Ejemplo n.º 1
0
    private IEnumerable <string> FetchSchedulerGroups()
    {
        var privileges = new LSA_UNICODE_STRING[1];

        privileges[0] = InitLsaString("SeBatchLogonRight");
        IntPtr buffer;
        int    count;
        uint   ret      = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out buffer, out count);
        var    accounts = new List <String>();

        if (ret == 0)
        {
            var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
            for (int i = 0, elemOffs = (int)buffer; i < count; i++)
            {
                LsaInfo[i] =
                    (LSA_ENUMERATION_INFORMATION)
                    Marshal.PtrToStructure((IntPtr)elemOffs, typeof(LSA_ENUMERATION_INFORMATION));
                elemOffs += Marshal.SizeOf(typeof(LSA_ENUMERATION_INFORMATION));
                var SID = new SecurityIdentifier(LsaInfo[i].PSid);
                accounts.Add(ResolveAccountName(SID));
            }
        }

        return(accounts);
    }
Ejemplo n.º 2
0
    IEnumerable <string> FetchSchedulerGroups()
    {
        var privileges = new LSA_UNICODE_STRING[1];

        privileges[0] = InitLsaString("SeBatchLogonRight");
        var ret      = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out LSA_HANDLE buffer, out ulong count);
        var accounts = new List <String>();

        if (ret == 0)
        {
            var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
            var myLsaus = new LSA_ENUMERATION_INFORMATION();
            for (ulong i = 0; i < count; i++)
            {
                var itemAddr = new IntPtr(buffer.ToInt64() + (long)(i * (ulong)Marshal.SizeOf(myLsaus)));

                LsaInfo[i] =
                    (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
                var SID = new SecurityIdentifier(LsaInfo[i].PSid);
                accounts.Add(ResolveAccountName(SID));
            }
        }

        return(accounts);
    }
Ejemplo n.º 3
0
        /// <summary>
        /// Reads the user accounts which have the specific privilege
        /// </summary>
        /// <param name="Privilege">The name of the privilege for which the accounts with this right should be enumerated</param>
        public List <Principal> ReadPrivilege(string Privilege)
        {
            var privileges = new LSA_UNICODE_STRING[1];

            privileges[0] = InitLsaString(Privilege);
            var ret      = LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out var buffer, out var count);
            var Accounts = new List <Principal>();

            if (ret == 0)
            {
                var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];

                var elemOffs = buffer;
                for (var i = 0; i < count; i++)
                {
                    LsaInfo[i] = (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure((IntPtr)elemOffs, typeof(LSA_ENUMERATION_INFORMATION));
                    elemOffs   = (IntPtr)(elemOffs.ToInt64() + Marshal.SizeOf(typeof(LSA_ENUMERATION_INFORMATION)));
                    var SID = new SecurityIdentifier(LsaInfo[i].PSid);

                    Accounts.Add(ResolveAccountName(SID));
                }
                return(Accounts);
            }
            TestReturnValue(ret);
            return(Accounts);
        }
Ejemplo n.º 4
0
 private static List <Sid> ParseSids(SafeLsaMemoryBuffer buffer, int count)
 {
     using (buffer) {
         buffer.Initialize <LSA_ENUMERATION_INFORMATION>((uint)count);
         LSA_ENUMERATION_INFORMATION[] ss = new LSA_ENUMERATION_INFORMATION[count];
         buffer.ReadArray(0, ss, 0, count);
         return(ss.Select(s => new Sid(s.Sid)).ToList());
     }
 }
Ejemplo n.º 5
0
    public bool IsWindowsAuthorised(string privilege, string userName)
    {
        bool windowsAuthorised = false;

        userName = CleanUser(userName);
        var privileges = new LSA_UNICODE_STRING[1];

        privileges[0] = InitLsaString(privilege);
        IntPtr buffer;
        ulong  count;
        uint   ret      = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out buffer, out count);
        var    Accounts = new List <String>();

        if (ret == 0)
        {
            var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
            LSA_ENUMERATION_INFORMATION myLsaus = new LSA_ENUMERATION_INFORMATION();
            for (ulong i = 0; i < count; i++)
            {
                IntPtr itemAddr = new IntPtr(buffer.ToInt64() + (long)(i * (ulong)Marshal.SizeOf(myLsaus)));

