LinkedInTwitterFacebook

Enables or disables privileges with fasm.

Today I will show you how to enables or disables privileges with fasm.
The Windows 10 come with Authorization and this is the right granted an individual to use the system and the data stored on it.
This is based on the Windows Server and Windows operating systems that control access to resources.
The example is a shutdown application tool make with FASM version 1.71.61.
I used functions from MSDN like: GetCurrentProcess, OpenProcessToken, LookupPrivilegeValue, AdjustTokenPrivileges and CloseHandle.
This functions need to be fill with parameters.
For example the OpenProcessToken function need this parameters:

You can take a look at this function at MSDN website.
The base of assembly file come with include win32ax.inc file.
The ..\include\ let the fasm to get this file and use this functions.
The SE_PRIVILEGE_ENABLED set with 2 make the privilege enabled.
Also the TOKEN_ADJUST_PRIVILEGES is required to enable or disable the privileges in an access token.
This two is used to make the executable application.
Into .data area I put the data need by application – messages to show.
For example if I want to put a string into my application then I will use this:

The title_msg is used by application to take the string tool_shutdown_cmd and 0 is used to end the string into the application.
Also I need the SeShutdownPrivilege parameter required to shut down a local system..
The application will run into loop from .code to enable_privilege.
It start with .code start: show the window with message box make by MessageBox and ask us the option to shutdown or not.
IN this area will run some MSDN functions like: MessageBox, InitiateSystemShutdown and ExitProcess.
When the user will press the Yes button then the application will run the enable_privilege area.
The cmp, jne, jc and jmp is used to take decisions into application.
The invoke is used to invoke can be used to call the procedures through pointers defined in the import tables.
Example of this line:

is equivalent to:

The start: , exit: , fail: , enable_privilege: is used by fasm to know points of application.
The .end start is put to end the program of fasm language.
You have question about the fasm the take a look at fasm manual.