Set-Privilege.ps1
|
<#PSScriptInfo
.VERSION 1.0.1 .GUID 84990677-60ab-4984-9de1-fcfc19f5209d .AUTHOR Pyprohly .COPYRIGHT 2017 .TAGS Security, Privilege .RELEASENOTES #> <# .DESCRIPTION Toggle privileges for the current PowerShell session. #> function Set-Privilege { [OutputType('System.Boolean')] param( [Parameter(Mandatory=$true)] [ValidateSet( 'SeAssignPrimaryTokenPrivilege', 'SeAuditPrivilege', 'SeBackupPrivilege', 'SeChangeNotifyPrivilege', 'SeCreateGlobalPrivilege', 'SeCreatePagefilePrivilege', 'SeCreatePermanentPrivilege', 'SeCreateSymbolicLinkPrivilege', 'SeCreateTokenPrivilege', 'SeDebugPrivilege', 'SeEnableDelegationPrivilege', 'SeImpersonatePrivilege', 'SeIncreaseBasePriorityPrivilege', 'SeIncreaseQuotaPrivilege', 'SeIncreaseWorkingSetPrivilege', 'SeLoadDriverPrivilege', 'SeLockMemoryPrivilege', 'SeMachineAccountPrivilege', 'SeManageVolumePrivilege', 'SeProfileSingleProcessPrivilege', 'SeRelabelPrivilege', 'SeRemoteShutdownPrivilege', 'SeRestorePrivilege', 'SeSecurityPrivilege', 'SeShutdownPrivilege', 'SeSyncAgentPrivilege', 'SeSystemEnvironmentPrivilege', 'SeSystemProfilePrivilege', 'SeSystemtimePrivilege', 'SeTakeOwnershipPrivilege', 'SeTcbPrivilege', 'SeTimeZonePrivilege', 'SeTrustedCredManAccessPrivilege', 'SeUndockPrivilege', 'SeUnsolicitedInputPrivilege' )] [string[]] $Privilege, [switch] $Disable ) begin { $signature = '[DllImport("ntdll.dll", EntryPoint = "RtlAdjustPrivilege")] public static extern IntPtr SetPrivilege(int Privilege, bool bEnablePrivilege, bool IsThreadPrivilege, out bool PreviousValue); [DllImport("advapi32.dll")] public static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);' Add-Type -MemberDefinition $signature -Namespace AdjPriv -Name Privilege } process { foreach ($priv in $Privilege) { [long]$privId = $null $null = [AdjPriv.Privilege]::LookupPrivilegeValue($null, $priv, [ref]$privId) ![bool][long][AdjPriv.Privilege]::SetPrivilege($privId, !$Disable, $false, [ref]$null) } } } |