Skip to content

Commit 291e55b

Browse files
DavidXanatosDavidXanatos
authored
Update secure.c
1 parent 247b9b7 commit 291e55b

File tree

1 file changed

+0
-62
lines changed

1 file changed

+0
-62
lines changed

Sandboxie/core/dll/secure.c

Lines changed: 0 additions & 62 deletions
Original file line numberDiff line numberDiff line change
@@ -102,21 +102,6 @@ static NTSTATUS Secure_NtFilterToken(
102102
_In_opt_ PTOKEN_GROUPS RestrictedSids,
103103
_Out_ PHANDLE NewTokenHandle);
104104

105-
static NTSTATUS Secure_NtFilterTokenEx(
106-
_In_ HANDLE ExistingTokenHandle,
107-
_In_ ULONG Flags,
108-
_In_opt_ PTOKEN_GROUPS SidsToDisable,
109-
_In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
110-
_In_opt_ PTOKEN_GROUPS RestrictedSids,
111-
_In_ ULONG DisableUserClaimsCount,
112-
_In_opt_ PUNICODE_STRING UserClaimsToDisable,
113-
_In_ ULONG DisableDeviceClaimsCount,
114-
_In_opt_ PUNICODE_STRING DeviceClaimsToDisable,
115-
_In_opt_ PTOKEN_GROUPS DeviceGroupsToDisable,
116-
_In_opt_ PVOID RestrictedUserAttributes,
117-
_In_opt_ PVOID RestrictedDeviceAttributes,
118-
_In_opt_ PTOKEN_GROUPS RestrictedDeviceGroups,
119-
_Out_ PHANDLE NewTokenHandle);
120105

121106
static NTSTATUS Secure_RtlQueryElevationFlags(ULONG *Flags);
122107

@@ -143,7 +128,6 @@ static P_NtSetInformationToken __sys_NtSetInformationToken = NULL;
143128
static P_NtAdjustPrivilegesToken __sys_NtAdjustPrivilegesToken = NULL;
144129
static P_NtDuplicateToken __sys_NtDuplicateToken = NULL;
145130
static P_NtFilterToken __sys_NtFilterToken = NULL;
146-
static P_NtFilterTokenEx __sys_NtFilterTokenEx = NULL;
147131
static P_RtlQueryElevationFlags __sys_RtlQueryElevationFlags = NULL;
148132
static P_RtlCheckTokenMembershipEx __sys_RtlCheckTokenMembershipEx = NULL;
149133
static P_NtQuerySecurityAttributesToken __sys_NtQuerySecurityAttributesToken = NULL;
@@ -285,7 +269,6 @@ void Secure_InitSecurityDescriptors(void)
285269

286270
_FX BOOLEAN Secure_Init(void)
287271
{
288-
void *NtFilterTokenEx;
289272
void *RtlQueryElevationFlags;
290273
void *RtlCheckTokenMembershipEx;
291274

@@ -303,10 +286,6 @@ _FX BOOLEAN Secure_Init(void)
303286
if (Dll_OsBuild >= 21286) { // Windows 11
304287
SBIEDLL_HOOK(Secure_, NtDuplicateToken);
305288
SBIEDLL_HOOK(Secure_, NtFilterToken);
306-
NtFilterTokenEx = GetProcAddress(Dll_Ntdll, "NtFilterTokenEx");
307-
if (NtFilterTokenEx) {
308-
SBIEDLL_HOOK(Secure_, NtFilterTokenEx);
309-
}
310289
}
311290
if (Dll_Windows < 10) {
312291
SBIEDLL_HOOK(Secure_, NtQueryInformationToken);
@@ -990,47 +969,6 @@ _FX NTSTATUS Secure_NtFilterToken(
990969
}
991970

992971

993-
//---------------------------------------------------------------------------
994-
// Secure_NtFilterTokenEx
995-
//---------------------------------------------------------------------------
996-
997-
998-
_FX NTSTATUS Secure_NtFilterTokenEx(
999-
_In_ HANDLE ExistingTokenHandle,
1000-
_In_ ULONG Flags,
1001-
_In_opt_ PTOKEN_GROUPS SidsToDisable,
1002-
_In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
1003-
_In_opt_ PTOKEN_GROUPS RestrictedSids,
1004-
_In_ ULONG DisableUserClaimsCount,
1005-
_In_opt_ PUNICODE_STRING UserClaimsToDisable,
1006-
_In_ ULONG DisableDeviceClaimsCount,
1007-
_In_opt_ PUNICODE_STRING DeviceClaimsToDisable,
1008-
_In_opt_ PTOKEN_GROUPS DeviceGroupsToDisable,
1009-
_In_opt_ PVOID RestrictedUserAttributes,
1010-
_In_opt_ PVOID RestrictedDeviceAttributes,
1011-
_In_opt_ PTOKEN_GROUPS RestrictedDeviceGroups,
1012-
_Out_ PHANDLE NewTokenHandle)
1013-
{
1014-
HANDLE hToken = NULL;
1015-
NtOpenThreadToken(NtCurrentThread(), MAXIMUM_ALLOWED, TRUE, &hToken);
1016-
HANDLE hNull = NULL;
1017-
NtSetInformationThread(NtCurrentThread(), ThreadImpersonationToken, &hNull, sizeof(HANDLE));
1018-
1019-
ULONG status = __sys_NtFilterTokenEx(
1020-
ExistingTokenHandle, Flags, SidsToDisable, PrivilegesToDelete, RestrictedSids,
1021-
DisableUserClaimsCount, UserClaimsToDisable, DisableDeviceClaimsCount, DeviceClaimsToDisable,
1022-
DeviceGroupsToDisable, RestrictedUserAttributes, RestrictedDeviceAttributes, RestrictedDeviceGroups,
1023-
NewTokenHandle);
1024-
1025-
if (hToken) {
1026-
NtSetInformationThread(NtCurrentThread(), ThreadImpersonationToken, &hToken, sizeof(HANDLE));
1027-
NtClose(hToken);
1028-
}
1029-
1030-
return status;
1031-
}
1032-
1033-
1034972
//---------------------------------------------------------------------------
1035973
// Secure_RtlQueryElevationFlags
1036974
//---------------------------------------------------------------------------

0 commit comments

Comments
 (0)