├── version3
    ├── ListTokens.cpp
    ├── ListTokens.h
    ├── Execute.cpp
    ├── Helper.cpp
    ├── TokenUtil.h
    ├── Helper.h
    ├── StructureInfo.h
    ├── TokenInforUtil.h
    ├── TokenInforUtil.cpp
    ├── ProcessInforUtil.cpp
    ├── ProcessInforUtil.h
    ├── getopt.h
    ├── settings.h
    ├── .vscode
    │   └── c_cpp_properties.json
    ├── TokenUtil.vcxproj.user
    ├── getopt.cpp
    ├── Execute.h
    ├── TokenUtil.sln
    ├── TokenUtil.vcxproj.filters
    ├── TokenUtil.vcxproj
    └── TokenUtil.cpp
├── img
    ├── 0.jpg
    ├── 1.png
    ├── 2.png
    └── 3.png
├── version1
    ├── TokenUtils.cpp
    ├── logonSession.cpp
    ├── tidtest.h
    ├── logonSession.h
    ├── getopt.h
    ├── test.vcxproj.user
    ├── TokenUtils.h
    ├── getopt.cpp
    ├── test.sln
    ├── test.vcxproj.filters
    ├── tidtest.cpp
    └── test.vcxproj
├── version2
    ├── TokenUtils.cpp
    ├── TokenUtils.h
    ├── logonSession.cpp
    ├── logonSession.h
    ├── getopt.h
    ├── getopt.cpp
    ├── test.vcxproj.user
    ├── test.sln
    ├── test.vcxproj.filters
    └── test.vcxproj
├── .gitignore
└── README.md


/version3/ListTokens.cpp:
--------------------------------------------------------------------------------
1 | #include "ListTokens.h"
2 | 


--------------------------------------------------------------------------------
/img/0.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/img/0.jpg


--------------------------------------------------------------------------------
/img/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/img/1.png


--------------------------------------------------------------------------------
/img/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/img/2.png


--------------------------------------------------------------------------------
/img/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/img/3.png


--------------------------------------------------------------------------------
/version3/ListTokens.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | class ListTokens
3 | {
4 | };
5 | 
6 | 


--------------------------------------------------------------------------------
/version3/Execute.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version3/Execute.cpp


--------------------------------------------------------------------------------
/version3/Helper.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version3/Helper.cpp


--------------------------------------------------------------------------------
/version3/TokenUtil.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version3/TokenUtil.h


--------------------------------------------------------------------------------
/version1/TokenUtils.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version1/TokenUtils.cpp


--------------------------------------------------------------------------------
/version2/TokenUtils.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version2/TokenUtils.cpp


--------------------------------------------------------------------------------
/version2/TokenUtils.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version2/TokenUtils.h


--------------------------------------------------------------------------------
/version3/Helper.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | class Helper {
3 | public:
4 | 	static void print_usage();
5 | };


--------------------------------------------------------------------------------
/version1/logonSession.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version1/logonSession.cpp


--------------------------------------------------------------------------------
/version1/tidtest.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | #include <windows.h>
3 | 
4 | 
5 | int getPIDFromTid(DWORD dwThreadId);


--------------------------------------------------------------------------------
/version2/logonSession.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version2/logonSession.cpp


--------------------------------------------------------------------------------
/version3/StructureInfo.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version3/StructureInfo.h


--------------------------------------------------------------------------------
/version3/TokenInforUtil.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version3/TokenInforUtil.h


--------------------------------------------------------------------------------
/version3/TokenInforUtil.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version3/TokenInforUtil.cpp


--------------------------------------------------------------------------------
/version3/ProcessInforUtil.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chroblert/JCTokenUtil/HEAD/version3/ProcessInforUtil.cpp


--------------------------------------------------------------------------------
/version1/logonSession.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | #include <tchar.h>
3 | #include <windows.h>
4 | 
5 | #include <NTSecAPI.h>
6 | #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
7 | 
8 | int EnumLogonSessions();


--------------------------------------------------------------------------------
/version2/logonSession.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | #include <tchar.h>
3 | #include <windows.h>
4 | 
5 | //#include <NTSecAPI.h>
6 | #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
7 | 
8 | int EnumLogonSessions();


--------------------------------------------------------------------------------
/version3/ProcessInforUtil.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | #include <tchar.h>
 3 | #include <Windows.h>
 4 | #include <Psapi.h>
 5 | #include <iostream>
 6 | #include "settings.h"
 7 | 
 8 | class ProcessInforUtil
 9 | {
10 | public:
11 | 	static BOOL GetProcessNameFromPid(DWORD pid, TCHAR* tProcName);
12 | };
13 | 
14 | 


--------------------------------------------------------------------------------
/version1/getopt.h:
--------------------------------------------------------------------------------
 1 | //#pragma once
 2 | #include <tchar.h>
 3 | #ifndef GETOPT_H__
 4 | #define GETOPT_H__
 5 | 
 6 | #ifdef __cplusplus
 7 | extern "C" {
 8 | #endif
 9 | 
10 | 	extern TCHAR* optarg;
11 | 	extern int optind;
12 | 
13 | 	int getopt(int argc, TCHAR* const argv[], const char* optstring);
14 | 
15 | #ifdef __cplusplus
16 | }
17 | #endif
18 | 
19 | #endif


--------------------------------------------------------------------------------
/version2/getopt.h:
--------------------------------------------------------------------------------
 1 | //#pragma once
 2 | #include <tchar.h>
 3 | #ifndef GETOPT_H__
 4 | #define GETOPT_H__
 5 | 
 6 | #ifdef __cplusplus
 7 | extern "C" {
 8 | #endif
 9 | 
10 | 	extern TCHAR* optarg;
11 | 	extern int optind;
12 | 
13 | 	int getopt(int argc, TCHAR* const argv[], const char* optstring);
14 | 
15 | #ifdef __cplusplus
16 | }
17 | #endif
18 | 
19 | #endif


--------------------------------------------------------------------------------
/version3/getopt.h:
--------------------------------------------------------------------------------
 1 | //#pragma once
 2 | #include <tchar.h>
 3 | #ifndef GETOPT_H__
 4 | 	#define GETOPT_H__
 5 | 
 6 | 	#ifdef __cplusplus
 7 | 	extern "C" {
 8 | 	#endif
 9 | 
10 | 		extern TCHAR* optarg;
11 | 		extern int optind;
12 | 
13 | 		int getopt(int argc, TCHAR* const argv[], const char* optstring);
14 | 
15 | 	#ifdef __cplusplus
16 | 	}
17 | 	#endif
18 | 
19 | #endif


--------------------------------------------------------------------------------
/version1/test.vcxproj.user:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
3 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
4 |     <LocalDebuggerCommandArguments> -p 1352</LocalDebuggerCommandArguments>
5 |     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
6 |   </PropertyGroup>
7 | </Project>


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | ################################################################################
 2 | # 此 .gitignore 文件已由 Microsoft(R) Visual Studio 自动创建。
 3 | ################################################################################
 4 | 
 5 | /version1/.vs/
 6 | /version1/Release/
 7 | /version1/Debug/
 8 | /version1/x64/
 9 | /version2/.vs/
10 | /version2/Release/
11 | /version2/Debug/
12 | /version2/x64/
13 | /version3/.vs/
14 | /version3/Release/
15 | /version3/Debug/
16 | /version3/x64/


--------------------------------------------------------------------------------
/version3/settings.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | #define Token_List_Node_Count 1000
 3 | #define BUFSIZE 4096
 4 | #define BUF_SIZE 4096
 5 | #define PROCNAME_CHAR_COUNT 260
 6 | #define DOMAIN_CHAR_COUNT 100
 7 | #define USERNAME_CHAR_COUNT 50
 8 | #define TOKENLIST_NODE_COUNT 1000
 9 | #define USER_LIST_COUNT 10
10 | 
11 | #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
12 | #define STATUS_INFO_LENGTH_MISMATCH             ((NTSTATUS)0xC0000004L)
13 | #define STATUS_BUFFER_OVERFLOW                  ((NTSTATUS)0x80000005L)
14 | #define NT_SUCCESS(x) ((x)>=0)
15 | #define STATUS_NO_TOKEN 0xC000007C
16 | 
17 | 


