffer);

    // Iterate the privileges.
    for (DWORD i = 0; i < pTokenPrivileges->PrivilegeCount; ++i)
    {
        // Get and display the privilege name.
        DWORD dwSize = 0;
        LookupPrivilegeName(NULL, &pTokenPrivileges->Privileges[i].Luid, NULL, &dwSize);
        LPSTR szName = new CHAR[dwSize + 1];
        LookupPrivilegeName(NULL, &pTokenPrivileges->Privileges[i].Luid, szName, &dwSize);
        std::cout<<szName<<" (";
        delete[] szName;

        // Display the privilege state.
        switch(pTokenPrivileges->Privileges[i].Attributes)
        {
        case SE_PRIVILEGE_ENABLED:
            std::cout<<"Enabled";
            break;

        case SE_PRIVILEGE_ENABLED_BY_DEFAULT:
            std::cout<<"Enabled by default";
            break;

        case SE_PRIVILEGE_REMOVED:
            std::cout<<"Removed.";
            break;

        case SE_PRIVILEGE_USED_FOR_ACCESS:
            std::cout<<"Used for access";
            break;

        default:
            std::cout<<"Disabled";
            break;
        }

        // Finish the output for the line.
        std::cout<<")"<<std::endl;
    }

    delete[] pBuffer;

    CloseHandle(hToken);
    return true;
}

I needed it to see what disabled privileges an admin account had when not in admin mode on Windows 7. Specifically I was looking and hoping SeCreateSymbolicLinkPrivilege would be available but disabled. Alas, it's not, it truly requires admin rights to access (without modifying group privileges, obviously). Anyway, the code might be useful to some of you who may want a peek into what privileges various accounts have and whether or not the privilege is enabled.

Share this post


Link to post
Share on other sites



That's a pretty neat resource. I've always wondered if programs could figure out where they might need more access.

Share this post


Link to post
Share on other sites

That's a pretty neat resource. I've always wondered if programs could figure out where they might need more access.

.NET has a lot of this stuff wrapped in System.Security allowing the same things as the example above. I know you're a C# guy so I thought I'd tell you.

Share this post


Link to post
Share on other sites

.NET has a lot of this stuff wrapped in System.Security allowing the same things as the example above. I know you're a C# guy so I thought I'd tell you.

I didn't know if those were wrappers or .Net tokens in the first place. I could see managed resources having a managed security system.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0