📄 rk_security.h
字号:
TOKEN_ADJUST_PRIVILEGES |\
TOKEN_ADJUST_GROUPS |\
TOKEN_ADJUST_DEFAULT)
#define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
typedef enum _TOKEN_TYPE {
TokenPrimary = 1,
TokenImpersonation
} TOKEN_TYPE;
typedef TOKEN_TYPE *PTOKEN_TYPE;
NTSYSAPI
NTSTATUS
NTAPI
NtAdjustPrivilegesToken(
IN HANDLE hToken,
IN BOOLEAN DisableAllPrivileges,
IN PTOKEN_PRIVILEGES pNewPrivlegeSet,
IN ULONG PreviousPrivilegeSetBufferLength OPTIONAL,
PTOKEN_PRIVILEGES pPreviousPrivlegeSet OPTIONAL,
PULONG PreviousPrivlegeSetReturnLength OPTIONAL
);
NTSTATUS
NTAPI
ZwAdjustPrivilegesToken(
IN HANDLE hToken,
IN BOOLEAN DisableAllPrivileges,
IN PTOKEN_PRIVILEGES pNewPrivlegeSet,
IN ULONG PreviousPrivilegeSetBufferLength OPTIONAL,
PTOKEN_PRIVILEGES pPreviousPrivlegeSet OPTIONAL,
PULONG PreviousPrivlegeSetReturnLength OPTIONAL
);
NTSYSAPI
NTSTATUS
NTAPI
NtCloseObjectAuditAlarm(
IN PUNICODE_STRING SubSystemName,
IN PVOID HandleId,
IN BOOLEAN bGenerateOnClose
);
NTSYSAPI
NTSTATUS
NTAPI
ZwCloseObjectAuditAlarm(
IN PUNICODE_STRING SubSystemName,
IN PVOID HandleId,
IN BOOLEAN bGenerateOnClose
);
NTSYSAPI
NTSTATUS
NTAPI
NtDeleteObjectAuditAlarm(
IN PUNICODE_STRING SubSystemName,
IN PVOID HandleId,
IN BOOLEAN bGenerateOnClose
);
NTSYSAPI
NTSTATUS
NTAPI
ZwDeleteObjectAuditAlarm(
IN PUNICODE_STRING SubSystemName,
IN PVOID HandleId,
IN BOOLEAN bGenerateOnClose
);
NTSYSAPI
NTSTATUS
NTAPI
NtDuplicateToken(
IN HANDLE hToken,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes, //Describing quality of service structure and security descriptor and OBJ_INHERIT flag
IN BOOLEAN bMakeTokenEffectiveOnly,
IN TOKEN_TYPE TokenType,
OUT PHANDLE phNewToken
);
NTSYSAPI
NTSTATUS
NTAPI
ZwDuplicateToken(
IN HANDLE hToken,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes, //Describing quality of service structure and security descriptor and OBJ_INHERIT flag
IN BOOLEAN bMakeTokenEffectiveOnly,
IN TOKEN_TYPE TokenType,
OUT PHANDLE phNewToken
);
NTSYSAPI
NTSTATUS
NTAPI
NtImpersonateThread(
IN HANDLE hThread,
IN HANDLE hThreadToImpersonate,
IN PSECURITY_QUALITY_OF_SERVICE Qos
);
NTSYSAPI
NTSTATUS
NTAPI
ZwImpersonateThread(
IN HANDLE hThread,
IN HANDLE hThreadToImpersonate,
IN PSECURITY_QUALITY_OF_SERVICE Qos
);
NTSYSAPI
NTSTATUS
NTAPI
NtOpenObjectAuditAlarm(
IN PUNICODE_STRING SubsystemName,
IN PVOID HandleId,
IN PUNICODE_STRING ObjectTypeName,
IN PUNICODE_STRING ObjectName,
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
IN HANDLE hTokenClient,
IN ACCESS_MASK DesiredAccess,
IN ACCESS_MASK GrantedAccess,
IN PPRIVILEGE_SET pPrivilegeSet,
IN BOOLEAN bObjectCreation,
IN BOOLEAN bAccessGranted,
OUT PBOOLEAN bGenerateOnClose
);
NTSYSAPI
NTSTATUS
NTAPI
ZwOpenObjectAuditAlarm(
IN PUNICODE_STRING SubsystemName,
IN PVOID HandleId,
IN PUNICODE_STRING ObjectTypeName,
IN PUNICODE_STRING ObjectName,
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
IN HANDLE hTokenClient,
IN ACCESS_MASK DesiredAccess,
IN ACCESS_MASK GrantedAccess,
IN PPRIVILEGE_SET pPrivilegeSet,
IN BOOLEAN bObjectCreation,
IN BOOLEAN bAccessGranted,
OUT PBOOLEAN bGenerateOnClose
);
NTSYSAPI
NTSTATUS
NTAPI
NtOpenProcessToken(
IN HANDLE hProcess,
IN ACCESS_MASK DesiredAccess,
OUT PHANDLE phToken
);
NTSYSAPI
NTSTATUS
NTAPI
ZwOpenProcessToken(
IN HANDLE hProcess,