--------------------------------------------------------------------------------
/version1/TokenUtils.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | #include <windows.h>
 3 | #include <assert.h>
 4 | #pragma comment(lib, "advapi32.lib")
 5 | #pragma comment(lib,"user32.lib") 
 6 | #include <tchar.h>
 7 | #include <stdio.h>
 8 | #include <tlhelp32.h>
 9 | #include <iostream>
10 | #include "psapi.h"
11 | #include <string>
12 | #include <NTSecAPI.h>
13 | #include <string>
14 | #define BUF_SIZE 4096
15 | #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
16 | 
17 | #pragma comment(lib,"Secur32.lib")
18 | #include "getopt.h"
19 | #include "logonSession.h"
20 | 
21 | 
22 | VOID GetSessionData(PLUID);
23 | DWORD GetThreadListFromPid(DWORD dwOwnerPID, DWORD** pThreadList);
24 | BOOL GetInfoFromTid(DWORD tid);


--------------------------------------------------------------------------------
/version3/.vscode/c_cpp_properties.json:
--------------------------------------------------------------------------------
 1 | {
 2 |     "configurations": [
 3 |         {
 4 |             "name": "Win32",
 5 |             "includePath": [
 6 |                 "${workspaceFolder}/**"
 7 |             ],
 8 |             "defines": [
 9 |                 "_DEBUG",
10 |                 "UNICODE",
11 |                 "_UNICODE"
12 |             ],
13 |             "windowsSdkVersion": "10.0.17763.0",
14 |             "compilerPath": "C:/Program Files (x86)/Microsoft Visual Studio/2017/BuildTools/VC/Tools/MSVC/14.16.27023/bin/Hostx64/x64/cl.exe",
15 |             "cStandard": "c17",
16 |             "cppStandard": "c++17",
17 |             "intelliSenseMode": "windows-msvc-x64"
18 |         }
19 |     ],
20 |     "version": 4
21 | }


--------------------------------------------------------------------------------
/version3/TokenUtil.vcxproj.user:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <PropertyGroup>
 4 |     <ShowAllFiles>false</ShowAllFiles>
 5 |   </PropertyGroup>
 6 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 7 |     <LocalDebuggerCommandArguments>ListTokens</LocalDebuggerCommandArguments>
 8 |     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
 9 |   </PropertyGroup>
10 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
11 |     <LocalDebuggerCommandArguments>Execute -e "whoami"</LocalDebuggerCommandArguments>
12 |     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
13 |   </PropertyGroup>
14 | </Project>


--------------------------------------------------------------------------------
/version1/getopt.cpp:
--------------------------------------------------------------------------------
 1 | #include "getopt.h"
 2 | #include <windows.h>
 3 | #include <tchar.h>
 4 | #include <stdio.h>
 5 | 
 6 | TCHAR* optarg = NULL;
 7 | int optind = 1;
 8 | 
 9 | int getopt(int argc, TCHAR* const argv[], const char* optstring)
10 | {
11 |     if ((optind >= argc) || (argv[optind][0] != '-') || (argv[optind][0] == 0))
12 |     {
13 |         return -1;
14 |     }
15 | 
16 |     int opt = argv[optind][1];
17 |     const char* p = strchr(optstring, opt);
18 | 
19 |     if (p == NULL)
20 |     {
21 |         return '?';
22 |     }
23 |     //wcscpy_s(optarg,_countof(L"no"),L"no");
24 |     //_tcscpy(optarg, L"no");
25 |     if (p[1] == ':')
26 |     {
27 |         optind++;
28 |         if (optind >= argc)
29 |         {
30 |             return '?';
31 |         }
32 |         optarg = argv[optind];
33 |     }
34 |     optind++;
35 |     return opt;
36 | }


--------------------------------------------------------------------------------
/version2/getopt.cpp:
--------------------------------------------------------------------------------
 1 | #include "getopt.h"
 2 | #include <windows.h>
 3 | #include <tchar.h>
 4 | #include <stdio.h>
 5 | 
 6 | TCHAR* optarg = NULL;
 7 | int optind = 1;
 8 | 
 9 | int getopt(int argc, TCHAR* const argv[], const char* optstring)
10 | {
11 |     if ((optind >= argc) || (argv[optind][0] != '-') || (argv[optind][0] == 0))
12 |     {
13 |         return -1;
14 |     }
15 | 
16 |     int opt = argv[optind][1];
17 |     const char* p = strchr(optstring, opt);
18 | 
19 |     if (p == NULL)
20 |     {
21 |         return '?';
22 |     }
23 |     //wcscpy_s(optarg,_countof(L"no"),L"no");
24 |     //_tcscpy(optarg, L"no");
25 |     if (p[1] == ':')
26 |     {
27 |         optind++;
28 |         if (optind >= argc)
29 |         {
30 |             return '?';
31 |         }
32 |         optarg = argv[optind];
33 |     }
34 |     optind++;
35 |     return opt;
36 | }


--------------------------------------------------------------------------------
/version3/getopt.cpp:
--------------------------------------------------------------------------------
 1 | #include "getopt.h"
 2 | #include <windows.h>
 3 | #include <tchar.h>
 4 | #include <stdio.h>
 5 | 
 6 | TCHAR* optarg = NULL;
 7 | int optind = 1;
 8 | 
 9 | int getopt(int argc, TCHAR* const argv[], const char* optstring)
10 | {
11 |     if ((optind >= argc) || (argv[optind][0] != '-') || (argv[optind][0] == 0))
12 |     {
13 |         return -1;
14 |     }
15 | 
16 |     int opt = argv[optind][1];
17 |     const char* p = strchr(optstring, opt);
18 | 
19 |     if (p == NULL)
20 |     {
21 |         return '?';
22 |     }
23 |     //wcscpy_s(optarg,_countof(L"no"),L"no");
24 |     //_tcscpy(optarg, L"no");
25 |     if (p[1] == ':')
26 |     {
27 |         optind++;
28 |         if (optind >= argc)
29 |         {
30 |             return '?';
31 |         }
32 |         optarg = argv[optind];
33 |     }
34 |     optind++;
35 |     return opt;
36 | }


--------------------------------------------------------------------------------
/version2/test.vcxproj.user:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 4 |     <LocalDebuggerCommandArguments> -p 1352</LocalDebuggerCommandArguments>
 5 |     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
 6 |   </PropertyGroup>
 7 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 8 |     <LocalDebuggerCommandArguments>-p ALL</LocalDebuggerCommandArguments>
 9 |     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
10 |   </PropertyGroup>
11 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
12 |     <LocalDebuggerCommandArguments>-p 9484</LocalDebuggerCommandArguments>
13 |     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
14 |   </PropertyGroup>
15 | </Project>


--------------------------------------------------------------------------------
/version3/Execute.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | #include <tchar.h>
 3 | #include <windows.h>
 4 | #include "TokenInforUtil.h"
 5 | #include "settings.h"
 6 | #include <stdio.h>
 7 | 
 8 | static HANDLE hChildStdinRd, hChildStdinWr, hChildStdoutRd, hChildStdoutWr, hStdout;
 9 | 
10 | class Execute
11 | {
12 | public:
13 | 	static BOOL ExecuteWithToken(HANDLE hToken,TCHAR* tCommand,BOOL bConsoleMode);
14 | 	static BOOL ExecuteMain(TCHAR* tUsername, DWORD dwPid,TCHAR* tCommand, BOOL bConsoleMode);
15 | 	static void CreateProcessWithPipeComm(HANDLE token, TCHAR* command);
16 | 	static void CreateChildProcess(HANDLE token, TCHAR* command, PROCESS_INFORMATION* piProcInfo);
17 | 	static DWORD WINAPI ReadFromPipe(LPVOID p);
18 | 	static DWORD WINAPI WriteToPipe(LPVOID p);
19 | 	static BOOL output_counted_string(char* string, DWORD dwRead);
20 | 	static BOOL read_counted_input(char* string, int string_size, DWORD* dwRead);
21 | 	static void create_process(HANDLE token, TCHAR* command, BOOL console_mode, SECURITY_IMPERSONATION_LEVEL impersonation_level);
22 | };
23 | 


--------------------------------------------------------------------------------
/version1/test.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio Version 16
 4 | VisualStudioVersion = 16.0.30503.244
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "AccessToken", "test.vcxproj", "{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}"
 7 | EndProject
 8 | Global
 9 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | 		Debug|x64 = Debug|x64
11 | 		Debug|x86 = Debug|x86
12 | 		Release|x64 = Release|x64
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Debug|x64.ActiveCfg = Debug|x64
17 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Debug|x64.Build.0 = Debug|x64
18 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Debug|x86.ActiveCfg = Debug|Win32
19 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Debug|x86.Build.0 = Debug|Win32
20 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Release|x64.ActiveCfg = Release|x64
21 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Release|x64.Build.0 = Release|x64
22 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Release|x86.ActiveCfg = Release|Win32
23 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Release|x86.Build.0 = Release|Win32
24 | 	EndGlobalSection
25 | 	GlobalSection(SolutionProperties) = preSolution
26 | 		HideSolutionNode = FALSE
27 | 	EndGlobalSection
28 | 	GlobalSection(ExtensibilityGlobals) = postSolution
29 | 		SolutionGuid = {6BF62FA9-797E-467A-828E-B2A4200E4FA0}
30 | 	EndGlobalSection
31 | EndGlobal
32 | 


