GithubHelp home page GithubHelp logo

bazile / processprivileges Goto Github PK

View Code? Open in Web Editor NEW
0.0 3.0 0.0 5 KB

Process Privileges is a set of extension methods, written in C#, for System.Diagnostics.Process. It implements the functionality necessary to query, enable, disable or remove privileges on a process.

Home Page: https://archive.codeplex.com/?p=processprivileges

License: Microsoft Public License

processprivileges's Introduction

ProcessPrivileges

Privileges determine the type of system operations that a process can perform. Process Privileges is a set of extension methods, written in C#, for System.Diagnostics.Process. It implements the functionality necessary to query, enable, disable or remove privileges on a process.

This is unofficial fork of original project from CodePlex.

Description

Privileges determine the type of system operations that a process can perform.

Process Privileges is a set of extension methods, written in C#, for System.Diagnostics.Process. It implements the functionality necessary to query, enable, disable or remove privileges on a process.

The following extension methods are offered:

  • DisablePrivilege - Disables the specified privilege on a process.
  • EnablePrivilege - Enables the specified privilege on a process.
  • GetAccessTokenHandle - Gets an access token handle for a process.
  • GetPrivilegeAttributes - Gets the attributes for a privilege on a process.
  • GetPrivilegeState - Gets the state of a privilege.
  • GetPrivileges - Gets the privileges and associated attributes from a process.
  • RemovePrivilege - Removes the specified privilege from a process.

In addition, a privilege enabler class is offered that enables privileges on a process in a safe way, ensuring that they are returned to their original state when an operation that requires a privilege completes.

Background

For more information on privileges, see:

Privileges https://docs.microsoft.com/en-gb/windows/desktop/SecAuthZ/privileges

Privilege Constants https://docs.microsoft.com/en-gb/windows/desktop/SecAuthZ/privilege-constants

Guidance

Enabling a privilege allows a process to perform system-level actions that it could not previously.

Before enabling a privilege, many potentially dangerous, thoroughly verify that functions or operations in your code actually require them.

It is not normally appropriate to hold privileges that you enable for the lifetime of a process. Use sparingly; enable when needed, disable when not.

Example 1: Safely Enabling a Privilege

{{ using System; using System.Diagnostics; using ProcessPrivileges;

internal static class PrivilegeEnablerExample { public static void Main() { Process process = Process.GetCurrentProcess();

    using (new PrivilegeEnabler(process, Privilege.TakeOwnership))
    {
        // Privilege is enabled within the using block.
        Console.WriteLine(
            "{0} => {1}",
            Privilege.TakeOwnership,
            process.GetPrivilegeState(Privilege.TakeOwnership));
    }

    // Privilege is disabled outside the using block.
    Console.WriteLine(
        "{0} => {1}",
        Privilege.TakeOwnership,
        process.GetPrivilegeState(Privilege.TakeOwnership));
}

} }} {{ TakeOwnership => Enabled TakeOwnership => Disabled }}

Example 2: Using the Extension Methods

{{ using System; using System.Diagnostics; using System.Linq; using ProcessPrivileges;

internal static class ProcessPrivilegesExample { public static void Main() { // Get the current process. Process process = Process.GetCurrentProcess();

    // Get the privileges and associated attributes.
    PrivilegeAndAttributesCollection privileges = process.GetPrivileges();

    int maxPrivilegeLength = privileges.Max(privilege => privilege.Privilege.ToString().Length);

    foreach (PrivilegeAndAttributes privilegeAndAttributes in privileges)
    {
        // The privilege.
        Privilege privilege = privilegeAndAttributes.Privilege;

        // The privilege state.
        PrivilegeState privilegeState = privilegeAndAttributes.PrivilegeState;

        // Write out the privilege and its state.
        Console.WriteLine(
            "{0}{1} => {2}",
            privilege,
            GetPadding(privilege.ToString().Length, maxPrivilegeLength),
            privilegeState);
    }

    Console.WriteLine();

    // Privileges can only be enabled on a process if they are disabled.
    if (process.GetPrivilegeState(Privilege.TakeOwnership) == PrivilegeState.Disabled)
    {
        // Enable the TakeOwnership privilege on it.
        AdjustPrivilegeResult result = process.EnablePrivilege(Privilege.TakeOwnership);

        // Get the state of the TakeOwnership privilege.
        PrivilegeState takeOwnershipState = process.GetPrivilegeState(Privilege.TakeOwnership);

