AdjustTokenPrivileges(进程权限修改)

The AdjustTokenPrivileges function is used to adjust the privileges of a specified access token. It enables or disables privileges in the token, or changes the attributes of privileges.

Here is the syntax of the AdjustTokenPrivileges function in C++:

BOOL AdjustTokenPrivileges(
HANDLE            TokenHandle,
BOOL              DisableAllPrivileges,
PTOKEN_PRIVILEGES NewState,
DWORD             BufferLength,
PTOKEN_PRIVILEGES PreviousState,
PDWORD            ReturnLength
);

Parameters:

• TokenHandle: A handle to the access token that contains the privileges to be modified.

• DisableAllPrivileges: Specifies whether all privileges should be disabled. Set this parameter to TRUE to disable all privileges, or FALSE to enable or disable specific privileges.

• NewState: A pointer to a TOKEN_PRIVILEGES structure that specifies an array of privileges and their attributes. If the DisableAllPrivileges parameter is FALSE, AdjustTokenPrivileges enables or disables each privilege depending on the PrivilegeCount member of this structure.

• BufferLength: Specifies the size, in bytes, of the buffer pointed to by the NewState parameter.

• PreviousState: A pointer to a TOKEN_PRIVILEGES structure that receives the previous state of any privileges that were modified. This parameter can be NULL if the previous state information is not needed.

• ReturnLength: A pointer to a variable that receives the size, in bytes, of the PreviousState parameter.

Return Value:

• Returns TRUE if the function succeeds, FALSE otherwise. To get extended error information, call GetLastError().

Example usage:

#include <windows.h>
#include <iostream>
int main()
{
// Open the current process's access token
HANDLE hToken;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken))
{
std::cout << "Failed to open process token. Error: " << GetLastError() << std::endl;
return 1;
}
// Enable or disable a specific privilege
TOKEN_PRIVILEGES tp;
tp.PrivilegeCount = 1;
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tp.Privileges[0].Luid))
{
std::cout << "Failed to lookup privilege value. Error: " << GetLastError() << std::endl;
return 1;
}
if (!AdjustTokenPrivileges(hToken, FALSE, &tp, 0, NULL, NULL))
{
std::cout << "Failed to adjust token privileges. Error: " << GetLastError() << std::endl;
return 1;
}
std::cout << "Token privileges adjusted successfully." << std::endl;
// Close the token handle
CloseHandle(hToken);
return 0;
}

This example demonstrates how to enable or disable the SE_DEBUG_NAME privilege in the current process’s access token. Note that you will need administrative privileges to modify certain privileges.