--------------------------------------------------------------------------------
/version2/test.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio Version 16
 4 | VisualStudioVersion = 16.0.30503.244
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "AccessToken", "test.vcxproj", "{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}"
 7 | EndProject
 8 | Global
 9 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | 		Debug|x64 = Debug|x64
11 | 		Debug|x86 = Debug|x86
12 | 		Release|x64 = Release|x64
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Debug|x64.ActiveCfg = Debug|x64
17 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Debug|x64.Build.0 = Debug|x64
18 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Debug|x86.ActiveCfg = Debug|Win32
19 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Debug|x86.Build.0 = Debug|Win32
20 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Release|x64.ActiveCfg = Release|x64
21 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Release|x64.Build.0 = Release|x64
22 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Release|x86.ActiveCfg = Release|Win32
23 | 		{C2D1147C-E86B-48FF-8EC7-D7FC4B2068CD}.Release|x86.Build.0 = Release|Win32
24 | 	EndGlobalSection
25 | 	GlobalSection(SolutionProperties) = preSolution
26 | 		HideSolutionNode = FALSE
27 | 	EndGlobalSection
28 | 	GlobalSection(ExtensibilityGlobals) = postSolution
29 | 		SolutionGuid = {6BF62FA9-797E-467A-828E-B2A4200E4FA0}
30 | 	EndGlobalSection
31 | EndGlobal
32 | 


--------------------------------------------------------------------------------
/version3/TokenUtil.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio Version 16
 4 | VisualStudioVersion = 16.0.30503.244
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "TokenUtil", "TokenUtil.vcxproj", "{424BCF0A-2042-41F8-9D97-B59A2DEC5853}"
 7 | EndProject
 8 | Global
 9 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | 		Debug|x64 = Debug|x64
11 | 		Debug|x86 = Debug|x86
12 | 		Release|x64 = Release|x64
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{424BCF0A-2042-41F8-9D97-B59A2DEC5853}.Debug|x64.ActiveCfg = Debug|x64
17 | 		{424BCF0A-2042-41F8-9D97-B59A2DEC5853}.Debug|x64.Build.0 = Debug|x64
18 | 		{424BCF0A-2042-41F8-9D97-B59A2DEC5853}.Debug|x86.ActiveCfg = Debug|Win32
19 | 		{424BCF0A-2042-41F8-9D97-B59A2DEC5853}.Debug|x86.Build.0 = Debug|Win32
20 | 		{424BCF0A-2042-41F8-9D97-B59A2DEC5853}.Release|x64.ActiveCfg = Release|x64
21 | 		{424BCF0A-2042-41F8-9D97-B59A2DEC5853}.Release|x64.Build.0 = Release|x64
22 | 		{424BCF0A-2042-41F8-9D97-B59A2DEC5853}.Release|x86.ActiveCfg = Release|Win32
23 | 		{424BCF0A-2042-41F8-9D97-B59A2DEC5853}.Release|x86.Build.0 = Release|Win32
24 | 	EndGlobalSection
25 | 	GlobalSection(SolutionProperties) = preSolution
26 | 		HideSolutionNode = FALSE
27 | 	EndGlobalSection
28 | 	GlobalSection(ExtensibilityGlobals) = postSolution
29 | 		SolutionGuid = {1353E5A2-5284-45DF-B71C-E32703B8488D}
30 | 	EndGlobalSection
31 | EndGlobal
32 | 


--------------------------------------------------------------------------------
/version2/test.vcxproj.filters:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <ItemGroup>
 4 |     <Filter Include="源文件">
 5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
 6 |       <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
 7 |     </Filter>
 8 |     <Filter Include="头文件">
 9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
10 |       <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
11 |     </Filter>
12 |     <Filter Include="资源文件">
13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
15 |     </Filter>
16 |   </ItemGroup>
17 |   <ItemGroup>
18 |     <ClCompile Include="getopt.cpp">
19 |       <Filter>源文件</Filter>
20 |     </ClCompile>
21 |     <ClCompile Include="TokenUtils.cpp">
22 |       <Filter>源文件</Filter>
23 |     </ClCompile>
24 |     <ClCompile Include="logonSession.cpp">
25 |       <Filter>源文件</Filter>
26 |     </ClCompile>
27 |   </ItemGroup>
28 |   <ItemGroup>
29 |     <ClInclude Include="getopt.h">
30 |       <Filter>头文件</Filter>
31 |     </ClInclude>
32 |     <ClInclude Include="logonSession.h">
33 |       <Filter>头文件</Filter>
34 |     </ClInclude>
35 |     <ClInclude Include="TokenUtils.h">
36 |       <Filter>头文件</Filter>
37 |     </ClInclude>
38 |   </ItemGroup>
39 | </Project>


--------------------------------------------------------------------------------
/version1/test.vcxproj.filters:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <ItemGroup>
 4 |     <Filter Include="源文件">
 5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
 6 |       <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
 7 |     </Filter>
 8 |     <Filter Include="头文件">
 9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
10 |       <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
11 |     </Filter>
12 |     <Filter Include="资源文件">
13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
15 |     </Filter>
16 |   </ItemGroup>
17 |   <ItemGroup>
18 |     <ClCompile Include="getopt.cpp">
19 |       <Filter>源文件</Filter>
20 |     </ClCompile>
21 |     <ClCompile Include="TokenUtils.cpp">
22 |       <Filter>源文件</Filter>
23 |     </ClCompile>
24 |     <ClCompile Include="logonSession.cpp">
25 |       <Filter>源文件</Filter>
26 |     </ClCompile>
27 |     <ClCompile Include="tidtest.cpp">
28 |       <Filter>源文件</Filter>
29 |     </ClCompile>
30 |   </ItemGroup>
31 |   <ItemGroup>
32 |     <ClInclude Include="getopt.h">
33 |       <Filter>头文件</Filter>
34 |     </ClInclude>
35 |     <ClInclude Include="logonSession.h">
36 |       <Filter>头文件</Filter>
37 |     </ClInclude>
38 |     <ClInclude Include="TokenUtils.h">
39 |       <Filter>头文件</Filter>
40 |     </ClInclude>
41 |     <ClInclude Include="tidtest.h">
42 |       <Filter>头文件</Filter>
43 |     </ClInclude>
44 |   </ItemGroup>
45 | </Project>


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | ## 0x01 前言
 2 | 详见[Zer0ne安全研究]公众号
 3 | ## 0x02 介绍
 4 | 本工具参考incognito的代码进行编写，完成了获取token和以某token执行命令两个功能。
 5 | 
 6 | 在获取系统上所有token的时候，incognito工具使用NtQuerySystemInformation微软未公开API获取系统上所有的进程，然后再获取该进程上句柄表中的每一个句柄，判断是不是token句柄，若是则保存。
 7 | JCTokenUtils工具同样使用NtQuerySystemInformation微软未公开API，不过是直接获取系统上所有的句柄，之后判断是不是token句柄，若是则保存。由于句柄表中没有保存进程自身的主令牌，因而会使用OpenProcessTokenAPI获取并保存进程的主令牌。
 8 | 以某个令牌执行命令，本工具基本参照incognito工具编写，没有区别。
 9 | ## 0x03 使用
10 | ### 0x0301 命令介绍
11 | ```shell
12 | Usage: TokenUtil.exe <module> [OPTION]
13 | 
14 | [MODULE]
15 |         ListTokens
16 | [OPTION]
17 |         -p <pid>: 列出某个进程中的令牌
18 |         -P <procName>: 列出某个进程的令牌
19 |         -u <username>: 列出某个用户的令牌
20 |         -v : 详细模式 // 不加-v，每个用户只输出一次
21 | 
22 | example:
23 |         TokenUtils.exe ListTokens -u "NT AUTHORITY\SYSTEM"
24 |         TokenUtils.exe ListTokens -P "cmd"
25 |         TokenUtils.exe ListTokens -P "cmd" -u "NT AUTHORITY\SYSTEM"
26 | 
27 | [MODULE]
28 |         Execute
29 | [OPTION]
30 |         -p <pid>: 以指定pid的token执行命令
31 |         -u <username>: 以某个用户执行命令，与-e <command>结合使用
32 |         -e <command> : 执行命令
33 |         -c: 是否在当前终端下执行
34 |         -v : 详细模式
35 | 
36 | example:
37 |         TokenUtils.exe Execute -p <pid> -e whoami -c
38 |         TokenUtils.exe Execute -u "NT AUTHORITY\SYSTEM" -e whoami -c
39 |         TokenUtils.exe Execute -p <pid> -u "NT AUTHORITY\SYSTEM" -e whoami -c
40 | ```
41 | ### 0x0302 使用说明
42 | 
43 | 	◊ -P -u参数值大小写敏感
44 | 	◊ 同时使用-P -u参数表示同时满足两个条件
45 | 	◊ 获取token时同一个用户只输出一次，使用-v参数，则输出所有用户
46 | ### 0x0303 使用效果
47 | `TokenUtil.exe ListTokens -u jerrybird`
48 | ![](img/1.png)
49 | `TokenUtils.exe ListTokens -u jerrybird -v`
50 | ![](img/2.png)
51 | `TokenUtil.exe Execute -u "DESKTOP-UIK8D53\test" -e cmd -c`
52 | ![](img/3.png)
53 | 
54 | 


