Posted: Wed Jul 12, 2006 5:18 pm
Unfortunately not. KarlKox translated it to PB (many thanks) and I am now using his code with some other code I found. I have MSVC here but it's not installed.
Success to you
best Henrik
PureBasic Forums - English
http://www.purebasic.com
https://www.purebasic.fr/english/
C++ to PB. Headaches, white nights, etc..
Page 2 of 3
Posted: Wed Jul 12, 2006 5:34 pm
okay, anyway looking forward to this lib
Success to you
best Henrik
Success to you
best Henrik
Posted: Wed Jul 12, 2006 6:08 pm
Thank you .
.Posted: Sun Jul 16, 2006 11:00 am
The archive was updated.
Posted: Sun Jul 16, 2006 12:59 pm
@KarlKoX .. Nooow It's working ...Very cool, Thank Yooou KarLKoX
best Henrik
best Henrik
Posted: Sun Jul 16, 2006 1:34 pm
Well the Dll is working thats cool
But i'm Freaking still not able to ObtainSeDebugPrivilege on ex. Explorer.exe
it failes allready OpenProcessToken_()
Inf0byt3's PureAV need to get access to any process in oder to ex. kill them and it seems he is not able to on my system,
Still Thank you KarLKoX
Best Henrik
But i'm Freaking still not able to ObtainSeDebugPrivilege on ex. Explorer.exe
it failes allready OpenProcessToken_()
Inf0byt3's PureAV need to get access to any process in oder to ex. kill them and it seems he is not able to on my system,
Still Thank you KarLKoX
Best Henrik
Posted: Sun Jul 16, 2006 2:56 pm
I tried it with explorer and in fact, there is a problem with the privilege and with the import iat function name, with explorer they are imported by ordinal (not by name), i ll see what i can do 
Posted: Sun Jul 16, 2006 9:32 pm
Thank you very much!
Posted: Sun Jul 16, 2006 9:57 pm
Thats Nice KarLKoX
Posted: Sun Jul 16, 2006 10:40 pm
I tried with explorer and now the privilege is ok but the dll is not mapped to the process ... i tried pausing the thread, injecting the dll and resuming the thread but with no success 
I will continue to search and let you know when i find a solution.
I will continue to search and let you know when i find a solution.
Posted: Mon Jul 17, 2006 6:30 pm
OkayKarLKoX wrote:I tried with explorer and now the privilege is ok but the dll is not mapped to the process ... i tried pausing the thread, injecting the dll and resuming the thread but with no success
I will continue to search and let you know when i find a solution.
I'm glad/relieved you don't give up so easily, i would'nt stand a chance here
.... xplorer and now the privilege is ok
Is it a new source, i messed the last one up so badly, but i can't see the changes in the one i just downloaded, i try to messe around some more
it can only crash my pc 
Thanks KarLKoX
Posted: Mon Jul 17, 2006 6:36 pm
In the ObtainSeDebugPrivilege, change the two
to (for the first)
and for the second
Code: Select all
If GetLastError_() <> #ERROR_SUCCESS
Code: Select all
"If AdjustTokenPrivileges_(hToken, #False, @TokenPrivileges, SizeOf(TOKEN_PRIVILEGES), @PreviousTokenPrivileges, @dwPreviousTokenPrivilegesSize) <= 0"
Code: Select all
If AdjustTokenPrivileges_(hToken, #False, @PreviousTokenPrivileges, dwPreviousTokenPrivilegesSize, #Null, #Null) <= 0
Posted: Mon Jul 17, 2006 7:12 pm
Okay
should i drop the.
I changed the code as you said, but on my pc it failes here: with
OpenProcessToken False!
Best Henrik
should i drop the.
Code: Select all
If GetLastError_() <> #ERROR_SUCCESS
OpenProcessToken False!
Code: Select all
dwPreviousTokenPrivilegesSize = SizeOf(TOKEN_PRIVILEGES)
result = OpenProcessToken_(hProcess, #TOKEN_ADJUST_PRIVILEGES | #TOKEN_QUERY, @hToken)
If result = #False
PrintN("OpenProcessToken False!")
ProcedureReturn #False
Else
PrintN("OpenProcessToken True")
EndIf
Posted: Mon Jul 17, 2006 11:05 pm
this is odd, is'nt this wrong
The pid for explorer.exe is = 1436 but the hProcess is = 40 : now the OpenProcessToken i returning true
.
AdjustTokenPrivileges seems to return true, but no go ?
Best Henrik
Code: Select all
Procedure DoHook(pid.l,UnHook.b,hFreeModule.l)
... bla
hProcess = OpenProcess_(#PROCESS_ALL_ACCESS, #False, pid)
ObtainSeDebugPrivilege(hProcess) ; *** <----- Not pid ***
;hProcess = OpenProcess_(#PROCESS_ALL_ACCESS, #False, pid)
...
Procedure ObtainSeDebugPrivilege(hProcess.l)
... bla
PrintN("hProcess = "+Str(hProcess))
result = OpenProcessToken_(hProcess, #TOKEN_ADJUST_PRIVILEGES | #TOKEN_QUERY, @hToken)
If result = #False
PrintN("OpenProcessToken False")
ProcedureReturn #False
Else
PrintN("OpenProcessToken True "+Str(result))
EndIf
.
AdjustTokenPrivileges seems to return true, but no go ?
Best Henrik
Posted: Tue Jul 18, 2006 9:33 am
The archive was updated with some changes.
About the odd, read well the code, i never wrote this, but i set first the privilege with the pid, the param for the ObtainSeDebugPrivilege is just named hProcess but the hProcess is the pid
Btw, it should never work for the pid this is why with the modified source you will see that i use GetCurrentProcess_() instead to set the privilege to our process wich then should be able to be used to the target process.
About the odd, read well the code, i never wrote this, but i set first the privilege with the pid, the param for the ObtainSeDebugPrivilege is just named hProcess but the hProcess is the pid
Btw, it should never work for the pid this is why with the modified source you will see that i use GetCurrentProcess_() instead to set the privilege to our process wich then should be able to be used to the target process.