Beispiel #1
0
 private void btnRuntimeServerViewPermissions_Click(object sender, EventArgs e)
 {
     COMSecurity.ViewSecurity(m_registry, string.Format("{0} Permissions", m_runtime_server.Name), m_runtime_server.Permissions, false);
 }
Beispiel #2
0
 private void menuSecurityDefaultAccessRestriction_Click(object sender, EventArgs e)
 {
     COMSecurity.ViewSecurity(this, "Default Access Restrictions", m_registry.DefaultAccessRestriction, true);
 }
Beispiel #3
0
 private void btnViewAccessPermissions_Click(object sender, EventArgs e)
 {
     COMSecurity.ViewSecurity(m_registry, m_appid, true);
 }
Beispiel #4
0
 private void btnProcessViewAccessPermissions_Click(object sender, EventArgs e)
 {
     COMSecurity.ViewSecurity(m_registry, String.Format("{0} Access", m_process.Name),
                              m_process.AccessPermissions, true);
 }
Beispiel #5
0
        public bool AccessCheck(
            ICOMAccessSecurity obj)
        {
            if (obj == null)
            {
                return(false);
            }

            string launch_sddl  = m_ignore_default ? string.Empty : obj.DefaultLaunchPermission;
            string access_sddl  = m_ignore_default ? string.Empty : obj.DefaultAccessPermission;
            bool   check_launch = true;
            string principal    = m_principal;

            if (obj is COMProcessEntry process)
            {
                access_sddl  = process.AccessPermissions;
                principal    = process.UserSid;
                check_launch = false;
            }
            else if (obj is COMAppIDEntry || obj is COMCLSIDEntry)
            {
                COMAppIDEntry appid = obj as COMAppIDEntry;
                if (appid == null && obj is COMCLSIDEntry clsid)
                {
                    appid = clsid.AppIDEntry;
                    if (appid == null)
                    {
                        return(false);
                    }
                }

                if (appid.HasLaunchPermission)
                {
                    launch_sddl = appid.LaunchPermission;
                }

                if (appid.HasAccessPermission)
                {
                    access_sddl = appid.AccessPermission;
                }
            }
            else if (obj is COMRuntimeClassEntry runtime_class)
            {
                if (runtime_class.HasPermission)
                {
                    launch_sddl = runtime_class.Permissions;
                }
                else if (runtime_class.ActivationType == ActivationType.OutOfProcess && runtime_class.HasServerPermission)
                {
                    launch_sddl = runtime_class.ServerPermissions;
                }
                else if (runtime_class.TrustLevel == TrustLevel.PartialTrust)
                {
                    launch_sddl = COMRuntimeClassEntry.DefaultActivationPermission;
                }
                else
                {
                    // Set to denied access.
                    launch_sddl = "O:SYG:SYD:";
                }
                access_sddl = launch_sddl;
            }
            else if (obj is COMRuntimeServerEntry runtime_server)
            {
                if (runtime_server.HasPermission)
                {
                    launch_sddl = runtime_server.Permissions;
                }
                else
                {
                    launch_sddl = "O:SYG:SYD:";
                }
                access_sddl = launch_sddl;
            }
            else
            {
                return(false);
            }

            if (!m_access_cache.ContainsKey(access_sddl))
            {
                if (m_access_rights == 0)
                {
                    m_access_cache[access_sddl] = true;
                }
                else
                {
                    m_access_cache[access_sddl] = COMSecurity.IsAccessGranted(access_sddl,
                                                                              principal, m_access_token, false, false, m_access_rights);
                }
            }

            if (check_launch && !m_launch_cache.ContainsKey(launch_sddl))
            {
                if (m_launch_rights == 0)
                {
                    m_launch_cache[launch_sddl] = true;
                }
                else
                {
                    m_launch_cache[launch_sddl] = COMSecurity.IsAccessGranted(launch_sddl, principal, m_access_token,
                                                                              true, true, m_launch_rights);
                }
            }

