I would like to recover all privileges from a username. For example privileges : "SE_ASSIGN_PRIMARY_TOKEN_PRIVILEGE", "SE_AUDIT_PRIVILEGE", "SE_DEBUG_PRIVILEGE"... I searched on the microsoft documentation and I found GetTokenInformation() https://learn.microsoft.com/en-us/windows/desktop/api/securitybaseapi/nf-securitybaseapi-gettokeninformation but I do not understand how to access all the privileges and see the value of this privilege. Would anyone already use this method with an example or how to proceed please?
You could try the code below:
#include <iostream>
#include <windows.h>
#include <tchar.h>
BOOL CheckWindowsPrivilege(const TCHAR *Privilege)
{
/* Checks for Privilege and returns True or False. */
LUID luid;
PRIVILEGE_SET privs;
HANDLE hProcess;
HANDLE hToken;
hProcess = GetCurrentProcess();
if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken)) return FALSE;
if (!LookupPrivilegeValue(NULL, Privilege, &luid)) return FALSE;
privs.PrivilegeCount = 1;
privs.Control = PRIVILEGE_SET_ALL_NECESSARY;
privs.Privilege[0].Luid = luid;
privs.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
BOOL bResult;
PrivilegeCheck(hToken, &privs, &bResult);
return bResult;
}
int wmain(void)
{
if (!CheckWindowsPrivilege(SE_ASSIGNPRIMARYTOKEN_NAME))
{
wprintf(L"I do not have SeAssignPrimaryTokenPrivilege!\n");
return 1;
}
wprintf(L"I do have SeAssignPrimaryTokenPrivilege!\n");
return 0;
}
And then call the SetPrivilege(not the win32 api but the function from the MSDN example)