Example #1
0
 private protected LsaObject(SafeLsaHandle handle, AccessMask granted_access, string type_name, string object_name)
 {
     _handle         = handle;
     _granted_access = granted_access;
     NtType          = NtType.GetTypeByName(type_name);
     ObjectName      = object_name;
 }
Example #2
0
        private LsaSecurityAccessRights GetSystemAccess(SafeLsaHandle hAcct)
        {
            int rights;

            ThrowIfLsaError(LsaGetSystemAccessAccount(hAcct, out rights));
            return((LsaSecurityAccessRights)rights);
        }
Example #3
0
        internal static NtStatus RemoveAccountRights(string system_name, Sid sid, bool remove_all, IEnumerable <string> account_rights, bool throw_on_error)
        {
            if (sid is null)
            {
                throw new ArgumentNullException(nameof(sid));
            }

            if (account_rights is null)
            {
                throw new ArgumentNullException(nameof(account_rights));
            }

            var rights = account_rights.Select(s => new UnicodeStringIn(s)).ToArray();

            if (!account_rights.Any())
            {
                return(NtStatus.STATUS_SUCCESS);
            }

            using (var policy = SafeLsaHandle.OpenPolicy(system_name, LsaPolicyAccessRights.LookupNames, throw_on_error))
            {
                if (!policy.IsSuccess)
                {
                    return(policy.Status);
                }
                using (var sid_buffer = sid.ToSafeBuffer())
                {
                    return(SecurityNativeMethods.LsaRemoveAccountRights(policy.Result,
                                                                        sid_buffer, remove_all, rights, rights.Length).ToNtException(throw_on_error));
                }
            }
        }
Example #4
0
 internal LsaTrustedDomain(SafeLsaHandle handle, LsaTrustedDomainAccessRights granted_access, string name, Sid sid, LsaTrustedDomainInformation domain_info, string system_name)
     : base(handle, granted_access, LsaPolicyUtils.LSA_TRUSTED_DOMAIN_NT_TYPE_NAME, $"LSA Trusted Domain ({(name ?? domain_info.Name)})", system_name)
 {
     _domain_info = domain_info;
     Sid          = sid ?? domain_info.Sid;
     Name         = name ?? domain_info.Name;
 }
Example #5
0
        private static NtResult <IEnumerable <SidName> > LookupSids2(string system_name, Sid[] sids, LsaLookupOptions options, bool throw_on_error)
        {
            using (var policy = SafeLsaHandle.OpenPolicy(system_name, Policy.LsaPolicyAccessRights.LookupNames, throw_on_error))
            {
                if (!policy.IsSuccess)
                {
                    return(policy.Cast <IEnumerable <SidName> >());
                }

                using (var list = new DisposableList())
                {
                    var sid_ptrs = sids.Select(s => list.AddSid(s).DangerousGetHandle()).ToArray();
                    var status   = SecurityNativeMethods.LsaLookupSids2(policy.Result, options, sid_ptrs.Length, sid_ptrs,
                                                                        out SafeLsaMemoryBuffer domains, out SafeLsaMemoryBuffer names);
                    if (!status.IsSuccess())
                    {
                        if (status == NtStatus.STATUS_NONE_MAPPED)
                        {
                            list.Add(domains);
                            list.Add(names);
                        }
                        return(status.CreateResultFromError <IEnumerable <SidName> >(throw_on_error));
                    }

