Boot Win2K code

[skywalker]

This is some code that boots a WinXP system. I've modified it to work on a Win 2K system.

This is what I have so far. Got 2 compiler errors.

I need to define szShut.

Is that a variable that I was told I needed ?

Not sure how or where.

Thanks.

  .386
    .model  flat,stdcall
    option  casemap:none

;Here's mine.  You will need to add variables.

    include \masm32\include\windows.inc
    include \masm32\include\user32.inc
    include \masm32\include\kernel32.inc
    include \masm32\include\advapi32.inc

    include \masm32\macros\macros.asm

    includelib  \masm32\lib\kernel32.lib
    includelib  \masm32\lib\user32.lib
    includelib  \masm32\lib\advapi32.lib

; Local Prototypes
;-------------------
    IsWinNT         PROTO
    ReqNTPrivilege  PROTO :DWORD

.const
;-------------------
    dwMaskNT        DWORD   2

.data
;-------------------
    msg_NotNT   BYTE    "This is NOT an NT system.",0
    msg_NotPL   BYTE    "Privilege requested NOT granted.",13,"Unable to reboot.",0
    AppName     BYTE    "ASM Win NT Shutdown",0

.code
;-------------------
start:
    invoke  IsWinNT
    ;----------------------------------------------------------------
    ; If this isn't an NT system we don't need other stuff and we can
    ; directly call ExitWindowsEx(), so this demo will exit.
    ;----------------------------------------------------------------
    .if eax == FALSE       
      invoke  MessageBox,NULL,addr msg_NotNT,addr AppName,MB_OK
      invoke  ExitProcess,NULL
    .endif
    ;----------------------------------------------------------------
    ; with ReqNTPrivilege call, we ask for the 'SeShutdownPrivilege'
    ; note string names of possible privilege are in windows.inc
    ;----------------------------------------------------------------
    invoke  ReqNTPrivilege, SADD("SeShutdownPrivilege")
    .if eax == FALSE
      invoke  MessageBox,NULL,addr msg_NotPL,addr AppName,MB_OK
      invoke  ExitProcess,NULL
    .endif
    invoke  ExitWindowsEx, EWX_SHUTDOWN   , 0 ; For Reboot, use EWX_REBOOT
    invoke  ExitProcess,NULL
;
;
IsWinNT proc
;------------------
; return TRUE (not zero) in eax if we are in win nt systems
;
    LOCAL osvi:OSVERSIONINFO
;
    mov     osvi.dwOSVersionInfoSize, sizeof osvi
    invoke  GetVersionEx, addr osvi
    .if eax == 0
      ret
    .endif
    mov     eax, osvi.dwPlatformId
    and     eax, dwMaskNT
    ret
;-------------------
IsWinNT endp
;
;
ReqNTPrivilege proc lpPrivilegeName:DWORD
;-------------------
; return TRUE (not zero) in eax if privilege is granted
; lpPrivilegeName parameter points to a string with request privilege name
;
    LOCAL   hProcess:DWORD
    LOCAL   hToken:DWORD
    LOCAL   phToken:DWORD
    LOCAL   RetLen:DWORD
    LOCAL   pRetLen:DWORD
    LOCAL   tkp:TOKEN_PRIVILEGES
    LOCAL   tkp_old:TOKEN_PRIVILEGES
;
    invoke  GetCurrentProcess
    mov     hProcess, eax
    lea     eax, hToken
    mov     phToken, eax
    invoke  OpenProcessToken, hProcess,TOKEN_ADJUST_PRIVILEGES + TOKEN_QUERY,phToken

;BOOL LookupPrivilegeValue(
;
;    LPCTSTR lpSystemName,   // address of string specifying the system
;    LPCTSTR lpName,   // address of string specifying the privilege
;    PLUID lpLuid    // address of locally unique identifier
;   );

    invoke LookupPrivilegeValue,NULL, addr szShut, addr tkp.Privileges[0].Luid
    mov    tkp.PrivilegeCount,1
    mov tkp.Privileges[0].Attributes,SE_PRIVILEGE_ENABLED
    invoke AdjustTokenPrivileges,hToken,FALSE, ADDR tkp, 0, NULL, 0
    invoke ExitWindowsEx,EWX_REBOOT or EWX_FORCE,0


.if eax != FALSE
      lea     eax, tkp.Privileges[0].Luid
      invoke  LookupPrivilegeValue, NULL, \
              lpPrivilegeName, \
              eax
      lea     eax, RetLen
      mov     pRetLen, eax
      mov     tkp.PrivilegeCount, 1
      mov     tkp.Privileges[0].Attributes, SE_PRIVILEGE_ENABLED
      invoke  AdjustTokenPrivileges, hToken,NULL,addr tkp, sizeof tkp_old,addr tkp_old, \
              pRetLen
    .endif
    ret
   
ReqNTPrivilege endp
;
;
            end     start

[sinsi]

From my copy of the XP SP2 SDK...

LookupPrivilegeValue
The LookupPrivilegeValue function retrieves the locally unique identifier (LUID) used on a specified system to locally represent the specified privilege name.

BOOL LookupPrivilegeValue(
  LPCTSTR lpSystemName,
  LPCTSTR lpName,
  PLUID lpLuid
);

Parameters
lpSystemName
[in] A pointer to a null-terminated string that specifies the name of the system on which the privilege name is retrieved. If a null string is specified, the function attempts to find the privilege name on the local system.
lpName
[in] A pointer to a null-terminated string that specifies the name of the privilege, as defined in the Winnt.h header file. For example, this parameter could specify the constant, SE_SECURITY_NAME, or its corresponding string, "SeSecurityPrivilege".
lpLuid
[out] A pointer to a variable that receives the LUID by which the privilege is known on the system specified by the lpSystemName parameter.
Return Values
If the function succeeds, the function returns nonzero.
If the function fails, it returns zero. To get extended error information, call GetLastError.

Remarks
The LookupPrivilegeValue function supports only the privileges specified in the Defined Privileges section of Winnt.h.

Requirements
Client: Requires Windows XP, Windows 2000 Professional, or Windows NT Workstation 3.1 and later.
Server: Requires Windows Server 2003, Windows 2000 Server, or Windows NT Server 3.1 and later.
Unicode: Implemented as Unicode and ANSI versions.
Header: Declared in Winbase.h; include Windows.h.
Library: Use Advapi32.lib.