I found this code to get windows write privileges but it does not working

问题

Im trying to create new file on D: drive with c/c++

I found this code to get windows write privileges but it does not working

Can anybody help me i am new in c++?

BOOL SetPrivilege(
    HANDLE hToken,               // access token handle
    LPCTSTR lpszPrivilege,    // name of privilege to enable/disable
    BOOL bEnablePrivilege    // to enable (or disable privilege)
    )

{
    // Token privilege structure
    TOKEN_PRIVILEGES tp;
    // Used by local system to identify the privilege
    LUID luid;

    if(!LookupPrivilegeValue(
        NULL,                // lookup privilege on local system
        lpszPrivilege,    // privilege to lookup
        &luid))               // receives LUID of privilege
    {
        printf("LookupPrivilegeValue() error: %u\n", GetLastError());
        return FALSE;
    }
    else
        printf("LookupPrivilegeValue() is OK\n");

    tp.PrivilegeCount = 1;
    tp.Privileges[0].Luid = luid;

    // Don't forget to disable the privileges after you enabled them,
    // or have already completed your task. Don't mess up your system :o)
    if(bEnablePrivilege)
    {
        tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
        printf("tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED\n");
    }
    else
    {
        tp.Privileges[0].Attributes = 0;
        printf("tp.Privileges[0].Attributes = 0\n");
    }
    // Enable the privilege (or disable all privileges).
    if(!AdjustTokenPrivileges(
        hToken,
        FALSE, // If TRUE, function disables all privileges, if FALSE the function modifies privilege based on the tp
        &tp,
        sizeof(TOKEN_PRIVILEGES),
        (PTOKEN_PRIVILEGES) NULL,
        (PDWORD) NULL))
    {
        printf("AdjustTokenPrivileges() error: %u\n", GetLastError());
        return FALSE;
    }
    else
    {
        printf("AdjustTokenPrivileges() is OK, last error if any: %u\n", GetLastError());
        printf("Should be 0, means the operation completed successfully = ERROR_SUCCESS\n");
    }
    return TRUE;
}

my Main Function

int main()
    {
    LPCTSTR lpszPrivilege = L"SeSecurityPrivilege";
    // Change this BOOL value to set/unset the SE_PRIVILEGE_ENABLED attribute
    BOOL bEnablePrivilege = TRUE;
    HANDLE hToken;
    // Open a handle to the access token for the calling process. That is this running program
    if(!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken))
    {
        printf("OpenProcessToken() error %u\n", GetLastError());
        return FALSE;
    }
    else
        printf("OpenProcessToken() is OK\n");

    // Call the user defined SetPrivilege() function to enable and set the needed privilege
    BOOL test = SetPrivilege(hToken, lpszPrivilege, bEnablePrivilege);
    printf("The SetPrivilege() return value: %d\n\n", test);

        ofstream myFile;
        myFile.open("C:\\test.txt");
        myFile << "I am C";
        myFile.close();


        bEnablePrivilege = FALSE;
        BOOL test1 = SetPrivilege(hToken, lpszPrivilege, bEnablePrivilege);
        printf("The SetPrivilage() return value: %d\n", test1);
        system("PAUSE");

        return 0;
    }

the output in console looks like this:

OpenProcessToken() is OK
LookupPrivilegeValue() is OK
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED
AdjustTokenPrivileges() is OK, last error if any: 1300
Should be 0, means the operation completed successfully = ERROR_SUCCESS
The SetPrivilege() return value: 1

LookupPrivilegeValue() is OK
tp.Privileges[0].Attributes = 0
AdjustTokenPrivileges() is OK, last error if any: 1300
Should be 0, means the operation completed successfully = ERROR_SUCCESS
The SetPrivilage() return value: 1
Press any key to continue . . .

回答1:

1. SeSecurityPrivilege is the "Manage auditing and security log" user right (see the list of privilege constants). It has absolutely nothing to do with writing files. In fact, under normal circumstances, you don't need to enable any privilege to write a file to the root of a drive, although the process does need to be running as an administrator.

2. Error 1300 means "Not all privileges or groups referenced are assigned to the caller." That is, the privilege was not successfully enabled, because the process isn't entitled to it. This will be because the process isn't being run as an administrator.

So, first, you can remove almost all the code in your example, everything but the four lines that actually write the file. Then you just need to run the application as an administrator.

To do this, right-click on the executable file and select "Run as administrator". If you run the application in this way it will be able to write the file. (Note: in Windows XP, you don't need to do this, but you do need to be logged in as a user with administrative rights.)

回答2:

AdjustTokenPrivileges cannot add or remove privileges from the token. It can only enable existing privileges that are currently disabled or disable existing privileges that are currently enabled.

ERROR 1300 means that you are not already have "SeSecurityPrivilege".So you can't enable or disable it.

For more information check: Changing Privileges in a Token

来源：https://stackoverflow.com/questions/11283919/i-found-this-code-to-get-windows-write-privileges-but-it-does-not-working