NtImpersonateAnonymousToken - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTSEAPI_H

/**
 * The NtImpersonateAnonymousToken routine causes a thread to impersonate the anonymous token.
 *
 * @param ThreadHandle Handle to the thread that will impersonate the anonymous token. The handle must have THREAD_DIRECT_IMPERSONATION access.
 * @return NTSTATUS Successful or errant status.
 */
NTSYSCALLAPI
NTSTATUS
NTAPI
NtImpersonateAnonymousToken(
    _In_ HANDLE ThreadHandle
    );

#endif

View code on GitHub
#ifndef _NTZWAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
ZwImpersonateAnonymousToken(
    _In_ HANDLE ThreadHandle
    );

#endif

View code on GitHub

NtDoc

Impersonates the anonymous logon token on the specified thread.

Parameters

Remarks

Depending on the EveryoneIncludesAnonymous LSA setting, the anonymous logon token either has untrusted integrity with no group membership or low integrity with Everyone membership.

To reset impersonation, use NtSetInformationThread with ThreadImpersonationToken info class and a NULL token handle.

Related Win32 API

See also

Edit description on GitHub