def grant_debug_privilege(pid=None):
"""Grant debug privileges.
@param pid: PID.
@return: operation status.
"""
ADVAPI32.OpenProcessToken.argtypes = (wintypes.HANDLE,
wintypes.DWORD,
POINTER(wintypes.HANDLE))
ADVAPI32.LookupPrivilegeValueW.argtypes = (wintypes.LPWSTR,
wintypes.LPWSTR,
POINTER(LUID))
ADVAPI32.AdjustTokenPrivileges.argtypes = (wintypes.HANDLE,
wintypes.BOOL,
POINTER(TOKEN_PRIVILEGES),
wintypes.DWORD,
POINTER(TOKEN_PRIVILEGES),
POINTER(wintypes.DWORD))
if pid is None:
h_process = KERNEL32.GetCurrentProcess()
else:
h_process = KERNEL32.OpenProcess(PROCESS_ALL_ACCESS, False, pid)
if not h_process:
return False
h_current_token = wintypes.HANDLE()
if not ADVAPI32.OpenProcessToken(h_process,
TOKEN_ALL_ACCESS,
h_current_token):
return False
se_original_luid = LUID()
if not ADVAPI32.LookupPrivilegeValueW(None,
"SeDebugPrivilege",
se_original_luid):
return False
luid_attributes = LUID_AND_ATTRIBUTES()
luid_attributes.Luid = se_original_luid
luid_attributes.Attributes = SE_PRIVILEGE_ENABLED
token_privs = TOKEN_PRIVILEGES()
token_privs.PrivilegeCount = 1
token_privs.Privileges = luid_attributes
if not ADVAPI32.AdjustTokenPrivileges(h_current_token, False, token_privs,
0, None, None):
return False
KERNEL32.CloseHandle(h_current_token)
KERNEL32.CloseHandle(h_process)
return True
def open(self):
"""Open a process and/or thread.
@return: operation status.
"""
ret = bool(self.pid or self.thread_id)
if self.pid and not self.h_process:
if self.pid == os.getpid():
self.h_process = KERNEL32.GetCurrentProcess()
else:
self.h_process = KERNEL32.OpenProcess(PROCESS_ALL_ACCESS,
False, self.pid)
if not self.h_process:
self.h_process = KERNEL32.OpenProcess(
PROCESS_QUERY_LIMITED_INFORMATION, False, self.pid)
ret = True
if self.thread_id and not self.h_thread:
self.h_thread = KERNEL32.OpenThread(THREAD_ALL_ACCESS, False,
self.thread_id)
ret = True
return ret
def open_process(self):
"""Open a process handle."""
return KERNEL32.OpenProcess(PROCESS_ALL_ACCESS, False, self.pid)
