开发者

How to call OpenTokenByLogonId function?

开发者 https://www.devze.com 2023-02-18 12:17 出处:网络
I am REALLY trying to find a way to call OpenTokenByLogonId() function, and I am pretty stuck. Moreover I can\'t find any examples of it anywhere!

I am REALLY trying to find a way to call OpenTokenByLogonId() function, and I am pretty stuck. Moreover I can't find any examples of it anywhere!

From MSDN a pointer to OpenTokenByLoginID() can be found in LSA_SECPKG_FUNCTIO开发者_运维技巧N_TABLE function table received from the SpInitialize() function.

a pointer to SpInitialize() function received from the SpLsaModeInitialize() function implemented in several DLLs according to what I want to do.

So, I looked for SpLsaModeInitialize() export in windows\system32\ and I found a few DLLs. Out of them I chose to use Kerberos.dll. I must say that I chose this DLL over others simply because of its name - I Don't really understand what are the differences (I believe these I different methods of authentication, but I don't really know).

So, I got a pointer to SpLsaModeInitialize():

#include <Windows.h>
#include <Sspi.h>
#include <Ntsecapi.h>
#include <Ntsecpkg.h>

HMODULE hdll_kerberos = ::LoadLibrary(L"kerberos.dll");

SpLsaModeInitializeFn SpLsaModeInitialize = (SpLsaModeInitializeFn)::GetProcAddress(hdll_kerberos, "SpLsaModeInitialize");

Called the function:

ULONG pckver = 0;
PSECPKG_FUNCTION_TABLE pck_tbl = 0;
ULONG pcTables = 0;

NTSTATUS res=0;
if(SpLsaModeInitialize(SECPKG_INTERFACE_VERSION, &pckver, &pck_tbl, &pcTables) != 0){ // error }

Now I can call SpInitialize using pck_tbl->Initialize.

BUT (and here's the problem) I can't find a way to the parameters for the function!

NTSTATUS SpInitialize(__in  ULONG_PTR PackageId, __in  PSECPKG_PARAMETERS Parameters, __in  PLSA_SECPKG_FUNCTION_TABLE FunctionTable);

How do I find a packageID let alone its SECPKG_PARAMETERS ? I've looked everywhere, but I guess I'm missing or overlooking something...

Thanks For Your Help!!!


As Luke said, this function is not being called, but when one implements SSP/AP for the LSA, one can implement this function.

0

精彩评论

暂无评论...
验证码 换一张
取 消