        // Write out the TakeOwnership privilege, its state and the result.
        Console.WriteLine(
            "{0}{1} => {2} ({3})",
            Privilege.TakeOwnership,
            GetPadding(Privilege.TakeOwnership.ToString().Length, maxPrivilegeLength),
            takeOwnershipState,
            result);
    }
}

private static string GetPadding(int length, int maxLength)
{
    int paddingLength = maxLength - length;
    char[]() padding = new char[paddingLength](paddingLength);
    for (int i = 0; i < paddingLength; i++)
    {
        padding[i](i) = ' ';
    }

    return new string(padding);
}

} }} {{ ChangeNotify => Enabled Security => Disabled Backup => Disabled Restore => Disabled SystemTime => Disabled Shutdown => Enabled RemoteShutdown => Disabled TakeOwnership => Disabled Debug => Enabled SystemEnvironment => Disabled SystemProfile => Disabled ProfileSingleProcess => Disabled IncreaseBasePriority => Disabled LoadDriver => Enabled CreatePagefile => Disabled IncreaseQuota => Enabled Undock => Enabled ManageVolume => Disabled Impersonate => Enabled CreateGlobal => Enabled

TakeOwnership => Enabled (PrivilegeModified) }}

Example 3: Reusing an Access Token Handle

{{ using System; using System.Diagnostics; using ProcessPrivileges;

internal static class ReusingAccessTokenHandleExample { public static void Main() { // Access token handle reused within the using block. using (AccessTokenHandle accessTokenHandle = Process.GetCurrentProcess().GetAccessTokenHandle( TokenAccessRights.AdjustPrivileges | TokenAccessRights.Query)) { // Enable privileges using the same access token handle. AdjustPrivilegeResult backupResult = accessTokenHandle.EnablePrivilege(Privilege.Backup); AdjustPrivilegeResult restoreResult = accessTokenHandle.EnablePrivilege(Privilege.Restore);

        Console.WriteLine(
            "{0} => {1} ({2})",
            Privilege.Backup,
            accessTokenHandle.GetPrivilegeState(Privilege.Backup),
            backupResult);

        Console.WriteLine(
            "{0} => {1} ({2})",
            Privilege.Restore,
            accessTokenHandle.GetPrivilegeState(Privilege.Restore),
            restoreResult);
    }
}

} }} {{ Backup => Enabled (PrivilegeModified) Restore => Enabled (PrivilegeModified) }}

