'---------------------------------------------------------------------------------------
' Module : mNativeTokens
' Author : Karcrack
' Now$ : 18/08/2009 17:18
' Used for? : Get Privileges using Native API (RtlAdjustPrivilege)
' Reference :
' http://forum.sysinternals.com/forum_posts.asp?TID=15745
'---------------------------------------------------------------------------------------
Option Explicit
'NTDLL
Private Declare Function RtlAdjustPrivilege Lib "NTDLL" (ByVal Privilege As Long, ByVal bEnablePrivilege As Long, ByVal bCurrentThread As Long, ByRef OldState As Long) As Long
Public Enum PRIVILEGES_ENUM
SeAssignPrimaryTokenPrivilege = 3 ' Replace a process-level token
SeAuditPrivilege = 21 ' Generate security audits.
SeBackupPrivilege = 17 ' Grant all file read access (ACL Bypass)
SeChangeNotifyPrivilege = 23 ' Receive file/folder change notifications
SeCreateGlobalPrivilege = 30 ' Create global objects
SeCreatePagefilePrivilege = 15 ' Create pagefile
SeCreatePermanentPrivilege = 16 ' Create permanent shared object
SeCreateSymbolicLinkPrivilege = 33 ' (W.VISTA) Create symbolic links
SeCreateTokenPrivilege = 2 ' Create a token
SeDebugPrivilege = 20 ' Open any process (ACL Bypass)
SeEnableDelegationPrivilege = 27 ' (W.2000) Trust users for delegation
SeImpersonatePrivilege = 29 ' Enable thread impersonation
SeIncreaseBasePriorityPrivilege = 14 ' Increase process priority
SeIncreaseQuotaPrivilege = 5 ' Increase process memory quota
SeIncreaseWorkingSetPrivilege = 30 ' (W.VISTA) Increase process WS
SeLoadDriverPrivilege = 10 ' Load/Unload driver
SeLockMemoryPrivilege = 4 ' Lock pages in memory
SeMachineAccountPrivilege = 6 ' Create user account
SeManageVolumePrivilege = 28 ' Manage files on a volume
SeProfileSingleProcessPrivilege = 13 ' Gather process profiling info
SeRelabelPrivilege = 32 ' Modify object label
SeRemoteShutdownPrivilege = 24 ' Shutdown a remote computer
SeRestorePrivilege = 18 ' Grant all file write access (ACL Bypass)
SeSecurityPrivilege = 8 ' Manage auditying and security log
SeShutdownPrivilege = 19 ' Initiate Shutdown
SeSyncAgentPrivilege = 26 ' (W.2000) Use directory sync services
SeSystemEnvironmentPrivilege = 22 ' Modify firmware environment values
SeSystemProfilePrivilege = 11 ' Gather system profiling info
SeSystemtimePrivilege = 12 ' Change Time
SeTakeOwnershipPrivilege = 9 ' Change object owner (ACL Bypass)
SeTcbPrivilege = 7 ' Idetify as a trusted, protected subsystem
SeTimeZonePrivilege = 34 ' (W.VISTA) Change time zone
SeTrustedCredManAccessPrivilege = 31 ' (W.VISTA) Access the Credential Manager (trusted caller)
SeUndockPrivilege = 25 ' Remove from docking station
SeUnsolicitedInputPrivilege = 35 ' (ABSOL33T) Read unsolicited input (from terminal device)
End Enum
Public Function AsignPrivilege(ByVal lPriv As PRIVILEGES_ENUM, Optional ByVal bEnable As Boolean = True, Optional ByVal bThread As Long = 0, Optional ByRef lOldState As Long) As Boolean
AsignPrivilege = (RtlAdjustPrivilege(lPriv, bEnable, bThread, lOldState) = 0)
End Function
El Enum es mas largo que el codigo :laugh: :laugh:
Bueno, creo que esta claro lo que hace este codigo... asigna privilegios a nuestra aplicacion utilizando un API nativa, y evitando hacer las llamadas a varias APIs para hacer esto mismo ;D
Saludos ;)
esta es la mejor forma para mi así seteo privilegios a mi aplicación
Una pregunta tal vez tonta (nunca he trabajado con "permisos" .... o tal vez si pero no con ese nombre jeje)
pero no logro entender para que son algunos permisos que estan en el enum, (se ingles pero..) una guia en español no estaria nada mal :P
sino, tal vez lo use cuando llegue la hora :P asi que gracias x adelantado ;)
Gracias por el aporte