def grant_debug_privilege(pid=None):
"""Grant debug privileges.
@param pid: PID.
@return: operation status.
"""
ADVAPI32.OpenProcessToken.argtypes = (wintypes.HANDLE,
wintypes.DWORD,
POINTER(wintypes.HANDLE))
ADVAPI32.LookupPrivilegeValueW.argtypes = (wintypes.LPWSTR,
wintypes.LPWSTR,
POINTER(LUID))
ADVAPI32.AdjustTokenPrivileges.argtypes = (wintypes.HANDLE,
wintypes.BOOL,
POINTER(TOKEN_PRIVILEGES),
wintypes.DWORD,
POINTER(TOKEN_PRIVILEGES),
POINTER(wintypes.DWORD))
if pid is None:
h_process = KERNEL32.GetCurrentProcess()
else:
h_process = KERNEL32.OpenProcess(PROCESS_ALL_ACCESS, False, pid)
if not h_process:
return False
h_current_token = wintypes.HANDLE()
if not ADVAPI32.OpenProcessToken(h_process,
TOKEN_ALL_ACCESS,
h_current_token):
return False
se_original_luid = LUID()
if not ADVAPI32.LookupPrivilegeValueW(None,
"SeDebugPrivilege",
se_original_luid):
return False
luid_attributes = LUID_AND_ATTRIBUTES()
luid_attributes.Luid = se_original_luid
luid_attributes.Attributes = SE_PRIVILEGE_ENABLED
token_privs = TOKEN_PRIVILEGES()
token_privs.PrivilegeCount = 1
token_privs.Privileges = luid_attributes
if not ADVAPI32.AdjustTokenPrivileges(h_current_token, False, token_privs,
0, None, None):
return False
KERNEL32.CloseHandle(h_current_token)
KERNEL32.CloseHandle(h_process)
return True
def open(self):
"""Open a process and/or thread.
@return: operation status.
"""
ret = bool(self.pid or self.thread_id)
if self.pid and not self.h_process:
if self.pid == os.getpid():
self.h_process = KERNEL32.GetCurrentProcess()
else:
self.h_process = KERNEL32.OpenProcess(PROCESS_ALL_ACCESS, False, self.pid)
ret = True
if self.thread_id and not self.h_thread:
self.h_thread = KERNEL32.OpenThread(THREAD_ALL_ACCESS, False, self.thread_id)
ret = True
return ret
def __del__(self):
"""Close open handles."""
if self.h_process and self.h_process != KERNEL32.GetCurrentProcess():
KERNEL32.CloseHandle(self.h_process)
if self.h_thread:
KERNEL32.CloseHandle(self.h_thread)