                LsaInfo[i] =
                    (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
                var SID = new SecurityIdentifier(LsaInfo[i].PSid);
                Accounts.Add(ResolveAccountName(SID));
            }

            try
            {
                var wp = new WindowsPrincipal(new WindowsIdentity(userName));

                foreach (string account in Accounts)
                {
                    if (wp.IsInRole(account))
                    {
                        windowsAuthorised = true;
                    }
                }

                return(windowsAuthorised);
            }
            catch (Exception)
            {
                var localGroups = GetLocalUserGroupsForTaskSchedule(userName);

                var intersection = localGroups.Intersect(Accounts);

                return(intersection.Any());
            }
        }

        return(false);
    }
Ejemplo n.º 6
0
    private List <string> GetAccountsWithPrivilege(string privilege)
    {
        var privileges = new LSA_UNICODE_STRING[1];

        privileges[0] = InitLsaString(privilege);
        var gotAccounts  = Win32Sec.LsaEnumerateAccountsWithUserRight(_lsaHandle, privileges, out LSA_HANDLE buffer, out ulong count) == 0;
        var accountNames = new List <string>();

        if (gotAccounts)
        {
            var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
            var myLsaus = new LSA_ENUMERATION_INFORMATION();
            for (ulong i = 0; i < count; i++)
            {
                var itemAddr = new IntPtr(buffer.ToInt64() + (long)(i * (ulong)Marshal.SizeOf(myLsaus)));
                LsaInfo[i] = (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
                var sid = new SecurityIdentifier(LsaInfo[i].PSid);
                accountNames.Add(ResolveAccountName(sid));
            }
        }
        return(accountNames);
    }
Ejemplo n.º 7
0
    public bool IsWindowsAuthorised(string privilege, string userName)
    {
        var windowsAuthorised = false;

        var username   = CleanUser(userName);
        var privileges = new LSA_UNICODE_STRING[1];

        privileges[0] = InitLsaString(privilege);
        var ret      = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out LSA_HANDLE buffer, out ulong count);
        var Accounts = new List <String>();

        if (ret == 0)
        {
            var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
            var myLsaus = new LSA_ENUMERATION_INFORMATION();
            for (ulong i = 0; i < count; i++)
            {
                var itemAddr = new IntPtr(buffer.ToInt64() + (long)(i * (ulong)Marshal.SizeOf(myLsaus)));
                LsaInfo[i] =
                    (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
                var SID = new SecurityIdentifier(LsaInfo[i].PSid);
                Accounts.Add(ResolveAccountName(SID));
            }

            try
            {
                return(IsWindowsAuthorised(username, ref windowsAuthorised, Accounts));
            }
            catch (Exception)
            {
                var localGroups  = GetLocalUserGroupsForTaskSchedule(username);
                var intersection = localGroups.Intersect(Accounts);
                return(intersection.Any(s => !s.Equals(Environment.MachineName + "\\" + username, StringComparison.InvariantCultureIgnoreCase)));
            }
        }

        return(false);
    }
Ejemplo n.º 8
0
            /// <summary>
            /// Reads the user accounts which have the specific privilege
            /// </summary>
            /// <param name="Privilege">The name of the privilege for which the accounts with this right should be enumerated</param>
            public List <String> ReadPrivilege(string Privilege)
            {
                LSA_UNICODE_STRING[] privileges = new LSA_UNICODE_STRING[1];
                privileges[0] = InitLsaString(Privilege);
                IntPtr        buffer;
                int           count    = 0;
                uint          ret      = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out buffer, out count);
                List <String> Accounts = new List <String>();

                if (ret == 0)
                {
                    LSA_ENUMERATION_INFORMATION[] LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
                    for (int i = 0, elemOffs = (int)buffer; i < count; i++)
                    {
                        LsaInfo[i] = (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure((IntPtr)elemOffs, typeof(LSA_ENUMERATION_INFORMATION));
                        elemOffs  += Marshal.SizeOf(typeof(LSA_ENUMERATION_INFORMATION));
                        SecurityIdentifier SID = new SecurityIdentifier(LsaInfo[i].PSid);
                        Accounts.Add(SID.ToString());
                    }
                    return(Accounts);
                }
                TestReturnValue(ret);
                return(Accounts);
            }
Ejemplo n.º 9
0
    private IEnumerable<string> FetchSchedulerGroups()
    {
        var privileges = new LSA_UNICODE_STRING[1];
        privileges[0] = InitLsaString("SeBatchLogonRight");
        IntPtr buffer;
        ulong count;
        uint ret = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out buffer, out count);
        var accounts = new List<String>();

        if (ret == 0)
        {
            var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
            LSA_ENUMERATION_INFORMATION myLsaus = new LSA_ENUMERATION_INFORMATION();
            for (ulong i = 0; i < count; i++)
            {
                IntPtr itemAddr = new IntPtr(buffer.ToInt64() + (long)(i * (ulong)Marshal.SizeOf(myLsaus)));

