From b068bfc300b90be4833d9e1a938d9e46ac358e84 Mon Sep 17 00:00:00 2001
From: nezu <29180158+dumbasPL@users.noreply.github.com>
Date: Sat, 30 Sep 2023 01:13:56 +0200
Subject: [PATCH] add debug privileges

---
 src/stage1/fumo_preloader.h |  1 +
 src/stage1/stage1.cpp       | 28 ++++++++++++++++++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/src/stage1/fumo_preloader.h b/src/stage1/fumo_preloader.h
index 8b4dbeb..1afef31 100644
--- a/src/stage1/fumo_preloader.h
+++ b/src/stage1/fumo_preloader.h
@@ -6,6 +6,7 @@
 #define ERR_STAGE1_SUCCESS 0
 #define ERR_STAGE1_INVALID_ARGS 1
 #define ERR_STAGE1_FAILED_TO_OPEN_FILE 2
+#define ERR_STAGE1_FAILED_TO_GET_DEBUG_PRIVILEGES 3
 #define ERR_STAGE1_UNSUPPORTED_OS 50
 #define ERR_STAGE1_HVCI_ENABLED 51
 #define ERR_STAGE1_FAILED_TO_MAP_DRIVER 100
diff --git a/src/stage1/stage1.cpp b/src/stage1/stage1.cpp
index 21b45dd..782d9dd 100644
--- a/src/stage1/stage1.cpp
+++ b/src/stage1/stage1.cpp
@@ -2,6 +2,31 @@
 #include <filesystem>
 #include <fstream>
 
+bool get_debug_privileges() {
+    HANDLE token;
+    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &token))
+        return false;
+
+    LUID luid;
+    if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid)) {
+        CloseHandle(token);
+        return false;
+    }
+
+    TOKEN_PRIVILEGES privileges;
+    privileges.PrivilegeCount = 1;
+    privileges.Privileges[0].Luid = luid;
+    privileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
+
+    if (!AdjustTokenPrivileges(token, FALSE, &privileges, sizeof(privileges), NULL, NULL)) {
+        CloseHandle(token);
+        return false;
+    }
+
+    CloseHandle(token);
+    return true;
+}
+
 int main(PFUMO_EMBEDDED_DATA embedded_data) {
     std::vector<BYTE> fumo_data;
     std::wstring fumo_file_path;
@@ -56,6 +81,9 @@ int main(PFUMO_EMBEDDED_DATA embedded_data) {
     if (isHvciEnabled())
         return fumo::error(ERR_STAGE1_HVCI_ENABLED, L"HyperVisor Code Integrity (HVCI) is enabled, please disable it and try again");
     
+    if(!get_debug_privileges())
+        return fumo::error(ERR_STAGE1_FAILED_TO_GET_DEBUG_PRIVILEGES, L"Failed to get debug privileges");
+
     auto error = init_driver(osv.dwBuildNumber);
     if (error != ERR_STAGE1_SUCCESS)
         return error;