Privileges

|| Privilege || Constant || Enum || Description || Support Baseline || | SeAssignPrimaryTokenPrivilege | {"SE_ASSIGNPRIMARYTOKEN_NAME"} | Privilege.AssignPrimaryToken | Replace a process-level token. | Windows 2000 | | SeAuditPrivilege | {"SE_AUDIT_NAME"} | Privilege.Audit | Generate security audits. | Windows 2000 | | SeBackupPrivilege | {"SE_BACKUP_NAME"} | Privilege.Backup | Back up files and directories. | Windows 2000 | | SeChangeNotifyPrivilege | {"SE_CHANGE_NOTIFY_NAME"} | Privilege.ChangeNotify | Bypass traverse checking. | Windows 2000 | | SeCreateGlobalPrivilege | {"SE_CREATE_GLOBAL_NAME"} | Privilege.CreateGlobal | Create global objects. | Windows 2000 SP4, Windows XP SP2 | | SeCreatePagefilePrivilege | {"SE_CREATE_PAGEFILE_NAME"} | Privilege.CreatePageFile | Create a pagefile. | Windows 2000 | | SeCreatePermanentPrivilege | {"SE_CREATE_PERMANENT_NAME"} | Privilege.CreatePermanent | Create permanent shared objects. | Windows 2000 | | SeCreateSymbolicLinkPrivilege | {"SE_CREATE_SYMBOLIC_LINK_NAME"} | Privilege.CreateSymbolicLink | Create symbolic links. | Windows 2000 | | SeCreateTokenPrivilege | {"SE_CREATE_TOKEN_NAME"} | Privilege.CreateToken | Create a token object. | Windows 2000 | | SeDebugPrivilege | {"SE_DEBUG_NAME"} | Privilege.Debug | Debug programs. | Windows 2000 | | SeEnableDelegationPrivilege | {"SE_ENABLE_DELEGATION_NAME"} | Privilege.EnableDelegation | Enable computer and user accounts to be trusted for delegation. | Windows 2000 | | SeImpersonatePrivilege | {"SE_IMPERSONATE_NAME"} | Privilege.Impersonate | Impersonate a client after authentication. | Windows 2000 SP4, Windows XP SP2 | | SeIncreaseBasePriorityPrivilege | {"SE_INC_BASE_PRIORITY_NAME"} | Privilege.IncreaseBasePriority | Increase scheduling priority. | Windows 2000 | | SeIncreaseQuotaPrivilege | {"SE_INCREASE_QUOTA_NAME"} | Privilege.IncreaseQuota | Adjust memory quotas for a process. | Windows 2000 | | SeIncreaseWorkingSetPrivilege | {"SE_INC_WORKING_SET_NAME"} | Privilege.IncreaseWorkingSet | Increase a process working set. | Windows 2000 | | SeLoadDriverPrivilege | {"SE_LOAD_DRIVER_NAME"} | Privilege.LoadDriver | Load and unload device drivers. | Windows 2000 | | SeLockMemoryPrivilege | {"SE_LOCK_MEMORY_NAME"} | Privilege.LockMemory | Lock pages in memory. | Windows 2000 | | SeMachineAccountPrivilege | {"SE_MACHINE_ACCOUNT_NAME"} | Privilege.MachineAccount | Add workstations to domain. | Windows 2000 | | SeManageVolumePrivilege | {"SE_MANAGE_VOLUME_NAME"} | Privilege.ManageVolume | Manage the files on a volume. | Windows 2000 | | SeProfileSingleProcessPrivilege | {"SE_PROF_SINGLE_PROCESS_NAME"} | Privilege.ProfileSingleProcess | Profile single process. | Windows 2000 | | SeRelabelPrivilege | {"SE_RELABEL_NAME"} | Privilege.Relabel | Modify an object label. | Windows 2000 | | SeRemoteShutdownPrivilege | {"SE_REMOTE_SHUTDOWN_NAME"} | Privilege.RemoteShutdown | Force shutdown from a remote system. | Windows 2000 | | SeRestorePrivilege | {"SE_RESTORE_NAME"} | Privilege.Restore | Restore files and directories. | Windows 2000 | | SeSecurityPrivilege | {"SE_SECURITY_NAME"} | Privilege.Security | Manage auditing and security log. | Windows 2000 | | SeShutdownPrivilege | {"SE_SHUTDOWN_NAME"} | Privilege.Shutdown | Shut down the system. | Windows 2000 | | SeSyncAgentPrivilege | {"SE_SYNC_AGENT_NAME"} | Privilege.SyncAgent | Synchronize directory service data. | Windows 2000 | | SeSystemEnvironmentPrivilege | {"SE_SYSTEM_ENVIRONMENT_NAME"} | Privilege.SystemEnvironment | Modify firmware environment values. | Windows 2000 | | SeSystemProfilePrivilege | {"SE_SYSTEM_PROFILE_NAME"} | Privilege.SystemProfile | Profile system performance. | Windows 2000 | | SeSystemtimePrivilege | {"SE_SYSTEMTIME_NAME"} | Privilege.SystemTime | Change the system time. | Windows 2000 | | SeTakeOwnershipPrivilege | {"SE_TAKE_OWNERSHIP_NAME"} | Privilege.TakeOwnership | Take ownership of files or other objects. | Windows 2000 | | SeTcbPrivilege | {"SE_TCB_NAME"} | Privilege.TrustedComputerBase | Act as part of the operating system. | Windows 2000 | | SeTimeZonePrivilege | {"SE_TIME_ZONE_NAME"} | Privilege.TimeZone | Change the time zone. | Windows 2000 | | SeTrustedCredManAccessPrivilege | {"SE_TRUSTED_CREDMAN_ACCESS_NAME"} | Privilege.TrustedCredentialManagerAccess | Access Credential Manager as a trusted caller. | Windows 2000 | | SeUndockPrivilege | {"SE_UNDOCK_NAME"} | Privilege.Undock | Remove computer from docking station. | Windows 2000 | | SeUnsolicitedInputPrivilege | {"SE_UNSOLICITED_INPUT_NAME"} | Privilege.UnsolicitedInput | Read unsolicited input from a terminal device. | Windows 2000 |

Related: Process Token Privileges, AdjustTokenPrivileges, GetTokenInformation, LookupPrivilegeName, LookupPrivilegeValue, LUID, LUID_AND_ATTRIBUTES, TOKEN_PRIVILEGES

processprivileges's People

Contributors

bazile avatar

Watchers

avatar avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.