4. debugger rechte

debugger rechte

  • ?

    hallo leute ich bin auf folgenden artikel gestossen.

    Our idea was - patch the winlogon.exe, sfc.dll or sfcfiles.dll in the memory.
    But there was a small problem - how to write to service program, it's forbidden
    by system. After some disassembling and looking at MSDN we found out how to do
    it - adjust debugger access rightz to our process. After that we can do whatever
    will we want to do with ALL processes in the system, except the system itself.
    Well, that's what I call secure system, hehe.

    wie kann man bitte in c seinem eigenen process debug rechte geben, kann mir da jemand einen quellcode zeigen/geben. denn ich kann nicht ganz glauben das das funzt.

    danke john

    0
  • _

    void getDebugPriv( void )
    {
    HANDLE hToken;
    LUID sedebugnameValue;
    TOKEN_PRIVILEGES tkp;

    if ( ! OpenProcessToken( GetCurrentProcess(),
    TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ) )
    return;

    if ( !LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &sedebugnameValue ) )
    {
    CloseHandle( hToken );
    return;
    }

    tkp.PrivilegeCount = 1;
    tkp.Privileges[0].Luid = sedebugnameValue;
    tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

    AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof tkp, NULL, NULL );

    CloseHandle( hToken );
    }

    0
  • ?

    danke

    0
Anmelden zum Antworten