PrivilegeManager class

1. public class PrivilegeManager
2.     {
3.         [DllImport("advapi32.dll", SetLastError = true)]
4.         [return: MarshalAs(UnmanagedType.Bool)]
5.         static extern bool OpenProcessToken(
6.             IntPtr ProcessHandle,
7.             UInt32 DesiredAccess, out IntPtr TokenHandle);
8.  
9.         private static uint STANDARD_RIGHTS_REQUIRED = 0x000F0000;
10.         private static uint STANDARD_RIGHTS_READ = 0x00020000;
11.         private static uint TOKEN_ASSIGN_PRIMARY = 0x0001;
12.         private static uint TOKEN_DUPLICATE = 0x0002;
13.         private static uint TOKEN_IMPERSONATE = 0x0004;
14.         private static uint TOKEN_QUERY = 0x0008;
15.         private static uint TOKEN_QUERY_SOURCE = 0x0010;
16.         private static uint TOKEN_ADJUST_PRIVILEGES = 0x0020;
17.         private static uint TOKEN_ADJUST_GROUPS = 0x0040;
18.         private static uint TOKEN_ADJUST_DEFAULT = 0x0080;
19.         private static uint TOKEN_ADJUST_SESSIONID = 0x0100;
20.         private static uint TOKEN_READ = (STANDARD_RIGHTS_READ | TOKEN_QUERY);
21.         private static uint TOKEN_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED | TOKEN_ASSIGN_PRIMARY |
22.             TOKEN_DUPLICATE | TOKEN_IMPERSONATE | TOKEN_QUERY | TOKEN_QUERY_SOURCE |
23.             TOKEN_ADJUST_PRIVILEGES | TOKEN_ADJUST_GROUPS | TOKEN_ADJUST_DEFAULT |
24.             TOKEN_ADJUST_SESSIONID);
25.  
26.         [DllImport("kernel32.dll", SetLastError = true)]
27.         public static extern IntPtr GetCurrentProcess();
28.  
29.         [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Auto)]
30.         [return: MarshalAs(UnmanagedType.Bool)]
31.         static extern bool LookupPrivilegeValue(
32.             string lpSystemName,
33.             string lpName,
34.             out LUID lpLuid);
35.  
36.         #region Privelege constants
37.  
38.         public const string SE_ASSIGNPRIMARYTOKEN_NAME = "SeAssignPrimaryTokenPrivilege";
39.         public const string SE_AUDIT_NAME = "SeAuditPrivilege";
40.         public const string SE_BACKUP_NAME = "SeBackupPrivilege";
41.         public const string SE_CHANGE_NOTIFY_NAME = "SeChangeNotifyPrivilege";
42.         public const string SE_CREATE_GLOBAL_NAME = "SeCreateGlobalPrivilege";
43.         public const string SE_CREATE_PAGEFILE_NAME = "SeCreatePagefilePrivilege";
44.         public const string SE_CREATE_PERMANENT_NAME = "SeCreatePermanentPrivilege";
45.         public const string SE_CREATE_SYMBOLIC_LINK_NAME = "SeCreateSymbolicLinkPrivilege";
46.         public const string SE_CREATE_TOKEN_NAME = "SeCreateTokenPrivilege";
47.         public const string SE_DEBUG_NAME = "SeDebugPrivilege";
48.         public const string SE_ENABLE_DELEGATION_NAME = "SeEnableDelegationPrivilege";
49.         public const string SE_IMPERSONATE_NAME = "SeImpersonatePrivilege";
50.         public const string SE_INC_BASE_PRIORITY_NAME = "SeIncreaseBasePriorityPrivilege";
51.         public const string SE_INCREASE_QUOTA_NAME = "SeIncreaseQuotaPrivilege";
52.         public const string SE_INC_WORKING_SET_NAME = "SeIncreaseWorkingSetPrivilege";
53.         public const string SE_LOAD_DRIVER_NAME = "SeLoadDriverPrivilege";
54.         public const string SE_LOCK_MEMORY_NAME = "SeLockMemoryPrivilege";
55.         public const string SE_MACHINE_ACCOUNT_NAME = "SeMachineAccountPrivilege";
56.         public const string SE_MANAGE_VOLUME_NAME = "SeManageVolumePrivilege";
57.         public const string SE_PROF_SINGLE_PROCESS_NAME = "SeProfileSingleProcessPrivilege";
58.         public const string SE_RELABEL_NAME = "SeRelabelPrivilege";
59.         public const string SE_REMOTE_SHUTDOWN_NAME = "SeRemoteShutdownPrivilege";
60.         public const string SE_RESTORE_NAME = "SeRestorePrivilege";
61.         public const string SE_SECURITY_NAME = "SeSecurityPrivilege";
62.         public const string SE_SHUTDOWN_NAME = "SeShutdownPrivilege";
63.         public const string SE_SYNC_AGENT_NAME = "SeSyncAgentPrivilege";
64.         public const string SE_SYSTEM_ENVIRONMENT_NAME = "SeSystemEnvironmentPrivilege";
65.         public const string SE_SYSTEM_PROFILE_NAME = "SeSystemProfilePrivilege";
66.         public const string SE_SYSTEMTIME_NAME = "SeSystemtimePrivilege";
67.         public const string SE_TAKE_OWNERSHIP_NAME = "SeTakeOwnershipPrivilege";
68.         public const string SE_TCB_NAME = "SeTcbPrivilege";
69.         public const string SE_TIME_ZONE_NAME = "SeTimeZonePrivilege";
70.         public const string SE_TRUSTED_CREDMAN_ACCESS_NAME = "SeTrustedCredManAccessPrivilege";
71.         public const string SE_UNDOCK_NAME = "SeUndockPrivilege";
72.         public const string SE_UNSOLICITED_INPUT_NAME = "SeUnsolicitedInputPrivilege";
73.         #endregion
74.  