            if (m_access_cache[access_sddl] && (!check_launch || m_launch_cache[launch_sddl]))
            {
                return(true);
            }
            return(false);
        }
Beispiel #6
0
 private void btnViewLaunchPermissions_Click(object sender, EventArgs e)
 {
     COMSecurity.ViewSecurity(m_registry, m_appid, false);
 }
Beispiel #7
0
 private void menuSecurityDefaultLaunchRestriction_Click(object sender, EventArgs e)
 {
     COMSecurity.ViewSecurity(m_registry, "Default Launch Restrictions", m_registry.DefaultLaunchRestriction, false);
 }
Beispiel #8
0
 private void LoadDefaultSecurity()
 {
     using (RegistryKey key = Registry.LocalMachine.OpenSubKey(@"Software\Microsoft\Ole"))
     {
         DefaultAccessPermission  = GetSecurityDescriptor(key, "DefaultAccessPermission", COMSecurity.GetDefaultAccessPermissions());
         DefaultAccessRestriction = GetSecurityDescriptor(key, "DefaultAccessRestriction", COMSecurity.GetDefaultAccessRestrictions());
         DefaultLaunchPermission  = GetSecurityDescriptor(key, "DefaultLaunchPermission", COMSecurity.GetDefaultLaunchPermissions());
         DefaultLaunchRestriction = GetSecurityDescriptor(key, "DefaultLaunchRestriction", COMSecurity.GetDefaultLaunchRestrictions());
     }
 }
Beispiel #9
0
 private void menuSecurityDefaultLaunch_Click(object sender, EventArgs e)
 {
     COMSecurity.ViewSecurity(m_registry, "Default Launch", m_registry.DefaultLaunchPermission, false);
 }
Beispiel #10
0
 private void menuSecurityDefaultAccess_Click(object sender, EventArgs e)
 {
     COMSecurity.ViewSecurity(m_registry, "Default Access", m_registry.DefaultAccessPermission, true);
 }
Beispiel #11
0
        private void LoadFromKey(RegistryKey key)
        {
            RunAs = key.GetValue("RunAs") as string;
            string name = key.GetValue(null) as string;

            if (!String.IsNullOrWhiteSpace(name))
            {
                Name = name.ToString();
            }
            else
            {
                Name = AppId.FormatGuidDefault();
            }

            AccessPermission = COMSecurity.GetStringSDForSD(key.GetValue("AccessPermission") as byte[]);
            LaunchPermission = COMSecurity.GetStringSDForSD(key.GetValue("LaunchPermission") as byte[]);

            DllSurrogate = key.GetValue("DllSurrogate") as string;
            if (DllSurrogate != null)
            {
                if (String.IsNullOrWhiteSpace(DllSurrogate))
                {
                    DllSurrogate = "dllhost.exe";
                }
                else
                {
                    string dllexe = key.GetValue("DllSurrogateExecutable") as string;
                    if (!String.IsNullOrWhiteSpace(dllexe))
                    {
                        DllSurrogate = dllexe;
                    }
                }
            }
            else
            {
                DllSurrogate = String.Empty;
            }

            object flags = key.GetValue("AppIDFlags");

            if (flags != null)
            {
                Flags = (COMAppIDFlags)flags;
            }

            string local_service = key.GetValue("LocalService") as string;

            if (!String.IsNullOrWhiteSpace(local_service))
            {
                try
                {
                    using (RegistryKey serviceKey = Registry.LocalMachine.OpenSubKey(@"System\CurrentControlSet\Services\" + local_service))
                    {
                        using (ServiceController service = new ServiceController(local_service))
                        {
                            LocalService = new COMAppIDServiceEntry(serviceKey, service);
                        }
                    }
                }
                catch
                {
                }
            }

            if (String.IsNullOrWhiteSpace(RunAs))
            {
                RunAs = String.Empty;
            }

            object rotflags = key.GetValue("ROTFlags");

            if (rotflags != null && rotflags is int)
            {
                RotFlags = (COMAppIDRotFlags)rotflags;
            }
        }
Beispiel #12
0
        private void btnOK_Click(object sender, EventArgs e)
        {
            try
            {
                if (radioCurrentProcess.Checked)
                {
                    Token = SafeProcessHandle.Current.OpenTokenAsImpersonation(SecurityImpersonationLevel.SecurityIdentification);
                }
                else if (radioSpecificProcess.Checked)
                {
                    if (listViewProcesses.SelectedItems.Count < 1)
                    {
                        throw new InvalidOperationException("Please select a process from the list");
                    }

