;rebootnt1.asm Reboot an NT system Andrew Kennedy 1/10/06
; Much help from P1
; Uses EWX_FORCE, so be careful what apps may
already be open !!
.386
.model flat,stdcall
option casemap:none

include \masm32\include\windows.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
include \masm32\include\advapi32.inc

include \masm32\macros\macros.asm

includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\advapi32.lib

; Local Prototypes
;-------------------
IsWinNT PROTO
ReqNTPrivilege PROTO WORD

..const
;-------------------
dwMaskNT DWORD 2

..data
;-------------------
msg_NotNT BYTE "This is NOT an NT system.",0
msg_NotPL BYTE "Privilege requested NOT
granted.",13,"Unable to reboot.",0
AppName BYTE "ASM Win NT Shutdown",0

..code
;-------------------
start:
invoke IsWinNT

;----------------------------------------------------------------
; if is not an NT system we don't need other stuff and
we can
; directly call ExitWindowsEx(), so this demo will exit.

;----------------------------------------------------------------
.if eax == FALSE
invoke MessageBox,NULL,addr msg_NotNT,addr
AppName,MB_OK
invoke ExitProcess,NULL
.endif

;----------------------------------------------------------------
; with ReqNTPrivilege call, we ask for the
'SeShutdownPrivilege'
; note string names of possible privilege are in
windows.inc

;----------------------------------------------------------------
invoke ReqNTPrivilege, SADD("SeShutdownPrivilege")
.if eax == FALSE
invoke MessageBox,NULL,addr msg_NotPL,addr
AppName,MB_OK
invoke ExitProcess,NULL
.endif

invoke ExitWindowsEx,EWX_REBOOT or EWX_FORCE,0

invoke ExitProcess,NULL
;
;
IsWinNT proc
;------------------
; return TRUE (not zero) in eax if we are in win nt systems
;
LOCAL osvi:OSVERSIONINFO
;
mov osvi.dwOSVersionInfoSize, sizeof osvi
invoke GetVersionEx, addr osvi
.if eax == 0
ret
.endif
mov eax, osvi.dwPlatformId
and eax, dwMaskNT
ret
;-------------------
IsWinNT endp
;
;
ReqNTPrivilege proc lpPrivilegeNameWORD
;-------------------
; return TRUE (not zero) in eax if privilege is granted
; lpPrivilegeName parameter points to a string with request
privilege name
;
LOCAL hProcessWORD
LOCAL hTokenWORD
LOCAL phTokenWORD
LOCAL RetLenWORD
LOCAL pRetLenWORD
LOCAL tkp:TOKEN_PRIVILEGES
LOCAL tkp_old:TOKEN_PRIVILEGES
;
invoke GetCurrentProcess
mov hProcess, eax
lea eax, hToken
mov phToken, eax
invoke OpenProcessToken, hProcess, \
TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY, \
phToken
.if eax != FALSE
lea eax, tkp.Privileges[0].Luid
invoke LookupPrivilegeValue, NULL, \
lpPrivilegeName, \
eax
lea eax, RetLen
mov pRetLen, eax
mov tkp.PrivilegeCount, 1
mov tkp.Privileges[0].Attributes,
SE_PRIVILEGE_ENABLED
invoke AdjustTokenPrivileges, hToken, \
NULL, \
addr tkp, \
sizeof tkp_old, \
addr tkp_old, \
pRetLen
.endif
ret
;-------------------
ReqNTPrivilege endp
;
;
end start