                    return(GetSidNames(sids, domains, names).CreateResult());
                }
            }
        }
Example #6
0
 internal static extern NtStatus LsaQuerySecret(
     SafeLsaHandle SecretHandle,
     out SafeLsaMemoryBuffer CurrentValue,
     LargeInteger CurrentValueSetTime,
     out SafeLsaMemoryBuffer OldValue,
     LargeInteger OldValueSetTime
     );
Example #7
0
 internal static extern NtStatus LsaEnumerateAccounts(
     SafeLsaHandle PolicyHandle,
     ref int EnumerationContext,
     out SafeLsaMemoryBuffer EnumerationBuffer, // PLSAPR_ACCOUNT_INFORMATION
     int PreferedMaximumLength,
     out int EntriesRead
     );
Example #8
0
        /// <summary>
        /// Retried LSA privilege data.
        /// </summary>
        /// <param name="system_name">The system containing the LSA instance.</param>
        /// <param name="keyname">The name of the key.</param>
        /// <param name="throw_on_error">True to throw on error.</param>
        /// <returns>The private data as bytes.</returns>
        public static NtResult <byte[]> LsaRetrievePrivateData(string system_name, string keyname, bool throw_on_error)
        {
            if (keyname is null)
            {
                throw new ArgumentNullException(nameof(keyname));
            }

            using (var policy = SafeLsaHandle.OpenPolicy(system_name, Policy.LsaPolicyAccessRights.GetPrivateInformation, throw_on_error))
            {
                if (!policy.IsSuccess)
                {
                    return(policy.Cast <byte[]>());
                }
                NtStatus status = SecurityNativeMethods.LsaRetrievePrivateData(policy.Result,
                                                                               new UnicodeString(keyname), out SafeLsaMemoryBuffer data);
                if (!status.IsSuccess())
                {
                    return(status.CreateResultFromError <byte[]>(throw_on_error));
                }
                using (data)
                {
                    data.Initialize <UnicodeStringOut>(1);
                    return(data.Read <UnicodeStringOut>(0).ToArray().CreateResult());
                }
            }
        }
Example #9
0
 internal static extern NtStatus LsaEnumerateTrustedDomainsEx(
     SafeLsaHandle PolicyHandle,
     ref int EnumerationContext,
     out SafeLsaMemoryBuffer Buffer,
     int PreferedMaximumLength,
     out int CountReturned
     );
Example #10
0
 internal static extern NtStatus LsaLookupSids(
     SafeLsaHandle PolicyHandle,
     int Count,
     IntPtr[] Sids,
     out SafeLsaMemoryBuffer ReferencedDomains,
     out SafeLsaMemoryBuffer Names
     );
Example #11
0
 internal static extern NtStatus LsaRemoveAccountRights(
     SafeLsaHandle PolicyHandle,
     SafeSidBufferHandle AccountSid,
     [MarshalAs(UnmanagedType.U1)] bool AllRights,
     [In] UnicodeStringIn[] UserRights,
     int CountOfRights
     );
Example #12
0
 internal static extern NtStatus LsaLookupNames2(
     SafeLsaHandle PolicyHandle,
     LsaLookupNameOptionFlags Flags,
     int Count,
     UnicodeStringIn[] Names,
     out SafeLsaMemoryBuffer ReferencedDomains,
     out SafeLsaMemoryBuffer Sids // PLSA_TRANSLATED_SID
     );
Example #13
0
 private static IEnumerable <AccountRight> ParseRights(SafeLsaHandle policy, string system_name, SafeLsaMemoryBuffer buffer, int count)
 {
     using (buffer) {
         buffer.Initialize <UnicodeStringOut>((uint)count);
         UnicodeStringOut[] ss = new UnicodeStringOut[count];
         buffer.ReadArray(0, ss, 0, count);
         return(ss.Select(s => new AccountRight(system_name, s.ToString(),
                                                GetSids(policy, s.ToString(), false).GetResultOrDefault())).ToList());
     }
 }
Example #14
0
 internal static NtResult <List <Sid> > GetSids(string system_name, string name, bool throw_on_error)
 {
     using (var policy = SafeLsaHandle.OpenPolicy(system_name, LsaPolicyAccessRights.GenericExecute, throw_on_error)) {
         if (!policy.IsSuccess)
         {
             return(policy.Cast <List <Sid> >());
         }
         return(GetSids(policy.Result, name, throw_on_error));
     }
 }
Example #15
0
 internal static extern int LsaLogonUser(
     [In]  SafeLsaHandle LsaHandle,
     [In]  ref LSA_STRING OriginName,
     [In]  SECURITY_LOGON_TYPE LogonType,
     [In]  int AuthenticationPackage,
     [In]  IntPtr AuthenticationInformation,
     [In]  int AuthenticationInformationLength,
     [In]  IntPtr LocalGroups,
     [In]  ref TOKEN_SOURCE SourceContext,
     [Out] out SafeLsaReturnBufferHandle ProfileBuffer,
     [Out] out int ProfileBufferLength,
     [Out] out LUID LogonId,
     [Out] out SafeAccessTokenHandle Token,
     [Out] out QUOTA_LIMITS Quotas,
     [Out] out int SubStatus
     );
Example #16
0
        private static NtResult <List <Sid> > GetSids(SafeLsaHandle policy, string name, bool throw_on_error)
        {
            if (name is null)
            {
                throw new ArgumentNullException(nameof(name));
            }

