#ifndef _NTPSAPI_H
//
// Threads
//
#if (PHNT_MODE != PHNT_MODE_KERNEL)
/**
* Impersonates a client thread.
*
* @param ServerThreadHandle A handle to the server thread.
* @param ClientThreadHandle A handle to the client thread.
* @param SecurityQos A pointer to a SECURITY_QUALITY_OF_SERVICE structure that specifies the impersonation level and context tracking mode.
* @return NTSTATUS Successful or errant status.
*/
NTSYSCALLAPI
NTSTATUS
NTAPI
NtImpersonateThread(
_In_ HANDLE ServerThreadHandle,
_In_ HANDLE ClientThreadHandle,
_In_ PSECURITY_QUALITY_OF_SERVICE SecurityQos
);
View code on GitHub
#ifndef _NTZWAPI_H
NTSYSCALLAPI
NTSTATUS
NTAPI
ZwImpersonateThread(
_In_ HANDLE ServerThreadHandle,
_In_ HANDLE ClientThreadHandle,
_In_ PSECURITY_QUALITY_OF_SERVICE SecurityQos
);
View code on GitHub
Copies an effective token of one thread onto another.
ServerThreadHandle
- a handle to the server thread on which the system will impersonate a copy of the effective token of the client thread. The handle must grant THREAD_IMPERSONATE
access. It can also be the NtCurrentThread
pseudo-handle.ClientThreadHandle
- a handle to the client thread that provides the token. If this thread doesn't have a token, the system uses the primary token of the process containing this thread. The handle must grant THREAD_DIRECT_IMPERSONATION
access. It can also be the NtCurrentThread
pseudo-handle.SecurityQos
- a pointer to a structure that specifies the impersonation level to use.STATUS_BAD_IMPERSONATION_LEVEL
- the requested impersonation level is higher than the impersonation level of the client thread's token.Note that if the server process does not have SeImpersonatePrivilege
enabled, the system might silently downgrade the token to the identification level of impersonation.
To reset impersonation, use NtSetInformationThread
with ThreadImpersonationToken
info class and a NULL
token handle.