                    Token = ((SafeTokenHandle)listViewProcesses.SelectedItems[0].Tag).DuplicateImpersonation(SecurityImpersonationLevel.SecurityIdentification);
                }
                else if (radioAnonymous.Checked)
                {
                    using (SafeTokenHandle token = SafeTokenHandle.AnonymousToken)
                    {
                        Token = token.DuplicateImpersonation(SecurityImpersonationLevel.SecurityIdentification);
                    }
                }

                if (checkBoxSetIL.Checked)
                {
                    Token.SetIntegrityLevel((SecurityIntegrityLevel)comboBoxIL.SelectedItem);
                }

                if (checkBoxLocalAccess.Checked)
                {
                    AccessRights |= COMAccessRights.ExecuteLocal;
                }
                if (checkBoxRemoteAccess.Checked)
                {
                    AccessRights |= COMAccessRights.ExecuteRemote;
                }

                if (!_process_security)
                {
                    if (checkBoxLocalLaunch.Checked)
                    {
                        LaunchRights |= COMAccessRights.ExecuteLocal;
                    }
                    if (checkBoxRemoteLaunch.Checked)
                    {
                        LaunchRights |= COMAccessRights.ExecuteRemote;
                    }
                    if (checkBoxLocalActivate.Checked)
                    {
                        LaunchRights |= COMAccessRights.ActivateLocal;
                    }
                    if (checkBoxRemoteActivate.Checked)
                    {
                        LaunchRights |= COMAccessRights.ActivateRemote;
                    }
                    if (!_process_security)
                    {
                        Principal = COMSecurity.UserToSid(textBoxPrincipal.Text);
                    }
                }

                DialogResult = DialogResult.OK;
                Close();
            }
            catch (Exception ex)
            {
                Program.ShowError(this, ex);
            }
        }
Beispiel #13
0
        private void btnOK_Click(object sender, EventArgs e)
        {
            try
            {
                if (radioCurrentProcess.Checked)
                {
                    Token = OpenImpersonationToken();
                }
                else if (radioSpecificProcess.Checked)
                {
                    NtProcess process = selectProcessControl.SelectedProcess;
                    if (process == null)
                    {
                        throw new InvalidOperationException("Please select a process from the list");
                    }

                    using (var token = NtToken.OpenProcessToken(process, false, TokenAccessRights.Duplicate))
                    {
                        Token = token.DuplicateToken(TokenType.Impersonation, SecurityImpersonationLevel.Impersonation, TokenAccessRights.GenericAll);
                    }
                }
                else if (radioAnonymous.Checked)
                {
                    Token = TokenUtils.GetAnonymousToken();
                }

                if (checkBoxSetIL.Checked)
                {
                    Token.SetIntegrityLevel((TokenIntegrityLevel)comboBoxIL.SelectedItem);
                }

                if (checkBoxLocalAccess.Checked)
                {
                    AccessRights |= COMAccessRights.ExecuteLocal;
                }
                if (checkBoxRemoteAccess.Checked)
                {
                    AccessRights |= COMAccessRights.ExecuteRemote;
                }

                if (!_process_security)
                {
                    if (checkBoxLocalLaunch.Checked)
                    {
                        LaunchRights |= COMAccessRights.ExecuteLocal;
                    }
                    if (checkBoxRemoteLaunch.Checked)
                    {
                        LaunchRights |= COMAccessRights.ExecuteRemote;
                    }
                    if (checkBoxLocalActivate.Checked)
                    {
                        LaunchRights |= COMAccessRights.ActivateLocal;
                    }
                    if (checkBoxRemoteActivate.Checked)
                    {
                        LaunchRights |= COMAccessRights.ActivateRemote;
                    }
                    if (!_process_security)
                    {
                        Principal = COMSecurity.UserToSid(textBoxPrincipal.Text).ToString();
                    }
                }

                DialogResult = DialogResult.OK;
                Close();
            }
            catch (Exception ex)
            {
                EntryPoint.ShowError(this, ex);
            }
        }