            NtStatus status = SecurityNativeMethods.LsaEnumerateAccountsWithUserRight(policy, new UnicodeString(name),
                                                                                      out SafeLsaMemoryBuffer buffer, out int count);

            if (status == NtStatus.STATUS_NO_MORE_ENTRIES)
            {
                return(new List <Sid>().CreateResult());
            }
            return(status.CreateResult(throw_on_error, () => ParseSids(buffer, count)));
        }
Example #17
0
 private static int LookupAuthenticationPackage(SafeLsaHandle lsaHandle, string packageName)
 {
     Debug.Assert(!string.IsNullOrEmpty(packageName));
     unsafe
     {
         int packageId;
         byte[] asciiPackageName = Encoding.ASCII.GetBytes(packageName);
         fixed (byte* pAsciiPackageName = &asciiPackageName[0])
         {
             LSA_STRING lsaPackageName = new LSA_STRING((IntPtr)pAsciiPackageName, checked((ushort)(asciiPackageName.Length)));
             int ntStatus = Interop.SspiCli.LsaLookupAuthenticationPackage(lsaHandle, ref lsaPackageName, out packageId);
             if (ntStatus < 0) // non-negative numbers indicate success
                 throw GetExceptionFromNtStatus(ntStatus);
         }
         return packageId;
     }
 }
Example #18
0
        internal static NtResult <IEnumerable <AccountRight> > GetAccountRights(string system_name, Sid sid, bool throw_on_error)
        {
            if (sid is null)
            {
                throw new ArgumentNullException(nameof(sid));
            }

            using (var policy = SafeLsaHandle.OpenPolicy(system_name, LsaPolicyAccessRights.GenericExecute, throw_on_error)) {
                if (!policy.IsSuccess)
                {
                    return(policy.Cast <IEnumerable <AccountRight> >());
                }
                using (var sid_buffer = sid.ToSafeBuffer()) {
                    return(SecurityNativeMethods.LsaEnumerateAccountRights(policy.Result, sid_buffer,
                                                                           out SafeLsaMemoryBuffer buffer, out int count)
                           .CreateResult(throw_on_error, () => ParseRights(policy.Result, system_name, buffer, count)));
                }
            }
        }
Example #19
0
        private static NtStatus LsaStorePrivateDataInternal(string system_name, string keyname, byte[] data, bool throw_on_error)
        {
            if (keyname is null)
            {
                throw new ArgumentNullException(nameof(keyname));
            }

            using (var policy = SafeLsaHandle.OpenPolicy(system_name, Policy.LsaPolicyAccessRights.CreateSecret, throw_on_error))
            {
                if (!policy.IsSuccess)
                {
                    return(policy.Status);
                }

