public static extern bool AllocateAndInitializeSid(
ref SidIdentifierAuthority pIdentifierAuthority,
byte nSubAuthorityCount,
int dwSubAuthority0, int dwSubAuthority1,
int dwSubAuthority2, int dwSubAuthority3,
int dwSubAuthority4, int dwSubAuthority5,
int dwSubAuthority6, int dwSubAuthority7,
out IntPtr pSid);
public static extern bool AllocateAndInitializeSid(
ref SidIdentifierAuthority pIdentifierAuthority,
byte nSubAuthorityCount,
int dwSubAuthority0, int dwSubAuthority1,
int dwSubAuthority2, int dwSubAuthority3,
int dwSubAuthority4, int dwSubAuthority5,
int dwSubAuthority6, int dwSubAuthority7,
out IntPtr pSid);
internal static void ElevateSelf(bool processCreated)
{
try {
var ntAuth = new SidIdentifierAuthority();
ntAuth.Value = new byte[] { 0, 0, 0, 0, 0, 5 };
var psid = IntPtr.Zero;
bool isAdmin;
if (AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin)
{
return; // yes, we're an elevated admin
}
} catch {
// :) Seems that we need to elevate?
}
if (!processCreated)
{
// we're not an admin I guess.
try {
var process = new Process {
StartInfo =
{
UseShellExecute = true,
WorkingDirectory = Environment.CurrentDirectory,
FileName = Assembly.GetEntryAssembly().Location,
Verb = "runas",
Arguments = Environment.GetCommandLineArgs().Skip(1).Aggregate(string.Empty, (current, each) => current + " \"" + each + "\"").Trim() + " __EPM1__",
ErrorDialog = true,
ErrorDialogParentHandle = GetForegroundWindow(),
WindowStyle = ProcessWindowStyle.Maximized,
}
};
if (!process.Start())
{
throw new Exception();
}
// since we want the parent process to be able to wait for this, we'll wait for the child process.
while (ParentIsRunning && !process.WaitForExit(100))
{
Thread.Sleep(100);
}
} catch {
// nWindow.Fail(LocalizedMessage.IDS_REQUIRES_ADMIN_RIGHTS, "The installer requires administrator permissions.");
}
}
// we should have elevated, or failed to. either way, GTFO.
Environment.Exit(0);
}
public static extern bool AllocateAndInitializeSid(
[System.Runtime.InteropServices.InAttribute()]
ref SidIdentifierAuthority pIdentifierAuthority,
byte nSubAuthorityCount,
uint nSubAuthority0,
uint nSubAuthority1,
uint nSubAuthority2,
uint nSubAuthority3,
uint nSubAuthority4,
uint nSubAuthority5,
uint nSubAuthority6,
uint nSubAuthority7,
out System.IntPtr pSid);
public static void ElevateSelf(bool waitForParentAndChild = false, string replacementCmdLineArguments = null, bool rejoinConsole = false, string replacementExeName = null)
{
try {
var ntAuth = new SidIdentifierAuthority {
Value = new byte[] {
0, 0, 0, 0, 0, 5
}
};
var psid = IntPtr.Zero;
bool isAdmin;
if (Advapi32.AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && Advapi32.CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin)
{
return; // yes, we're an elevated admin
}
} catch {
// :) Seems that we need to elevate?
}
var process = new System.Diagnostics.Process {
StartInfo =
{
UseShellExecute = true,
WorkingDirectory = Environment.CurrentDirectory,
FileName = replacementExeName ?? CorrectedExeName,
Verb = "runas",
Arguments = replacementCmdLineArguments ?? EnvironmentUtility.CommandLineArguments,
ErrorDialog = true,
ErrorDialogParentHandle = User32.GetForegroundWindow(),
// WindowStyle = ProcessWindowStyle.Maximized, // TODO: uh, what was this here for?
}
};
if (!process.Start())
{
throw new ClrPlusException("Unable to start process for elevation.");
}
while ((waitForParentAndChild || rejoinConsole) && ParentIsRunning && !process.WaitForExit(50))
{
}
// we should have elevated, or failed to. either way, we're done here..
Environment.Exit(0);
}
public static void ElevateSelf(bool waitForParentAndChild = false, string replacementCmdLineArguments = null, bool rejoinConsole = false, string replacementExeName = null)
{
try {
var ntAuth = new SidIdentifierAuthority {
Value = new byte[] {
0, 0, 0, 0, 0, 5
}
};
var psid = IntPtr.Zero;
bool isAdmin;
if (Advapi32.AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && Advapi32.CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin) {
return; // yes, we're an elevated admin
}
} catch {
// :) Seems that we need to elevate?