--------------------------------------------------------------------------------
/version3/TokenUtil.vcxproj.filters:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <ItemGroup>
 4 |     <Filter Include="源文件">
 5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
 6 |       <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
 7 |     </Filter>
 8 |     <Filter Include="头文件">
 9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
10 |       <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
11 |     </Filter>
12 |     <Filter Include="资源文件">
13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
15 |     </Filter>
16 |   </ItemGroup>
17 |   <ItemGroup>
18 |     <ClCompile Include="TokenUtil.cpp">
19 |       <Filter>源文件</Filter>
20 |     </ClCompile>
21 |     <ClCompile Include="getopt.cpp">
22 |       <Filter>源文件</Filter>
23 |     </ClCompile>
24 |     <ClCompile Include="Helper.cpp">
25 |       <Filter>源文件</Filter>
26 |     </ClCompile>
27 |     <ClCompile Include="TokenInforUtil.cpp">
28 |       <Filter>源文件</Filter>
29 |     </ClCompile>
30 |     <ClCompile Include="ProcessInforUtil.cpp">
31 |       <Filter>源文件</Filter>
32 |     </ClCompile>
33 |     <ClCompile Include="Execute.cpp">
34 |       <Filter>源文件</Filter>
35 |     </ClCompile>
36 |     <ClCompile Include="ListTokens.cpp">
37 |       <Filter>源文件</Filter>
38 |     </ClCompile>
39 |   </ItemGroup>
40 |   <ItemGroup>
41 |     <ClInclude Include="getopt.h">
42 |       <Filter>头文件</Filter>
43 |     </ClInclude>
44 |     <ClInclude Include="Helper.h">
45 |       <Filter>头文件</Filter>
46 |     </ClInclude>
47 |     <ClInclude Include="TokenUtil.h">
48 |       <Filter>头文件</Filter>
49 |     </ClInclude>
50 |     <ClInclude Include="TokenInforUtil.h">
51 |       <Filter>头文件</Filter>
52 |     </ClInclude>
53 |     <ClInclude Include="ProcessInforUtil.h">
54 |       <Filter>头文件</Filter>
55 |     </ClInclude>
56 |     <ClInclude Include="Execute.h">
57 |       <Filter>头文件</Filter>
58 |     </ClInclude>
59 |     <ClInclude Include="settings.h">
60 |       <Filter>头文件</Filter>
61 |     </ClInclude>
62 |     <ClInclude Include="StructureInfo.h">
63 |       <Filter>头文件</Filter>
64 |     </ClInclude>
65 |     <ClInclude Include="ListTokens.h">
66 |       <Filter>头文件</Filter>
67 |     </ClInclude>
68 |   </ItemGroup>
69 | </Project>


--------------------------------------------------------------------------------
/version1/tidtest.cpp:
--------------------------------------------------------------------------------
  1 | #include <Windows.h>
  2 | #include <stdio.h>
  3 | #include <tchar.h>
  4 | #include <psapi.h>
  5 | #include <locale.h>
  6 | #include <iostream>
  7 | #pragma	comment(lib,"psapi.lib")
  8 | 
  9 | 
 10 | typedef enum _THREADINFOCLASS {
 11 |     ThreadBasicInformation,
 12 |     ThreadTimes,
 13 |     ThreadPriority,
 14 |     ThreadBasePriority,
 15 |     ThreadAffinityMask,
 16 |     ThreadImpersonationToken,
 17 |     ThreadDescriptorTableEntry,
 18 |     ThreadEnableAlignmentFaultFixup,
 19 |     ThreadEventPair_Reusable,
 20 |     ThreadQuerySetWin32StartAddress,
 21 |     ThreadZeroTlsCell,
 22 |     ThreadPerformanceCount,
 23 |     ThreadAmILastThread,
 24 |     ThreadIdealProcessor,
 25 |     ThreadPriorityBoost,
 26 |     ThreadSetTlsArrayAddress,
 27 |     ThreadIsIoPending,
 28 |     ThreadHideFromDebugger,
 29 |     ThreadBreakOnTermination,
 30 |     MaxThreadInfoClass
 31 | } THREADINFOCLASS;
 32 | typedef struct _CLIENT_ID {
 33 |     HANDLE UniqueProcess;
 34 |     HANDLE UniqueThread;
 35 | } CLIENT_ID;
 36 | typedef CLIENT_ID* PCLIENT_ID;
 37 | typedef struct _THREAD_BASIC_INFORMATION { // Information Class 0
 38 |     LONG ExitStatus;
 39 |     PVOID TebBaseAddress;
 40 |     CLIENT_ID ClientId;
 41 |     LONG AffinityMask;
 42 |     LONG Priority;
 43 |     LONG BasePriority;
 44 | } THREAD_BASIC_INFORMATION, * PTHREAD_BASIC_INFORMATION;
 45 | extern "C" LONG(__stdcall * ZwQueryInformationThread) (
 46 |     IN HANDLE ThreadHandle,
 47 |     IN THREADINFOCLASS ThreadInformationClass,
 48 |     OUT PVOID ThreadInformation,
 49 |     IN ULONG ThreadInformationLength,
 50 |     OUT PULONG ReturnLength OPTIONAL
 51 |     ) = NULL;
 52 | 
 53 | int getPIDFromTid(DWORD dwThreadId) {
 54 |     setlocale(LC_ALL, ".ACP");
 55 |     HINSTANCE hNTDLL = ::GetModuleHandle(TEXT("ntdll"));
 56 |     (FARPROC&)ZwQueryInformationThread = ::GetProcAddress(hNTDLL, "ZwQueryInformationThread");
 57 |     THREAD_BASIC_INFORMATION    tbi;
 58 |     PVOID                       startaddr;
 59 |     LONG                        status;
 60 |     HANDLE                      thread, process;
 61 |     // DWORD dwThreadId = 3840;
 62 |     //thread = ::OpenThread(THREAD_ALL_ACCESS, FALSE, dwThreadId);
 63 |     thread = ::OpenThread(THREAD_QUERY_INFORMATION, FALSE, dwThreadId);
 64 | 
 65 |     DWORD error;
 66 |     if (NULL == thread) {
 67 |         thread = OpenThread(THREAD_QUERY_LIMITED_INFORMATION, TRUE, dwThreadId);
 68 |         if (thread == NULL) {
 69 |             error = ::GetLastError();
 70 |             SetLastError(error);
 71 |             std::cout << "\t打开线程失败，ERROR:" << error << std::endl;
 72 |             return FALSE;
 73 |         }
 74 |     }
 75 |     //error = GetLastError();
 76 |     //if (thread == NULL)
 77 |     //{
 78 |     //    printf("\tcannot open thread handle\n");
 79 |     //    std::cout << "\tError: " << error << std::endl;
 80 |     //    return FALSE;
 81 |     //}
 82 |     status = ZwQueryInformationThread(thread, ThreadQuerySetWin32StartAddress, &startaddr, sizeof(startaddr), NULL);
 83 |     error = ::GetLastError();
 84 |     
 85 |     if (status < 0)
 86 |     {
 87 |         CloseHandle(thread);
 88 |         SetLastError(error);
 89 |         std::cout << "\tZwQueryInformationThread失败,ERROR:" << error <<  std::endl;
 90 |         //printf("\tcannot get status1\n");
 91 |         return FALSE;
 92 |     };
 93 |     //printf("线程 %08x 的起始地址为 %p\n", dwThreadId, startaddr);
 94 |     status = ZwQueryInformationThread(thread,
 95 |         ThreadBasicInformation,
 96 |         &tbi,
 97 |         sizeof(tbi),
 98 |         NULL);
 99 |     if (status < 0)
100 |     {
101 |         CloseHandle(thread);
102 |         printf("cannot get status2\n");
103 |         return FALSE;
104 |     };
105 |    // printf("线程 %08d 所在进程ID为 %08d\n", dwThreadId, (DWORD)tbi.ClientId.UniqueProcess);
106 |     process = ::OpenProcess(PROCESS_ALL_ACCESS,
107 |         FALSE,
108 |         (DWORD)tbi.ClientId.UniqueProcess);
109 |     if (process == NULL)
110 |     {
111 |         DWORD error = ::GetLastError();
112 |         CloseHandle(thread);
113 |         SetLastError(error);
114 |         return FALSE;
115 |     };
116 |     TCHAR modname[0x100];
117 |     ::GetModuleFileNameEx(process, NULL, modname, 0x100);
118 |     //printf("线程 %08x 所在进程映象为 %S\n", dwThreadId, modname);
119 |     GetMappedFileName(process,
120 |         startaddr,
121 |         modname,
122 |         0x100);
123 |     /*std::string stName(pName);
124 |     std::string stModName(modname);
125 |     if (stModName.find(stName) != std::string::npos)
126 |     {
127 |         printf("线程 %08x 可执行代码所在模块为 %s\n", dwThreadId, modname);
128 |         ret = TRUE;
129 |     }*/
130 |     CloseHandle(process);
131 |     CloseHandle(thread);
132 | 
133 |     return (DWORD)tbi.ClientId.UniqueProcess;
134 | 
135 | }