                using (var data_buffer = data == null ? UnicodeStringBytesSafeBuffer.Null : new UnicodeStringBytesSafeBuffer(data))
                {
                    return(SecurityNativeMethods.LsaStorePrivateData(policy.Result, new UnicodeString(keyname), data_buffer));
                }
            }
        }
Example #20
0
 internal static extern NtStatus LsaDeleteObject(
     SafeLsaHandle ObjectHandle
     );
Example #21
0
 internal static extern NtStatus LsaQueryTrustedDomainInfoByName(
     SafeLsaHandle PolicyHandle,
     UnicodeString TrustedDomainName,
     TRUSTED_INFORMATION_CLASS InformationClass,
     out SafeLsaMemoryBuffer Buffer
     );
Example #22
0
 internal static extern NtStatus LsaQueryTrustedDomainInfo(
     SafeLsaHandle PolicyHandle,
     SafeSidBufferHandle TrustedDomainSid,
     TRUSTED_INFORMATION_CLASS InformationClass,
     out SafeLsaMemoryBuffer Buffer
     );
Example #23
0
 internal static extern NtStatus LsaQueryInfoTrustedDomain(
     SafeLsaHandle TrustedDomainHandle,
     TRUSTED_INFORMATION_CLASS InformationClass,
     out SafeLsaMemoryBuffer Buffer
     );
Example #24
0
 internal static extern NtStatus LsaOpenTrustedDomainByName(
     SafeLsaHandle PolicyHandle,
     UnicodeString TrustedDomainName,
     LsaTrustedDomainAccessRights DesiredAccess,
     out SafeLsaHandle TrustedDomainHandle
     );
Example #25
0
 internal static extern NtStatus LsaOpenTrustedDomain(
     SafeLsaHandle PolicyHandle,
     SafeSidBufferHandle TrustedDomainSid,
     LsaTrustedDomainAccessRights DesiredAccess,
     out SafeLsaHandle TrustedDomainHandle
     );
Example #26
0
 static extern NtStatus LsaLogonUser(SafeLsaHandle LsaHandle, LsaString OriginName, SecurityLogonType LogonType, uint AuthenticationPackage,
     SafeBuffer AuthenticationInformation,
     int AuthenticationInformationLength,
     IntPtr LocalGroups,
     TOKEN_SOURCE SourceContext,
     out IntPtr ProfileBuffer,
     out int ProfileBufferLength,
     out Luid LogonId,
     out SafeKernelObjectHandle Token,
     out QUOTA_LIMITS Quotas,
     out NtStatus SubStatus
 );
Example #27
0
 internal static extern NtStatus LsaEnumeratePrivilegesOfAccount(
     SafeLsaHandle AccountHandle,
     out SafeLsaMemoryBuffer Privileges // PPRIVILEGE_SET
     );
Example #28
0
 internal static extern NtStatus LsaSetSystemAccessAccount(
     SafeLsaHandle AccountHandle,
     LsaSystemAccessFlags SystemAccess
     );
Example #29
0
 internal static extern NtStatus LsaOpenAccount(
     SafeLsaHandle PolicyHandle,
     SafeSidBufferHandle AccountSid,
     LsaAccountAccessRights DesiredAccess,
     out SafeLsaHandle AccountHandle
     );
Example #30
0
 internal static extern NtStatus LsaQuerySecurityObject(
     SafeLsaHandle ObjectHandle,
     SecurityInformation SecurityInformation,
     out SafeLsaMemoryBuffer SecurityDescriptor
     );
Example #31
0
 static extern NtStatus LsaLookupAuthenticationPackage(SafeLsaHandle LsaHandle, LsaString PackageName, out uint AuthenticationPackage);
Example #32
0
 internal static extern NtStatus LsaSetSecurityObject(
     SafeLsaHandle ObjectHandle,
     SecurityInformation SecurityInformation,
     SafeBuffer SecurityDescriptor
     );
Example #33
0
 static extern NtStatus LsaConnectUntrusted(out SafeLsaHandle handle);