E1M1 Posted August 28, 2012 Posted August 28, 2012 (edited) Hello. I am tying to AdjustTokenPrivileges() but i get error saying: "Not all privileges or groups referenced are assigned to the caller." Does anyone know I could fix this error? Or what I need to do inorder to get rid of it. Even running it under SYSTEM didn't help.#include <winapi.au3> #include <array.au3> #include <security.au3> $NULL = 0 $PROCESS_ALL_ACCESS = 0x001F0FFF ;$TOKEN_ALL_ACCESS = 0xf01ff ;$ERROR_SUCCESS = 0 SetTBCPrivileges() Func SetTBCPrivileges() $dwPID = @AutoItPID $hToken = 0 $hProcess = 0 $tpDebug = DllStructCreate($tagTOKEN_PRIVILEGES) $hProcess = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS,False,$dwPID) If not $hProcess Then return False If not _WinAPI_OpenProcessToken($hProcess,$TOKEN_ALL_ACCESS,$hToken) Then return False $LUID = _Security__LookupPrivilegeValue("", $SE_DEBUG_NAME) if $LUID == 0 Then Return False DllStructSetData($tpDebug,"Count",1) DllStructSetData($tpDebug,"LUID",$LUID,1) DllStructSetData($tpDebug,"Attributes",$SE_PRIVILEGE_ENABLED,1) if _Security__AdjustTokenPrivileges($hToken,False,DllStructGetPtr($tpDebug),DllStructGetSize($tpDebug),$NULL,$NULL) = False Then Return false ;~ if _WinAPI_GetLastError() <> $ERROR_SUCCESS Then Return False MsgBox(0,0, _WinAPI_GetLastErrorMessage()) EndFunc Func _WinAPI_OpenProcessToken($pHandle, $iAccess, byref $hToken) Local $aResult = DllCall("advapi32.dll", "int", "OpenProcessToken", "hwnd", $pHandle, "int", $iAccess, "int*", 0) If @error Or $aResult[0] = 0 Then Return SetError(1, 0, 0) $hToken = $aResult[3] Return $aResult[0] EndFuncOriginal code is here:BOOL SetTBCPrivileges(VOID) { DWORD dwPID; HANDLE hProcess; HANDLE hToken; LUID Luid; TOKEN_PRIVILEGES tpDebug; dwPID = GetCurrentProcessId(); if ((hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPID)) == NULL) return FALSE; if (OpenProcessToken(hProcess, TOKEN_ALL_ACCESS, &hToken) == 0) return FALSE; if ((LookupPrivilegeValue(NULL, SE_TCB_NAME, &Luid)) == 0) return FALSE; tpDebug.PrivilegeCount = 1; tpDebug.Privileges[0].Luid = Luid; tpDebug.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; if ((AdjustTokenPrivileges(hToken, FALSE, &tpDebug, sizeof(tpDebug), NULL, NULL)) == 0) return FALSE; if (GetLastError() != ERROR_SUCCESS) return FALSE; CloseHandle(hToken); CloseHandle(hProcess); return TRUE; } Edited August 28, 2012 by E1M1 edited
trancexx Posted August 28, 2012 Posted August 28, 2012 (edited) You need #RequireAdmin whether you like it or not. Edited August 28, 2012 by trancexx ♡♡♡ . eMyvnE
E1M1 Posted August 28, 2012 Author Posted August 28, 2012 (edited) Dont you already have admin rights when you run it as system service (it runs under SYSTEM user)? Just in case I added it to test and it didn't solve the issue. I also figured that issue is not in code. I guess I need to do something else before calling that function. Edit: I had to run it a service directly. Before I was using launcher app and required permissions went lost that way. Edit2: had to update autoit on virtual machine to get it work there too Edited August 28, 2012 by E1M1 edited
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now