--------------------------------------------------------------------------------
/version1/test.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <VCProjectVersion>16.0</VCProjectVersion>
 23 |     <Keyword>Win32Proj</Keyword>
 24 |     <ProjectGuid>{c2d1147c-e86b-48ff-8ec7-d7fc4b2068cd}</ProjectGuid>
 25 |     <RootNamespace>test</RootNamespace>
 26 |     <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
 27 |     <TargetFrameworkVersion>
 28 |     </TargetFrameworkVersion>
 29 |     <ProjectName>AccessToken</ProjectName>
 30 |   </PropertyGroup>
 31 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 32 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 33 |     <ConfigurationType>Application</ConfigurationType>
 34 |     <UseDebugLibraries>true</UseDebugLibraries>
 35 |     <PlatformToolset>v142</PlatformToolset>
 36 |     <CharacterSet>Unicode</CharacterSet>
 37 |   </PropertyGroup>
 38 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 39 |     <ConfigurationType>Application</ConfigurationType>
 40 |     <UseDebugLibraries>false</UseDebugLibraries>
 41 |     <PlatformToolset>v142</PlatformToolset>
 42 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 43 |     <CharacterSet>Unicode</CharacterSet>
 44 |     <UseOfMfc>false</UseOfMfc>
 45 |   </PropertyGroup>
 46 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 47 |     <ConfigurationType>Application</ConfigurationType>
 48 |     <UseDebugLibraries>true</UseDebugLibraries>
 49 |     <PlatformToolset>v142</PlatformToolset>
 50 |     <CharacterSet>Unicode</CharacterSet>
 51 |   </PropertyGroup>
 52 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 53 |     <ConfigurationType>Application</ConfigurationType>
 54 |     <UseDebugLibraries>false</UseDebugLibraries>
 55 |     <PlatformToolset>v142</PlatformToolset>
 56 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 57 |     <CharacterSet>Unicode</CharacterSet>
 58 |   </PropertyGroup>
 59 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 60 |   <ImportGroup Label="ExtensionSettings">
 61 |   </ImportGroup>
 62 |   <ImportGroup Label="Shared">
 63 |   </ImportGroup>
 64 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 65 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 66 |   </ImportGroup>
 67 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 68 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 69 |   </ImportGroup>
 70 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 71 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 72 |   </ImportGroup>
 73 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 74 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 75 |   </ImportGroup>
 76 |   <PropertyGroup Label="UserMacros" />
 77 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 78 |     <LinkIncremental>true</LinkIncremental>
 79 |   </PropertyGroup>
 80 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 81 |     <LinkIncremental>false</LinkIncremental>
 82 |     <CopyLocalDebugSymbols>false</CopyLocalDebugSymbols>
 83 |   </PropertyGroup>
 84 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 85 |     <LinkIncremental>true</LinkIncremental>
 86 |   </PropertyGroup>
 87 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 88 |     <LinkIncremental>false</LinkIncremental>
 89 |   </PropertyGroup>
 90 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 91 |     <ClCompile>
 92 |       <WarningLevel>Level3</WarningLevel>
 93 |       <SDLCheck>true</SDLCheck>
 94 |       <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 95 |       <ConformanceMode>true</ConformanceMode>
 96 |     </ClCompile>
 97 |     <Link>
 98 |       <SubSystem>Console</SubSystem>
 99 |       <GenerateDebugInformation>true</GenerateDebugInformation>
100 |     </Link>
101 |   </ItemDefinitionGroup>
102 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
103 |     <ClCompile>
104 |       <WarningLevel>Level3</WarningLevel>
105 |       <FunctionLevelLinking>true</FunctionLevelLinking>
106 |       <IntrinsicFunctions>true</IntrinsicFunctions>
107 |       <SDLCheck>false</SDLCheck>
108 |       <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
109 |       <ConformanceMode>true</ConformanceMode>
110 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
111 |     </ClCompile>
112 |     <Link>
113 |       <SubSystem>Console</SubSystem>
114 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
115 |       <OptimizeReferences>true</OptimizeReferences>
116 |       <GenerateDebugInformation>true</GenerateDebugInformation>
117 |       <UACExecutionLevel>RequireAdministrator</UACExecutionLevel>
118 |       <UACUIAccess>false</UACUIAccess>
119 |     </Link>
120 |   </ItemDefinitionGroup>
121 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
122 |     <ClCompile>
123 |       <WarningLevel>Level3</WarningLevel>
124 |       <SDLCheck>false</SDLCheck>
125 |       <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
126 |       <ConformanceMode>true</ConformanceMode>
127 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
128 |     </ClCompile>
129 |     <Link>
130 |       <SubSystem>Console</SubSystem>
131 |       <GenerateDebugInformation>true</GenerateDebugInformation>
132 |     </Link>
133 |   </ItemDefinitionGroup>
134 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
135 |     <ClCompile>
136 |       <WarningLevel>Level3</WarningLevel>
137 |       <FunctionLevelLinking>true</FunctionLevelLinking>
138 |       <IntrinsicFunctions>true</IntrinsicFunctions>
139 |       <SDLCheck>true</SDLCheck>
140 |       <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
141 |       <ConformanceMode>true</ConformanceMode>
142 |     </ClCompile>
143 |     <Link>
144 |       <SubSystem>Console</SubSystem>
145 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
146 |       <OptimizeReferences>true</OptimizeReferences>
147 |       <GenerateDebugInformation>true</GenerateDebugInformation>
148 |     </Link>
149 |   </ItemDefinitionGroup>
150 |   <ItemGroup>
151 |     <ClCompile Include="getopt.cpp" />
152 |     <ClCompile Include="logonSession.cpp" />
153 |     <ClCompile Include="tidtest.cpp" />
154 |     <ClCompile Include="TokenUtils.cpp" />
155 |   </ItemGroup>
156 |   <ItemGroup>
157 |     <ClInclude Include="getopt.h" />
158 |     <ClInclude Include="logonSession.h" />
159 |     <ClInclude Include="tidtest.h" />
160 |     <ClInclude Include="TokenUtils.h" />
161 |   </ItemGroup>
162 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
163 |   <ImportGroup Label="ExtensionTargets">
164 |   </ImportGroup>
165 | </Project>