75.         [StructLayout(LayoutKind.Sequential)]
76.         public struct LUID
77.         {
78.             public UInt32 LowPart;
79.             public Int32 HighPart;
80.         }
81.  
82.         [DllImport("kernel32.dll", SetLastError = true)]
83.         static extern bool CloseHandle(IntPtr hHandle);
84.  
85.         public const UInt32 SE_PRIVILEGE_ENABLED_BY_DEFAULT = 0x00000001;
86.         public const UInt32 SE_PRIVILEGE_ENABLED = 0x00000002;
87.         public const UInt32 SE_PRIVILEGE_REMOVED = 0x00000004;
88.         public const UInt32 SE_PRIVILEGE_USED_FOR_ACCESS = 0x80000000;
89.  
90.         [StructLayout(LayoutKind.Sequential)]
91.         public struct TOKEN_PRIVILEGES
92.         {
93.             public UInt32 PrivilegeCount;
94.             public LUID Luid;
95.             public UInt32 Attributes;
96.         }
97.  
98.         [StructLayout(LayoutKind.Sequential)]
99.         public struct LUID_AND_ATTRIBUTES
100.         {
101.             public LUID Luid;
102.             public UInt32 Attributes;
103.         }
104.  
105.         [DllImport("advapi32.dll", SetLastError = true)]
106.         [return: MarshalAs(UnmanagedType.Bool)]
107.         static extern bool AdjustTokenPrivileges(
108.             IntPtr TokenHandle,
109.            [MarshalAs(UnmanagedType.Bool)]bool DisableAllPrivileges,
110.            ref TOKEN_PRIVILEGES NewState,
111.            UInt32 Zero,
112.            IntPtr Null1,
113.            IntPtr Null2);
114.  
115.         /// <summary>
116.         /// Меняет привилегию
117.         /// </summary>
118.         /// <param name="PID">ID процесса</param>
119.         /// <param name="privelege">Привилегия</param>
120.         public static void SetPrivilege(
121.             IntPtr PID,
122.             string privilege)
123.         {
124.             IntPtr hToken;
125.             LUID luidSEDebugNameValue;
126.             TOKEN_PRIVILEGES tkpPrivileges;
127.  
128.             if (!OpenProcessToken(PID, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, out hToken))
129.             {
130.                 throw new Exception("Произошла ошибка при выполнении OpenProcessToken(). Код ошибки "
131.                     + Marshal.GetLastWin32Error());
132.             }
133.  
134.             if (!LookupPrivilegeValue(null, privilege, out luidSEDebugNameValue))
135.             {
136.                 CloseHandle(hToken);
137.                 throw new Exception("Произошла ошибка при выполнении LookupPrivilegeValue(). Код ошибки "
138.                     + Marshal.GetLastWin32Error());
139.             }
140.  
141.             tkpPrivileges.PrivilegeCount = 1;
142.             tkpPrivileges.Luid = luidSEDebugNameValue;
143.             tkpPrivileges.Attributes = SE_PRIVILEGE_ENABLED;
144.  
145.             if (!AdjustTokenPrivileges(hToken, false, ref tkpPrivileges, 0, IntPtr.Zero, IntPtr.Zero))
146.             {
147.                 throw new Exception("Произошла ошибка при выполнении LookupPrivilegeValue(). Код ошибки :"
148.                     + Marshal.GetLastWin32Error());
149.             }
150.             CloseHandle(hToken);
151.         }
152.     }