                LsaInfo[i] =
                    (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure(itemAddr, myLsaus.GetType());                
                var SID = new SecurityIdentifier(LsaInfo[i].PSid);
                accounts.Add(ResolveAccountName(SID));
            }
        }

        return accounts;
    }
Ejemplo n.º 10
0
    public bool IsWindowsAuthorised(string privilege, string userName)
    {
        bool windowsAuthorised = false;

        userName = CleanUser(userName);
        var privileges = new LSA_UNICODE_STRING[1];
        privileges[0] = InitLsaString(privilege);
        IntPtr buffer;
        ulong count;
        uint ret = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out buffer, out count);
        var Accounts = new List<String>();

        if (ret == 0)
        {
            var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
            LSA_ENUMERATION_INFORMATION myLsaus = new LSA_ENUMERATION_INFORMATION();
            for (ulong i = 0; i < count; i++)
            {
                IntPtr itemAddr = new IntPtr(buffer.ToInt64() + (long)(i * (ulong)Marshal.SizeOf(myLsaus)));

                LsaInfo[i] =
                    (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
                var SID = new SecurityIdentifier(LsaInfo[i].PSid);
                Accounts.Add(ResolveAccountName(SID));
            }

            try
            {
                var wp = new WindowsPrincipal(new WindowsIdentity(userName));

                foreach (string account in Accounts)
                {
                    if (wp.IsInRole(account))
                    {
                        windowsAuthorised = true;
                    }
                }

                return windowsAuthorised;
            }
            catch (Exception)
            {
                var localGroups = GetLocalUserGroupsForTaskSchedule(userName);

                var intersection = localGroups.Intersect(Accounts);

                return intersection.Any();

            }
        }

        return false;
    }
Ejemplo n.º 11
0
    private IEnumerable<string> FetchSchedulerGroups()
    {
        var privileges = new LSA_UNICODE_STRING[1];
        privileges[0] = InitLsaString("SeBatchLogonRight");
        IntPtr buffer;
        int count;
        uint ret = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out buffer, out count);
        var accounts = new List<String>();

        if (ret == 0)
        {
            var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
            for (int i = 0, elemOffs = (int)buffer; i < count; i++)
            {
                LsaInfo[i] =
                    (LSA_ENUMERATION_INFORMATION)
                    Marshal.PtrToStructure((IntPtr)elemOffs, typeof(LSA_ENUMERATION_INFORMATION));
                elemOffs += Marshal.SizeOf(typeof(LSA_ENUMERATION_INFORMATION));
                var SID = new SecurityIdentifier(LsaInfo[i].PSid);
                accounts.Add(ResolveAccountName(SID));
            }
        }

        return accounts;
    }
        public static void GetUserRightsAssignment()
        {
            IntPtr handle;

            // Null name gets local machine
            string name = null;
            LSA_OBJECT_ATTRIBUTES objAttrib = default(LSA_OBJECT_ATTRIBUTES);

            // Permissions necessary to enumerate accounts
            const uint POLICY_LOOKUP_NAMES           = 0x00000800;
            const uint POLICY_VIEW_LOCAL_INFORMATION = 0x00000001;

            // Get handle to local policies, returns zero on success
            if (WinAPI.LsaOpenPolicy(ref name, ref objAttrib, POLICY_LOOKUP_NAMES | POLICY_VIEW_LOCAL_INFORMATION, out handle) != 0)
            {
                return;                                                                                                                      //987135
            }
            // For each scored definition, retrieve details for them
            foreach (UserRightsDefinition definition in SectionUserRights.UserRightsDefinitions)
            {
                // Get unicode string from constant name
                LSA_UNICODE_STRING privileges = new LSA_UNICODE_STRING(definition.ConstantName);

                // Create managed "pointer" to string as function takes pointer to unicode string
                LSA_UNICODE_STRING[] pointer = new LSA_UNICODE_STRING[1];
                pointer[0] = privileges;

                const uint STATUS_NO_MORE_ENTRIES = 0x8000001a;

                IntPtr buffer;
                int    count;
                uint   ret = WinAPI.LsaEnumerateAccountsWithUserRight(handle, pointer, out buffer, out count);

                List <SecurityIdentifier> identifiers = new List <SecurityIdentifier>();

