public static void EditSecurity(IntPtr hwnd, NtObject handle, string object_name, string typeName, bool writeable) { NtType typeInfo = NtType.GetTypeByName(typeName); Dictionary<uint, String> access = GetMaskDictionary(TypeNameToEnum(typeName)); using (SecurityInformationImpl impl = new SecurityInformationImpl(object_name, handle, access, typeInfo.GenericMapping)) { EditSecurity(hwnd, impl); } }
/// <summary> /// Constructor /// </summary> /// <param name="object_name">The object name, can be null.</param> /// <param name="attributes">The object attribute flags.</param> /// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param> /// <param name="sqos">An optional security quality of service.</param> /// <param name="security_descriptor">An optional security descriptor.</param> public ObjectAttributes(string object_name, AttributeFlags attributes, NtObject root, SecurityQualityOfService sqos, SecurityDescriptor security_descriptor) : this(object_name, attributes, root != null ? root.Handle : SafeKernelObjectHandle.Null, sqos, security_descriptor) { }
/// <summary> /// Constructor /// </summary> /// <param name="object_name">The name of the object</param> /// <param name="attributes">Attribute flags</param> /// <param name="root">A root object to lookup a relative path</param> public ObjectAttributes(string object_name, AttributeFlags attributes, NtObject root) : this(object_name, attributes, root, null, null) { }
/// <summary> /// Wait on a single object to become signalled /// </summary> /// <param name="obj">The object to wait on</param> /// <param name="alertable">Whether the thread should be alerable</param> /// <param name="timeout">The timeout to wait for</param> /// <returns>The success status of the wait, such as STATUS_WAIT_OBJECT_0 or STATUS_TIMEOUT</returns> public static NtStatus Wait(NtObject obj, bool alertable, NtWaitTimeout timeout) { return NtSystemCalls.NtWaitForSingleObject(obj.Handle, alertable, timeout.Timeout).ToNtException(); }
/// <summary> /// Constructor /// </summary> /// <param name="base_object">Base object for security descriptor</param> /// <param name="token">Token for determining user rights</param> /// <param name="is_directory">True if a directory security descriptor</param> public SecurityDescriptor(NtObject base_object, NtToken token, bool is_directory) : this() { if ((base_object == null) && (token == null)) { throw new ArgumentNullException(); } SecurityDescriptor parent_sd = null; if (base_object != null) { parent_sd = base_object.SecurityDescriptor; } SecurityDescriptor creator_sd = null; if (token != null) { creator_sd = new SecurityDescriptor(); creator_sd.Owner = new SecurityDescriptorSid(token.Owner, false); creator_sd.Group = new SecurityDescriptorSid(token.PrimaryGroup, false); creator_sd.Dacl = token.DefaultDalc; } NtType type = NtType.GetTypeByName(base_object.NtTypeName); SafeBuffer parent_sd_buffer = SafeHGlobalBuffer.Null; SafeBuffer creator_sd_buffer = SafeHGlobalBuffer.Null; SafeSecurityObjectHandle security_obj = null; try { if (parent_sd != null) { parent_sd_buffer = parent_sd.ToSafeBuffer(); } if (creator_sd != null) { creator_sd_buffer = creator_sd.ToSafeBuffer(); } GenericMapping mapping = type.GenericMapping; NtRtl.RtlNewSecurityObject(parent_sd_buffer, creator_sd_buffer, out security_obj, is_directory, token != null ? token.Handle : SafeKernelObjectHandle.Null, ref mapping).ToNtException(); ParseSecurityDescriptor(security_obj); } finally { if (parent_sd_buffer != null) { parent_sd_buffer.Close(); } if (creator_sd_buffer != null) { creator_sd_buffer.Close(); } if (security_obj != null) { security_obj.Close(); } } }
public SecurityInformationImpl(string obj_name, NtObject handle, Dictionary<uint, string> names, GenericMapping generic_mapping) { _mapping = generic_mapping; _handle = handle; _obj_name = new SafeStringBuffer(obj_name); _access_map = new SafeHGlobalBuffer(Marshal.SizeOf(typeof(SiAccess)) * names.Count); SiAccess[] sis = new SiAccess[names.Count]; IntPtr current_ptr = _access_map.DangerousGetHandle(); _names = new DisposableList<SafeStringBuffer>(); int i = 0; foreach (KeyValuePair<uint, string> pair in names) { _names.Add(new SafeStringBuffer(pair.Value)); SiAccess si = new SiAccess(); si.dwFlags = SiAccessFlags.SI_ACCESS_SPECIFIC | SiAccessFlags.SI_ACCESS_GENERAL; si.mask = pair.Key; si.pszName = _names[i].DangerousGetHandle(); sis[i] = si; i++; } _access_map.WriteArray(0, sis, 0, names.Count); }
/// <summary> /// Method to create an object from a set of object attributes. /// </summary> /// <param name="obj_attributes">The object attributes to create/open from.</param> /// <returns>The newly created object.</returns> protected override object CreateObject(ObjectAttributes obj_attributes) { return(NtObject.OpenWithType(TypeName, Path, Root, Access)); }
/// <summary> /// Try and open the directory entry and return an actual NtObject handle. /// </summary> /// <returns>The object opened.</returns> /// <exception cref="NtException">Thrown if error opening object.</exception> /// <exception cref="System.ArgumentException">Thrown if invalid typename.</exception> public NtObject ToObject() { return(NtObject.OpenWithType(TypeName, RelativePath, _base_directory, GenericAccessRights.MaximumAllowed)); }
public ZombieHandle(NtObject obj, string process_path) { _object = obj; Handle = obj.Handle.DangerousGetHandle().ToInt32(); ProcessPath = process_path; }