void NtImprove(HANDLE ProcessHandle) { HANDLE Token; UseData.Status = ZwOpenProcessTokenEx(ProcessHandle, TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY, OBJ_KERNEL_HANDLE, &Token); //Open the access token associated with a process CheckRet; ZwDebugF("ZwOpenProcessTokenEx Succeed!"); _TOKEN_PRIVILEGES _TP; _TP.PrivilegeCount = 1; _TP.Privileges[0].Luid.HighPart = 0; _TP.Privileges[0].Luid.LowPart = SE_DEBUG_PRIVILEGE; _TP.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; UseData.Status = NtAdjustPrivilegesToken(Token, FALSE, &_TP, sizeof(_TP), NULL, &UseData.LargeInt.LowPart/*临时使用*/); CheckRet_Out; ZwDebugF("NtAdjustPrivilegesToken Succeed!"); ZwClose(Token); UseData.Status = STATUS_SUCCESS; EXIT: return; }