--------------------------------------------------------------------------------
/version2/test.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <VCProjectVersion>16.0</VCProjectVersion>
 23 |     <Keyword>Win32Proj</Keyword>
 24 |     <ProjectGuid>{c2d1147c-e86b-48ff-8ec7-d7fc4b2068cd}</ProjectGuid>
 25 |     <RootNamespace>test</RootNamespace>
 26 |     <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
 27 |     <TargetFrameworkVersion>
 28 |     </TargetFrameworkVersion>
 29 |     <ProjectName>AccessToken</ProjectName>
 30 |   </PropertyGroup>
 31 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 32 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 33 |     <ConfigurationType>Application</ConfigurationType>
 34 |     <UseDebugLibraries>true</UseDebugLibraries>
 35 |     <PlatformToolset>v142</PlatformToolset>
 36 |     <CharacterSet>Unicode</CharacterSet>
 37 |   </PropertyGroup>
 38 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 39 |     <ConfigurationType>Application</ConfigurationType>
 40 |     <UseDebugLibraries>false</UseDebugLibraries>
 41 |     <PlatformToolset>v142</PlatformToolset>
 42 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 43 |     <CharacterSet>Unicode</CharacterSet>
 44 |     <UseOfMfc>false</UseOfMfc>
 45 |   </PropertyGroup>
 46 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 47 |     <ConfigurationType>Application</ConfigurationType>
 48 |     <UseDebugLibraries>true</UseDebugLibraries>
 49 |     <PlatformToolset>v142</PlatformToolset>
 50 |     <CharacterSet>Unicode</CharacterSet>
 51 |   </PropertyGroup>
 52 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 53 |     <ConfigurationType>Application</ConfigurationType>
 54 |     <UseDebugLibraries>false</UseDebugLibraries>
 55 |     <PlatformToolset>v142</PlatformToolset>
 56 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 57 |     <CharacterSet>Unicode</CharacterSet>
 58 |   </PropertyGroup>
 59 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 60 |   <ImportGroup Label="ExtensionSettings">
 61 |   </ImportGroup>
 62 |   <ImportGroup Label="Shared">
 63 |   </ImportGroup>
 64 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 65 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 66 |   </ImportGroup>
 67 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 68 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 69 |   </ImportGroup>
 70 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 71 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 72 |   </ImportGroup>
 73 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 74 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 75 |   </ImportGroup>
 76 |   <PropertyGroup Label="UserMacros" />
 77 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 78 |     <LinkIncremental>true</LinkIncremental>
 79 |   </PropertyGroup>
 80 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 81 |     <LinkIncremental>false</LinkIncremental>
 82 |     <CopyLocalDebugSymbols>false</CopyLocalDebugSymbols>
 83 |   </PropertyGroup>
 84 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 85 |     <LinkIncremental>true</LinkIncremental>
 86 |   </PropertyGroup>
 87 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 88 |     <LinkIncremental>false</LinkIncremental>
 89 |   </PropertyGroup>
 90 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 91 |     <ClCompile>
 92 |       <WarningLevel>Level3</WarningLevel>
 93 |       <SDLCheck>false</SDLCheck>
 94 |       <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 95 |       <ConformanceMode>true</ConformanceMode>
 96 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
 97 |     </ClCompile>
 98 |     <Link>
 99 |       <SubSystem>Console</SubSystem>
100 |       <GenerateDebugInformation>true</GenerateDebugInformation>
101 |     </Link>
102 |   </ItemDefinitionGroup>
103 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
104 |     <ClCompile>
105 |       <WarningLevel>Level3</WarningLevel>
106 |       <FunctionLevelLinking>true</FunctionLevelLinking>
107 |       <IntrinsicFunctions>true</IntrinsicFunctions>
108 |       <SDLCheck>false</SDLCheck>
109 |       <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
110 |       <ConformanceMode>true</ConformanceMode>
111 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
112 |     </ClCompile>
113 |     <Link>
114 |       <SubSystem>Console</SubSystem>
115 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
116 |       <OptimizeReferences>true</OptimizeReferences>
117 |       <GenerateDebugInformation>true</GenerateDebugInformation>
118 |       <UACExecutionLevel>RequireAdministrator</UACExecutionLevel>
119 |       <UACUIAccess>false</UACUIAccess>
120 |     </Link>
121 |   </ItemDefinitionGroup>
122 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
123 |     <ClCompile>
124 |       <WarningLevel>Level3</WarningLevel>
125 |       <SDLCheck>false</SDLCheck>
126 |       <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
127 |       <ConformanceMode>true</ConformanceMode>
128 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
129 |     </ClCompile>
130 |     <Link>
131 |       <SubSystem>Console</SubSystem>
132 |       <GenerateDebugInformation>true</GenerateDebugInformation>
133 |     </Link>
134 |   </ItemDefinitionGroup>
135 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
136 |     <ClCompile>
137 |       <WarningLevel>Level3</WarningLevel>
138 |       <FunctionLevelLinking>true</FunctionLevelLinking>
139 |       <IntrinsicFunctions>true</IntrinsicFunctions>
140 |       <SDLCheck>false</SDLCheck>
141 |       <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
142 |       <ConformanceMode>true</ConformanceMode>
143 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
144 |     </ClCompile>
145 |     <Link>
146 |       <SubSystem>Console</SubSystem>
147 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
148 |       <OptimizeReferences>true</OptimizeReferences>
149 |       <GenerateDebugInformation>true</GenerateDebugInformation>
150 |     </Link>
151 |   </ItemDefinitionGroup>
152 |   <ItemGroup>
153 |     <ClCompile Include="getopt.cpp" />
154 |     <ClCompile Include="logonSession.cpp" />
155 |     <ClCompile Include="TokenUtils.cpp" />
156 |   </ItemGroup>
157 |   <ItemGroup>
158 |     <ClInclude Include="getopt.h" />
159 |     <ClInclude Include="logonSession.h" />
160 |     <ClInclude Include="TokenUtils.h" />
161 |   </ItemGroup>
162 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
163 |   <ImportGroup Label="ExtensionTargets">
164 |   </ImportGroup>
165 | </Project>


