windzhou
12/14/2017 - 11:04 AM

snippet.cs

提升进程权限

    // Fields
    internal const int SE_PRIVILEGE_ENABLED = 2;
    internal const string SE_TIME_ZONE_NAMETEXT = "SeTimeZonePrivilege";
    internal const int TOKEN_ADJUST_PRIVILEGES = 0x20;
    internal const int TOKEN_QUERY = 8;
    // Methods
    [DllImport("advapi32.dll", SetLastError=true, ExactSpelling=true)]
    internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr relen);
    [DllImport("kernel32.dll", ExactSpelling=true)]
    internal static extern IntPtr GetCurrentProcess();
    public static string GetOSName();
    [DllImport("advapi32.dll", SetLastError=true)]
    internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
    [STAThread]
    private static void Main(string[] args);
    [DllImport("advapi32.dll", SetLastError=true, ExactSpelling=true)]
    internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
    internal static bool SetSystemPriv();


internal static bool SetSystemPriv()
{
    try
    {
        TokPriv1Luid luid;
        IntPtr currentProcess = GetCurrentProcess();
        IntPtr zero = IntPtr.Zero;
        bool flag = OpenProcessToken(currentProcess, 40, ref zero);
        luid.Count = 1;
        luid.Luid = 0L;
        luid.Attr = 2;
        flag = LookupPrivilegeValue(null, "SeTimeZonePrivilege", ref luid.Luid);
        return AdjustTokenPrivileges(zero, false, ref luid, 0, IntPtr.Zero, IntPtr.Zero);
    }
    catch (Exception)
    {
        return false;
    }
}