Enables or disables privileges with fasm.

Today I will show you how to enables or disables privileges with FASM.
The Windows 10 come with Authorization and this is the right granted an individual to use the system and the data stored on it.
This is based on the Windows Server and Windows operating systems that control access to resources.
The example is a shutdown application tool make with FASM version 1.71.61.
I used functions from MSDN like: GetCurrentProcess, OpenProcessToken, LookupPrivilegeValue, AdjustTokenPrivileges and CloseHandle.
These functions need to be filled with parameters.
For example, the OpenProcessToken function needs these parameters:

You can take a look at this function at the MSDN website.
The base of assembly file comes with include win32ax.inc file.
The ..\include\ let the FASM get this file and use these functions.
The SE_PRIVILEGE_ENABLED set with 2 makes the privilege enabled.
The TOKEN_ADJUST_PRIVILEGES is required to enable or disable the privileges in an access token.
This two is used to make the executable application.
Into .data area I put the data need by application – messages to show.
For example if I want to put a string into my application then I will use this:

The title_msg is used by the application to take the string tool_shutdown_cmd and 0 is used to end the string into the application.
I need the SeShutdownPrivilege parameter required to shut down a local system..
The application will run into the loop from .code to enable_privilege.
It starts with a .code start: show the window with message box make by MessageBox and ask us the option to shutdown or not.
IN this area will run some MSDN functions like MessageBox, InitiateSystemShutdown and ExitProcess.
When the user will press the Yes button then the application will run the enable_privilege area.
The cmp, jne, jc and jmp is used to take decisions into the application.
The invoke is used to invoke can be used to call the procedures through pointers defined in the import tables.
Example of this line:

is equivalent to:

The start: , exit: , fail: , enable_privilege: is used by FASM to know points of application.
The .end start is put to end the program of FASM language.
You have a question about the FASM the take a look at fasm manual.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.