--------------------------------------------------------------------------------
/version3/TokenUtil.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <VCProjectVersion>16.0</VCProjectVersion>
 23 |     <Keyword>Win32Proj</Keyword>
 24 |     <ProjectGuid>{424bcf0a-2042-41f8-9d97-b59a2dec5853}</ProjectGuid>
 25 |     <RootNamespace>TokenUtil</RootNamespace>
 26 |     <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
 27 |   </PropertyGroup>
 28 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 29 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 30 |     <ConfigurationType>Application</ConfigurationType>
 31 |     <UseDebugLibraries>true</UseDebugLibraries>
 32 |     <PlatformToolset>v142</PlatformToolset>
 33 |     <CharacterSet>Unicode</CharacterSet>
 34 |   </PropertyGroup>
 35 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 36 |     <ConfigurationType>Application</ConfigurationType>
 37 |     <UseDebugLibraries>false</UseDebugLibraries>
 38 |     <PlatformToolset>v142</PlatformToolset>
 39 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 40 |     <CharacterSet>Unicode</CharacterSet>
 41 |   </PropertyGroup>
 42 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 43 |     <ConfigurationType>Application</ConfigurationType>
 44 |     <UseDebugLibraries>true</UseDebugLibraries>
 45 |     <PlatformToolset>v142</PlatformToolset>
 46 |     <CharacterSet>Unicode</CharacterSet>
 47 |   </PropertyGroup>
 48 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 49 |     <ConfigurationType>Application</ConfigurationType>
 50 |     <UseDebugLibraries>false</UseDebugLibraries>
 51 |     <PlatformToolset>v142</PlatformToolset>
 52 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 53 |     <CharacterSet>Unicode</CharacterSet>
 54 |   </PropertyGroup>
 55 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 56 |   <ImportGroup Label="ExtensionSettings">
 57 |   </ImportGroup>
 58 |   <ImportGroup Label="Shared">
 59 |   </ImportGroup>
 60 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 61 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 62 |   </ImportGroup>
 63 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 64 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 65 |   </ImportGroup>
 66 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 67 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 68 |   </ImportGroup>
 69 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 70 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 71 |   </ImportGroup>
 72 |   <PropertyGroup Label="UserMacros" />
 73 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 74 |     <LinkIncremental>true</LinkIncremental>
 75 |   </PropertyGroup>
 76 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 77 |     <LinkIncremental>false</LinkIncremental>
 78 |   </PropertyGroup>
 79 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 80 |     <LinkIncremental>true</LinkIncremental>
 81 |   </PropertyGroup>
 82 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 83 |     <LinkIncremental>false</LinkIncremental>
 84 |   </PropertyGroup>
 85 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 86 |     <ClCompile>
 87 |       <WarningLevel>Level3</WarningLevel>
 88 |       <SDLCheck>false</SDLCheck>
 89 |       <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 90 |       <ConformanceMode>true</ConformanceMode>
 91 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
 92 |     </ClCompile>
 93 |     <Link>
 94 |       <SubSystem>Console</SubSystem>
 95 |       <GenerateDebugInformation>true</GenerateDebugInformation>
 96 |     </Link>
 97 |   </ItemDefinitionGroup>
 98 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 99 |     <ClCompile>
100 |       <WarningLevel>Level3</WarningLevel>
101 |       <FunctionLevelLinking>true</FunctionLevelLinking>
102 |       <IntrinsicFunctions>true</IntrinsicFunctions>
103 |       <SDLCheck>true</SDLCheck>
104 |       <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
105 |       <ConformanceMode>true</ConformanceMode>
106 |     </ClCompile>
107 |     <Link>
108 |       <SubSystem>Console</SubSystem>
109 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
110 |       <OptimizeReferences>true</OptimizeReferences>
111 |       <GenerateDebugInformation>true</GenerateDebugInformation>
112 |     </Link>
113 |   </ItemDefinitionGroup>
114 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
115 |     <ClCompile>
116 |       <WarningLevel>Level3</WarningLevel>
117 |       <SDLCheck>false</SDLCheck>
118 |       <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
119 |       <ConformanceMode>true</ConformanceMode>
120 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
121 |     </ClCompile>
122 |     <Link>
123 |       <SubSystem>Console</SubSystem>
124 |       <GenerateDebugInformation>true</GenerateDebugInformation>
125 |       <HeapReserveSize>10</HeapReserveSize>
126 |     </Link>
127 |   </ItemDefinitionGroup>
128 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
129 |     <ClCompile>
130 |       <WarningLevel>Level3</WarningLevel>
131 |       <FunctionLevelLinking>true</FunctionLevelLinking>
132 |       <IntrinsicFunctions>true</IntrinsicFunctions>
133 |       <SDLCheck>false</SDLCheck>
134 |       <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
135 |       <ConformanceMode>true</ConformanceMode>
136 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
137 |     </ClCompile>
138 |     <Link>
139 |       <SubSystem>Console</SubSystem>
140 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
141 |       <OptimizeReferences>true</OptimizeReferences>
142 |       <GenerateDebugInformation>true</GenerateDebugInformation>
143 |     </Link>
144 |   </ItemDefinitionGroup>
145 |   <ItemGroup>
146 |     <ClCompile Include="Execute.cpp" />
147 |     <ClCompile Include="getopt.cpp" />
148 |     <ClCompile Include="Helper.cpp" />
149 |     <ClCompile Include="ListTokens.cpp" />
150 |     <ClCompile Include="ProcessInforUtil.cpp" />
151 |     <ClCompile Include="TokenInforUtil.cpp" />
152 |     <ClCompile Include="TokenUtil.cpp" />
153 |   </ItemGroup>
154 |   <ItemGroup>
155 |     <ClInclude Include="Execute.h" />
156 |     <ClInclude Include="getopt.h" />
157 |     <ClInclude Include="Helper.h" />
158 |     <ClInclude Include="ListTokens.h" />
159 |     <ClInclude Include="ProcessInforUtil.h" />
160 |     <ClInclude Include="settings.h" />
161 |     <ClInclude Include="StructureInfo.h" />
162 |     <ClInclude Include="TokenInforUtil.h" />
163 |     <ClInclude Include="TokenUtil.h" />
164 |   </ItemGroup>
165 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
166 |   <ImportGroup Label="ExtensionTargets">
167 |   </ImportGroup>
168 | </Project>