IN ACCESS_MASK DesiredAccess,
OUT PHANDLE phToken
);
NTSYSAPI
NTSTATUS
NTAPI
NtOpenThreadToken(
IN HANDLE hThread,
IN ACCESS_MASK DesiredAccess,
IN BOOLEAN bUseContextOfProcess,
OUT PHANDLE phToken
);
NTSYSAPI
NTSTATUS
NTAPI
ZwOpenThreadToken(
IN HANDLE hThread,
IN ACCESS_MASK DesiredAccess,
IN BOOLEAN bUseContextOfProcess,
OUT PHANDLE phToken
);
NTSYSAPI
NTSTATUS
NTAPI
NtPrivilegeCheck(
IN HANDLE hToken,
PPRIVILEGE_SET pPrivilegeSet,
PBOOLEAN pbHasPrivileges
);
NTSYSAPI
NTSTATUS
NTAPI
ZwPrivilegeCheck(
IN HANDLE hToken,
IN PPRIVILEGE_SET pPrivilegeSet,
OUT PBOOLEAN pbHasPrivileges
);
NTSYSAPI
NTSTATUS
NTAPI
NtPrivilegeObjectAuditAlarm(
IN PUNICODE_STRING SubsystemName,
IN PVOID HandleId,
IN HANDLE hToken,
IN ACCESS_MASK DesiredAccess,
IN PPRIVILEGE_SET pPrivilegeSet,
IN BOOLEAN AccessGranted
);
NTSYSAPI
NTSTATUS
NTAPI
ZwPrivilegeObjectAuditAlarm(
IN PUNICODE_STRING SubsystemName,
IN PVOID HandleId,
IN HANDLE hToken,
IN ACCESS_MASK DesiredAccess,
IN PPRIVILEGE_SET pPrivilegeSet,
IN BOOLEAN AccessGranted
);
NTSYSAPI
NTSTATUS
NTAPI
NtPrivilegedServiceAuditAlarm(
IN PUNICODE_STRING SubsystemName,
IN PUNICODE_STRING ServiceName,
IN HANDLE hToken,
IN PPRIVILEGE_SET pPrivilegeSet,
IN BOOLEAN AccessGranted
);
NTSYSAPI
NTSTATUS
NTAPI
ZwPrivilegedServiceAuditAlarm(
IN PUNICODE_STRING SubsystemName,
IN PUNICODE_STRING ServiceName,
IN HANDLE hToken,
IN PPRIVILEGE_SET pPrivilegeSet,
IN BOOLEAN AccessGranted
);
typedef enum _TOKEN_INFORMATION_CLASS {
TokenUser = 1,
TokenGroups,
TokenPrivileges,
TokenOwner,
TokenPrimaryGroup,
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics
} TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
NTSYSAPI
NTSTATUS
NTAPI
NtQueryInformationToken(
IN HANDLE hToken,
IN TOKEN_INFORMATION_CLASS TokenInfoClass,
OUT PVOID TokenInfoBuffer,
IN ULONG TokenInfoBufferLength,
OUT PULONG BytesReturned
);
NTSYSAPI
NTSTATUS
NTAPI
ZwQueryInformationToken(
IN HANDLE hToken,
IN TOKEN_INFORMATION_CLASS TokenInfoClass,
OUT PVOID TokenInfoBuffer,
IN ULONG TokenInfoBufferLength,
OUT PULONG BytesReturned
);
NTSYSAPI
NTSTATUS
NTAPI
NtSetInformationToken(
IN HANDLE hToken,
IN TOKEN_INFORMATION_CLASS TokenInfoClass,
IN PVOID TokenInfoBuffer,
IN ULONG TokenInfoBufferLength
);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetInformationToken(
IN HANDLE hToken,
IN TOKEN_INFORMATION_CLASS TokenInfoClass,
IN PVOID TokenInfoBuffer,
IN ULONG TokenInfoBufferLength
);
NTSYSAPI
NTSTATUS
NTAPI
NtQuerySecurityObject(
IN HANDLE hObject,
IN SECURITY_INFORMATION SecurityInfoRequested,
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
IN ULONG pSecurityDescriptorLength,
OUT PULONG BytesRequired
);
NTSYSAPI
NTSTATUS
NTAPI
ZwQuerySecurityObject(
IN HANDLE hObject,
IN SECURITY_INFORMATION SecurityInfoRequested,
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
IN ULONG pSecurityDescriptorLength,
OUT PULONG BytesRequired
);
NTSYSAPI
NTSTATUS
NTAPI
NtSetSecurityObject(
IN HANDLE hObject,
IN SECURITY_INFORMATION SecurityInfoRequested,
IN PSECURITY_DESCRIPTOR pSecurityDescriptor
);
NTSYSAPI
NTSTATUS
NTAPI
ZwSetSecurityObject(
IN HANDLE hObject,
IN SECURITY_INFORMATION SecurityInfoRequested,
IN PSECURITY_DESCRIPTOR pSecurityDescriptor
);
#endif⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -