I'm using JNA to try and get access to a process that is ran as admin. I did some research and noticed that Access is denied
is returned when you dont have SeDebugPrivilege.
I enabled SeDebugPrivilege but I'm still getting the same error. Any help?
Processes.enableDebugPrivilege(Kernel32Direct.GetCurrentProcess());
} catch (Exception e) {
e.printStackTrace();
}
handle = Natives.openProcess(id);
throw new Win32Exception(Native.getLastError());
That code gives this error
com.sun.jna.platform.win32.Win32Exception: Access is denied.
Here is my enableDebugPrivilege
method.
public static final String SE_DEBUG_NAME = "SeDebugPrivilege";
////////////////////////////////////////////////////////////////////////
public static final int SE_PRIVILEGE_ENABLED = 0x00000002;
////////////////////////////////////////////////////////////////////////
public static final int TOKEN_ASSIGN_PRIMARY = 0x00000001;
public static final int TOKEN_DUPLICATE = 0x00000002;
public static final int TOKEN_IMPERSONATE = 0x00000004;
public static final int TOKEN_QUERY = 0x00000008;
public static final int TOKEN_QUERY_SOURCE = 0x00000010;
public static final int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public static final int TOKEN_ADJUST_GROUPS = 0x00000040;
public static final int TOKEN_ADJUST_DEFAULT = 0x00000080;
public static final int TOKEN_ADJUST_SESSIONID = 0x00000100;
public static final int STANDARD_RIGHTS_READ = 0x00020000;
public static final int STANDARD_RIGHTS_REQUIRED = 0x000F0000;
public static final int TOKEN_READ = (STANDARD_RIGHTS_READ | TOKEN_QUERY);
public static final int TOKEN_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED | TOKEN_ASSIGN_PRIMARY |
TOKEN_DUPLICATE | TOKEN_IMPERSONATE | TOKEN_QUERY | TOKEN_QUERY_SOURCE |
TOKEN_ADJUST_PRIVILEGES | TOKEN_ADJUST_GROUPS | TOKEN_ADJUST_DEFAULT | TOKEN_ADJUST_SESSIONID);
////////////////////////////////////////////////////////////////////////
public static void enableDebugPrivilege(Pointer hProcess) throws Exception {
PointerByReference hToken = new PointerByReference();
boolean success = Advapi32.INSTANCE.OpenProcessToken(hProcess, TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, hToken);
if (!success) {
int err = Native.getLastError();
throw new Exception("OpenProcessToken failed. Error: " + err);
}
Advapi32.LUID luid = new Advapi32.LUID();
success = Advapi32.INSTANCE.LookupPrivilegeValueA(null, SE_DEBUG_NAME, luid);
if (!success) {
int err = Native.getLastError();
throw new Exception("LookupPrivilegeValueA failed. Error: " + err);
}
Advapi32.TOKEN_PRIVILEGES tkp = new Advapi32.TOKEN_PRIVILEGES(1);
tkp.Privileges[0].Luid = luid;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
success = Advapi32.INSTANCE.AdjustTokenPrivileges(hToken.getValue(), false, tkp, 0, null, null);
if (!success) {
int err = Native.getLastError();
throw new Exception("AdjustTokenPrivileges failed. Error: " + err);
}
Kernel32Direct.CloseHandle(hToken.getValue());
}
And last but not least here is my openProcess method
public static final int PROCESS_QUERY_INFORMATION = 0x0400;
public static final int PROCESS_VM_READ = 0x0010;
public static final int PROCESS_VM_WRITE = 0x0020;
public static final int PROCESS_VM_OPERATION = 0x0008;
public static WinNT.HANDLE openProcess(int pid) {
return openProcess(pid, PROCESS_QUERY_INFORMATION | PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION);
}
public static WinNT.HANDLE openProcess(int pid, int permissions) {
return Kernel32Direct.OpenProcess(permissions, true, pid);
}
Can someone tell me why I'm still getting access denied when calling OpenProcess with SeDebugPrivilege on?
Edit: Advapi32.INSTANCE.AdjustTokenPrivileges(hToken.getValue(), false, tkp, 0, null, null);
Gives me this error:
com.sun.jna.platform.win32.Win32Exception: Not all privileges or groups referenced are assigned to the caller.
Could that be the issue?
User contributions licensed under CC BY-SA 3.0