--------------------------------------------------------------------------------
/version3/TokenUtil.cpp:
--------------------------------------------------------------------------------
  1 | // TokenUtil.cpp : 此文件包含 "main" 函数。程序执行将在此处开始并结束。
  2 | //
  3 | 
  4 | #include <iostream>
  5 | #include <tchar.h>
  6 | #include "TokenUtil.h"
  7 | //#define TOKENLIST_NODE_COUNT 1000
  8 | 
  9 | /*ListTokens*/
 10 | BOOL ListTokens(_TCHAR* tUserName,BOOL bVerbose,DWORD dwPid,TCHAR* tProcName,BOOL bIsVerbose) {
 11 | 	// 声明并开辟空间
 12 | 	TokenList* pTokenList = (TokenList*)calloc(1,sizeof(TokenList));
 13 | 	pTokenList->pTokenListNode = (PTokenListNode)calloc(Token_List_Node_Count, sizeof(TokenListNode));
 14 | 	// token的数量初始为0
 15 | 	pTokenList->dwLength = 0;
 16 | 	TokenInforUtil::GetTokens(pTokenList);
 17 | 	TokenList tokenList = *pTokenList;
 18 | 	
 19 | 	TCHAR** userList = NULL;
 20 | 	userList = (TCHAR**)calloc(USER_LIST_COUNT, sizeof(TCHAR*));
 21 | 	DWORD userListCount = 0;
 22 | 	BOOL userIsInUserList = FALSE;
 23 | 	for (DWORD i = 0; i < tokenList.dwLength; i++) {
 24 | 		if (!bIsVerbose) { // 不详细输出
 25 | 			// 判断用户是否已经输出过一次，若输出过，则跳过进入下一次循环
 26 | 			for (DWORD idx = 0; idx < userListCount; idx++) {
 27 | 				if (_tcscmp(userList[idx], tokenList.pTokenListNode[i].tUserName) == 0) {
 28 | 					userIsInUserList = TRUE;
 29 | 					break;
 30 | 				}
 31 | 			}
 32 | 			if (userIsInUserList) {
 33 | 				userIsInUserList = FALSE;
 34 | 				continue;
 35 | 			}
 36 | 			// 记录已经输出过一次的用户
 37 | 			if (tokenList.pTokenListNode[i].tUserName != nullptr) {
 38 | 				userList[userListCount] = (TCHAR*)calloc(_tcslen(tokenList.pTokenListNode[i].tUserName) + 1, sizeof(TCHAR));
 39 | 				_tcscpy(userList[userListCount], tokenList.pTokenListNode[i].tUserName);
 40 | 				userListCount++;
 41 | 
 42 | 				if ((userListCount % USER_LIST_COUNT) == 0) {
 43 | 					userList = (TCHAR**)realloc(userList, (userListCount / USER_LIST_COUNT + 1) * USER_LIST_COUNT * sizeof(TCHAR*));
 44 | 					memset(userList + userListCount, 0, USER_LIST_COUNT * sizeof(TCHAR*));
 45 | 				}
 46 | 			}
 47 | 		}
 48 | 		
 49 | 		// 若传入了用户名，则判断是否为该令牌的用户名；若不是则跳过，继续循环
 50 | 		//if (tUserName != NULL && tokenList.pTokenListNode[i].tUserName != nullptr && _tcscmp(tokenList.pTokenListNode[i].tUserName, tUserName) != 0) {
 51 | 		if (tUserName != NULL && tokenList.pTokenListNode[i].tUserName != nullptr && _tcsstr(tokenList.pTokenListNode[i].tUserName, tUserName) == NULL) {
 52 | 			continue;
 53 | 		}
 54 | 		// 若传入了进程名字符串，则判断是该令牌的进程名是否包含该字符串；若不包含则跳过，继续循环
 55 | 		if (tProcName != NULL && tokenList.pTokenListNode[i].tProcName != nullptr && _tcsstr(tokenList.pTokenListNode[i].tProcName, tProcName) == NULL) {
 56 | 			continue;
 57 | 		}
 58 | 		// 若传入了进程ID，则判断是否为该令牌的进程ID；若不是则跳过，继续循环
 59 | 		if (dwPid != -1 && tokenList.pTokenListNode[i].dwPID != dwPid) {
 60 | 			continue;
 61 | 		}
 62 | 		printf("PID: %d\n", tokenList.pTokenListNode[i].dwPID);
 63 | 		printf("HandleOffset: 0x%x\n", tokenList.pTokenListNode[i].dwHandleOffset);
 64 | 		printf("LogonID: %08x-%08x\n", tokenList.pTokenListNode[i].luLogonID.HighPart, tokenList.pTokenListNode[i].luLogonID.LowPart);
 65 | 		printf("IL: %d\n", tokenList.pTokenListNode[i].dwIL);
 66 | 		//printf("TokenType: %d\n", tokenList.pTokenListNode[i].dwTokenType);
 67 | 		switch (tokenList.pTokenListNode[i].dwTokenType) {
 68 | 		case 1:
 69 | 			printf("TokenType\t: Primary Token\n");
 70 | 			break;
 71 | 		case 2:
 72 | 			printf("TokenType\t: Impersonation Token\n");
 73 | 			break;
 74 | 		default:
 75 | 			printf("TokenType\t: N/A\n");
 76 | 		}
 77 | 		printf("CanBeImpersonated: %d\n", tokenList.pTokenListNode[i].bCanBeImpersonate);
 78 | 		if (tokenList.pTokenListNode[i].tProcName != nullptr) {
 79 | 			printf("ProcessName: %S\n", tokenList.pTokenListNode[i].tProcName);
 80 | 		}
 81 | 		else {
 82 | 			printf("ProcessName: None\n");
 83 | 		}
 84 | 		if (tokenList.pTokenListNode[i].tUserName != nullptr) {
 85 | 			printf("TokenUser: %S\n", tokenList.pTokenListNode[i].tUserName);
 86 | 		}
 87 | 		else {
 88 | 			printf("TokenUser: None\n");
 89 | 		}
 90 | 		printf("\n");
 91 | 	}
 92 | 	// 释放令牌List
 93 | 	if (pTokenList) {
 94 | 		TokenInforUtil::ReleaseTokenList(pTokenList);
 95 | 		free(pTokenList);
 96 | 		pTokenList = NULL;
 97 | 	}
 98 | 	// 释放userList
 99 | 	if (userList) {
100 | 		for(DWORD idx = 0;idx<userListCount;idx++){
101 | 			free(userList[idx]);
102 | 			userList[idx] = NULL;
103 | 		}
104 | 		free(userList);
105 | 		userList = NULL;
106 | 	}
107 | 	return TRUE;
108 | }
109 | 
110 | 
111 | BOOL HandleArgument(_TCHAR* tModuleArg,DWORD argc,_TCHAR* argv[]) {
112 | 	//_TCHAR* tTmpChr = {};
113 | 	_TCHAR** tArgv;
114 | 	tArgv = (_TCHAR**)calloc(argc - 1,sizeof(_TCHAR*));
115 | 	if (!tArgv) {
116 | 		return FALSE;
117 | 	}
118 | 	for (DWORD i = 1; i < argc; i++) {
119 | 		tArgv[i - 1] = argv[i];
120 | 	}
121 | 	// OPTION
122 | 	char opt;
123 | 	DWORD dwPid = -1;  // -p 进程id
124 | 	TCHAR* tUserName = NULL; // -u 用户名
125 | 	TCHAR* tProcName = NULL; // -P 进程名
126 | 	TCHAR* tCommand = NULL; // -e 命令
127 | 	BOOL bIsVerbose = FALSE; // -v
128 | 	//TCHAR* optStr = NULL;
129 | 	// 判断传进来的是哪一个module
130 | 	if (!_tcscmp(tModuleArg, L"ListTokens")) {
131 | 		// 从命令行获取参数
132 | 		while ((opt = getopt(argc-1, tArgv, "p:P:cvu:")) != -1) {
133 | 			switch (opt) {
134 | 			case 'u':
135 | 				printf("\t%c -> %S\n", opt, optarg);
136 | 				tUserName = (TCHAR*)calloc(_tcslen(optarg)+1, sizeof(TCHAR));
137 | 				_tcscpy(tUserName, optarg);
138 | 				break;
139 | 			case 'p': //列出指定pid或所有进程中的令牌
140 | 				printf("\t%c -> %S\n", opt, optarg);
141 | 				dwPid = _ttoi(optarg);
142 | 				break;
143 | 			case 'P':
144 | 				printf("\t%c -> %S\n", opt, optarg);
145 | 				tProcName = (TCHAR*)calloc(_tcslen(optarg)+1, sizeof(TCHAR));
146 | 				_tcscpy(tProcName, optarg);
147 | 				break;
148 | 			case 'c': //列出当前进程的令牌信息
149 | 				printf("\t%c -> %S\n", opt, optarg);
150 | 				break;
151 | 			case 'v': // 详细输出
152 | 				printf("\t%c -> %S\n", opt, optarg);
153 | 				bIsVerbose = TRUE;
154 | 				break;
155 | 			default: //输出帮助文档
156 | 				Helper::print_usage();
157 | 				goto EXIT;
158 | 			}
159 | 		}
160 | 		// ListTokens
161 | 		ListTokens(tUserName, TRUE,dwPid,tProcName,bIsVerbose);
162 | 	}
163 | 	else if (!_tcscmp(tModuleArg, L"ListLogonSession")) {
164 | 
165 | 	}
166 | 	else if (!_tcscmp(tModuleArg, L"Execute")) {
167 | 		if (argc <= 2) {
168 | 			Helper::print_usage();
169 | 			goto EXIT;
170 | 		}
171 | 		bIsVerbose = FALSE;
172 | 		bConsoleMode = FALSE;
173 | 		// 从命令行获取参数
174 | 		while ((opt = getopt(argc - 1, tArgv, "u:p:e:c")) != -1) {
175 | 			switch (opt) {
176 | 			case 'u': //用户名
177 | 				printf("\t%c -> %S\n", opt, optarg);
178 | 				tUserName = (TCHAR*)calloc(_tcslen(optarg)+1,sizeof(TCHAR));
179 | 				_tcscpy(tUserName, optarg);
180 | 				break;
181 | 			case 'p':
182 | 				printf("\t%c -> %S\n", opt, optarg);
183 | 				dwPid = _ttoi(optarg);
184 | 				break;
185 | 			case 'e': //列出当前进程的令牌信息
186 | 				printf("\t%c -> %S\n", opt, optarg);
187 | 				tCommand = (TCHAR*)calloc(_tcslen(optarg)+1,sizeof(TCHAR));
188 | 				_tcscpy(tCommand, optarg);
189 | 				break;
190 | 			case 'c':
191 | 				printf("\t%c -> 1\n", opt);
192 | 				bConsoleMode = TRUE;
193 | 				break;
194 | 			default: //输出帮助文档
195 | 				Helper::print_usage();
196 | 				goto EXIT;
197 | 			}
198 | 		}
199 | 		// 执行命令
200 | 		Execute::ExecuteMain(tUserName,dwPid,tCommand, bConsoleMode);
201 | 	}
202 | 	else {
203 | 		Helper::print_usage();
204 | 	}
205 | EXIT:
206 | 	//释放创建的TCHAR指针
207 | 	if (tUserName != NULL)
208 | 	{
209 | 		free(tUserName);
210 | 		tUserName = NULL;
211 | 	}
212 | 	if (tProcName != NULL) {
213 | 		free(tProcName);
214 | 		tProcName = NULL;
215 | 	}
216 | 	if (tCommand != NULL) {
217 | 		free(tCommand);
218 | 		tCommand = NULL;
219 | 	}
220 | 	if (tArgv != NULL) {
221 | 		free(tArgv);
222 | 		tArgv = NULL;
223 | 	}
224 | 
225 | }
226 | int _tmain(DWORD argc, _TCHAR* argv[])
227 | {
228 | 	DWORD dwError = 0;
229 | 	if (!TokenInforUtil::TrySwitchTokenPriv(NULL,SE_DEBUG_NAME, TRUE,&dwError)) {
230 | 		printf("TryEnableDebugPriv,Error: %d\n", dwError);
231 | 	}
232 | 	if (!TokenInforUtil::TrySwitchTokenPriv(NULL, SE_ASSIGNPRIMARYTOKEN_NAME, TRUE, &dwError)) {
233 | 		printf("TryEnableAssignPrimaryPriv,Error: %d\n", dwError);
234 | 	}
235 | 	if (!TokenInforUtil::TrySwitchTokenPriv(NULL, SE_INCREASE_QUOTA_NAME, TRUE, &dwError)) {
236 | 		printf("TryEnableIncreaseQuotaPriv,Error: %d\n", dwError);
237 | 	}
238 | 	if (argc < 2) {
239 | 		Helper::print_usage();
240 | 		return FALSE;
241 | 	}
242 | 	TCHAR* tModule = NULL; // 模块
243 | 	for (DWORD i = 0; i < sizeof(ModuleList) / sizeof(TCHAR*); i++) {
244 | 		if (!_tcscmp(argv[1], ModuleList[i])) {
245 | 			printf("ChooseModule:%ws\n", argv[1]);
246 | 			tModule = (TCHAR*)calloc(_tcslen(ModuleList[i])+1,sizeof(TCHAR));
247 | 			_tcscpy(tModule, ModuleList[i]);
248 | 			break;
249 | 		}
250 | 	}
251 | 	if (tModule != NULL) {
252 | 		HandleArgument(tModule, argc, argv);
253 | 	}
254 | 	else {
255 | 		Helper::print_usage();
256 | 	}
257 | 	// 释放TCHAR指针
258 | 	if (tModule != NULL) {
259 | 		free(tModule);
260 | 		tModule = NULL;
261 | 	}
262 | 	return FALSE;
263 | 	
264 | 
265 | }


--------------------------------------------------------------------------------