def grant_debug_privilege(pid=None): """Grant debug privileges. @param pid: PID. @return: operation status. """ ADVAPI32.OpenProcessToken.argtypes = (wintypes.HANDLE, wintypes.DWORD, POINTER(wintypes.HANDLE)) ADVAPI32.LookupPrivilegeValueW.argtypes = (wintypes.LPWSTR, wintypes.LPWSTR, POINTER(LUID)) ADVAPI32.AdjustTokenPrivileges.argtypes = (wintypes.HANDLE, wintypes.BOOL, POINTER(TOKEN_PRIVILEGES), wintypes.DWORD, POINTER(TOKEN_PRIVILEGES), POINTER(wintypes.DWORD)) if pid is None: h_process = KERNEL32.GetCurrentProcess() else: h_process = KERNEL32.OpenProcess(PROCESS_ALL_ACCESS, False, pid) if not h_process: return False h_current_token = wintypes.HANDLE() if not ADVAPI32.OpenProcessToken(h_process, TOKEN_ALL_ACCESS, h_current_token): return False se_original_luid = LUID() if not ADVAPI32.LookupPrivilegeValueW(None, "SeDebugPrivilege", se_original_luid): return False luid_attributes = LUID_AND_ATTRIBUTES() luid_attributes.Luid = se_original_luid luid_attributes.Attributes = SE_PRIVILEGE_ENABLED token_privs = TOKEN_PRIVILEGES() token_privs.PrivilegeCount = 1 token_privs.Privileges = luid_attributes if not ADVAPI32.AdjustTokenPrivileges(h_current_token, False, token_privs, 0, None, None): return False KERNEL32.CloseHandle(h_current_token) KERNEL32.CloseHandle(h_process) return True
def open(self): """Open a process and/or thread. @return: operation status. """ ret = bool(self.pid or self.thread_id) if self.pid and not self.h_process: if self.pid == os.getpid(): self.h_process = KERNEL32.GetCurrentProcess() else: self.h_process = KERNEL32.OpenProcess(PROCESS_ALL_ACCESS, False, self.pid) if not self.h_process: self.h_process = KERNEL32.OpenProcess( PROCESS_QUERY_LIMITED_INFORMATION, False, self.pid) ret = True if self.thread_id and not self.h_thread: self.h_thread = KERNEL32.OpenThread(THREAD_ALL_ACCESS, False, self.thread_id) ret = True return ret
def open_process(self): """Open a process handle.""" return KERNEL32.OpenProcess(PROCESS_ALL_ACCESS, False, self.pid)