Mirrors/netero1010-edrsilencer
1
0
Fork 0
mirror of https://github.com/netero1010/EDRSilencer.git synced 2026-06-08 09:05:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #23 from danikdanik/patch-2

Browse Source 
checking the SID structure for TokenIntegrityLevel
This commit is contained in:
Chris Au
2024-11-03 23:43:54 +08:00
committed by GitHub
parent 9863ce4193 5cb185b22f
commit dde9400fa9
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
utils.c
+7
View File
@@ -41,6 +41,13 @@ BOOL CheckProcessIntegrityLevel() {
return FALSE;
}
if (pTIL->Label.Sid == NULL || *GetSidSubAuthorityCount(pTIL->Label.Sid) < 1) {
printf("[-] SID structure is invalid.\n");
LocalFree(pTIL);
CloseHandle(hToken);
return FALSE;
}
dwIntegrityLevel = *GetSidSubAuthority(pTIL->Label.Sid, (DWORD)(UCHAR)(*GetSidSubAuthorityCount(pTIL->Label.Sid) - 1));
if (dwIntegrityLevel >= SECURITY_MANDATORY_HIGH_RID) {