                // Returns 0 on success
                if (ret == 0)
                {
                    IntPtr current = buffer;
                    // For every index of identifiers
                    for (int i = 0; i < count; i++)
                    {
                        // Get information from pointer
                        LSA_ENUMERATION_INFORMATION identifierInfo = Marshal.PtrToStructure <LSA_ENUMERATION_INFORMATION>(current);

                        // Get SID from information
                        SecurityIdentifier identifier = new SecurityIdentifier(identifierInfo.PSid);

                        // Add identifier to list
                        identifiers.Add(identifier);

                        // Add size of object to pointer to get next element of unmanaged array
                        current += Marshal.SizeOf(typeof(LSA_ENUMERATION_INFORMATION));
                    }

                    // Free memory
                    WinAPI.LsaFreeMemory(buffer);
                }
                // If this value is returned, there are no users with the specified privilege.
                // If this is not the value returned, it's some other issue. Just skip
                else if (ret != STATUS_NO_MORE_ENTRIES)
                {
                    continue;
                }

                if (Settings.LocalPolicies.UserRightsAssignment.UserRightsSetting.ContainsKey(definition.ConstantName))
                {
                    Settings.LocalPolicies.UserRightsAssignment.UserRightsSetting[definition.ConstantName] = identifiers;
                }
                else
                {
                    Settings.LocalPolicies.UserRightsAssignment.UserRightsSetting.Add(definition.ConstantName, identifiers);
                }
            }

            // Close handle
            WinAPI.LsaClose(handle);
        }
Ejemplo n.º 13
0
        // Lists account with a privilege
        public IList <string> GetAccountsWithRight(string privilegeName)
        {
            LSA_UNICODE_STRING[] privileges = new LSA_UNICODE_STRING[1];
            privileges[0] = InitLsaString(privilegeName);
            IntPtr                enumerationBuffer = IntPtr.Zero;
            long                  countReturned     = 0;
            IList <string>        accountNames      = new List <string>();
            long                  winErrorCode      = 0;
            string                errorMessage      = string.Empty;
            string                theAccountName    = string.Empty;
            IntPtr                sid              = IntPtr.Zero;
            LSA_UNICODE_STRING    systemName       = new LSA_UNICODE_STRING();
            IntPtr                policyHandle     = IntPtr.Zero;
            LSA_OBJECT_ATTRIBUTES objectAttributes = CreateLSAObject();

            uint resultPolicy = LsaOpenPolicy(ref systemName, ref objectAttributes, Access, out policyHandle);

            winErrorCode = LsaNtStatusToWinError(resultPolicy);

            if (winErrorCode != 0)
            {
                errorMessage = string.Format("OpenPolicy failed: {0} ", winErrorCode);
            }
            else
            {
                LSA_UNICODE_STRING[] userRights = new LSA_UNICODE_STRING[1];
                uint res = LsaEnumerateAccountsWithUserRight(policyHandle, privileges, out enumerationBuffer, out countReturned);
                winErrorCode = LsaNtStatusToWinError(res);
                if (winErrorCode != 0)
                {
                    errorMessage = string.Format("LsaEnumerateAccountsWithUserRight failed: {0}", winErrorCode);
                }
                LsaClose(policyHandle);
            }

            if (winErrorCode > 0)
            {
                switch (winErrorCode)
                {
                case 1313:
                    errorMessage = "Specified privilege does not exist. (1313)";
                    break;

                case 259:
                    errorMessage = "No accounts found. (259)";
                    break;

                default:
                    ;
                    break;
                }
                throw new ApplicationException(string.Format("Failed to enumerate accounts - Error: {0}", errorMessage));
            }
            else
            {
                LSA_ENUMERATION_INFORMATION[] LsaInfo = new LSA_ENUMERATION_INFORMATION[countReturned];
                for (long i = 0, elemOffs = (Int64)enumerationBuffer; i < countReturned; i++)
                {
                    LsaInfo[i] = (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure(
                        (IntPtr)elemOffs, typeof(LSA_ENUMERATION_INFORMATION));
                    elemOffs += Marshal.SizeOf(typeof(LSA_ENUMERATION_INFORMATION));
                }
                // Do something with LsaInfo here
                for (long i = 0; i < countReturned; i++)
                {
                    try
                    {
                        theAccountName = (new SecurityIdentifier(LsaInfo[i].PSid)).Translate(typeof(NTAccount)).ToString();
                    }
                    catch (System.Security.Principal.IdentityNotMappedException)
                    {
                        theAccountName = (new SecurityIdentifier(LsaInfo[i].PSid)).ToString();
                    }
                    accountNames.Add(theAccountName);
                }
                return(accountNames);
            }
        }