}
var process = new System.Diagnostics.Process {
StartInfo = {
UseShellExecute = true,
WorkingDirectory = Environment.CurrentDirectory,
FileName = replacementExeName ?? CorrectedExeName,
Verb = "runas",
Arguments = replacementCmdLineArguments ?? EnvironmentUtility.CommandLineArguments,
ErrorDialog = true,
ErrorDialogParentHandle = User32.GetForegroundWindow(),
// WindowStyle = ProcessWindowStyle.Maximized, // TODO: uh, what was this here for?
}
};
if (!process.Start()) {
throw new ClrPlusException("Unable to start process for elevation.");
}
while ((waitForParentAndChild || rejoinConsole) && ParentIsRunning && !process.WaitForExit(50)) {
}
// we should have elevated, or failed to. either way, we're done here..
Environment.Exit(0);
}
internal static void ElevateSelf(string args)
{
try {
var ntAuth = new SidIdentifierAuthority();
ntAuth.Value = new byte[] { 0, 0, 0, 0, 0, 5 };
var psid = IntPtr.Zero;
bool isAdmin;
if (AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin)
{
return; // yes, we're an elevated admin
}
}
catch {
// :)
}
// we're not an admin I guess.
try {
new Process {
StartInfo =
{
UseShellExecute = true,
WorkingDirectory = Environment.CurrentDirectory,
FileName = ExeName,
Verb = "runas",
Arguments = args,
ErrorDialog = true,
ErrorDialogParentHandle = GetForegroundWindow(),
WindowStyle = ProcessWindowStyle.Maximized,
}
}.Start();
Environment.Exit(0); // since this didn't throw, we know the kids got off to school ok. :)
}
catch {
Fail("This tool requires administrator permissions.");
Environment.Exit(1);
}
}
internal static void ElevateSelf(string args) {
try {
var ntAuth = new SidIdentifierAuthority();
ntAuth.Value = new byte[] { 0, 0, 0, 0, 0, 5 };
var psid = IntPtr.Zero;
bool isAdmin;
if (AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin) {
return; // yes, we're an elevated admin
}
} catch {
// :)
}
// we're not an admin I guess.
try {
new Process {
StartInfo = {
UseShellExecute = true,
WorkingDirectory = Environment.CurrentDirectory,
FileName = ExeName,
Verb = "runas",
Arguments = args,
ErrorDialog = true,
ErrorDialogParentHandle = GetForegroundWindow(),
WindowStyle = ProcessWindowStyle.Maximized,
}
}.Start();
Environment.Exit(0); // since this didn't throw, we know the kids got off to school ok. :)
} catch {
MainWindow.Fail(LocalizedMessage.IDS_REQUIRES_ADMIN_RIGHTS, "The installer requires administrator permissions.");
}
}
public static bool SDHasAC(string sddl)
{
SidIdentifierAuthority authority = new SidIdentifierAuthority(SecurityAuthority.Package);
return(SDHasAllowedAce(sddl, false, ace => ace.Sid.Authority.Equals(authority)));
}
public void _createSecuritydesc()
{
byte[] SECURITY_WORLD_SID_AUTHORITY = new byte[6] {
0, 0, 0, 0, 0, 1
};
SidIdentifierAuthority NtAuthority = new SidIdentifierAuthority();
NtAuthority.Value = SECURITY_WORLD_SID_AUTHORITY;
IntPtr AuthenticatedUsersSid = IntPtr.Zero;
//const int AuthenticatedUser = 11;
const int SECURITY_WORLD_RID = 0;
// Get the SID for the Authenticated Uses group
if (!NativeMethods.AllocateAndInitializeSid(ref NtAuthority,
1,
SECURITY_WORLD_RID,
0, 0, 0, 0, 0, 0, 0,
out AuthenticatedUsersSid))
{
NativeMethods.FreeSid(AuthenticatedUsersSid);
throw new Win32Exception("Failed to AllocateAndInitializeSid");
}
// Remember to free the SID when you are done
//NativeMethods.FreeSid(AuthenticatedUsersSid);
IntPtr SPECIFIC_RIGHTS_ALL = (IntPtr)0x0000FFFF;
IntPtr STANDARD_RIGHTS_ALL = (IntPtr)0x001F0000;
IntPtr SPECIFIC_N_STANDARD_RIGHTS_ALL = (IntPtr)0x001FFFFF;
uint SET_ACCESS = 2;
EXPLICIT_ACCESS ea = new EXPLICIT_ACCESS();
ea.grfAccessPermissions = (uint)RightFlags.SPECIFIC_N_STANDARD_RIGHTS_ALL;
//(uint)SPECIFIC_N_STANDARD_RIGHTS_ALL;
ea.grfAccessMode = SET_ACCESS;
ea.grfInheritance = 0; //NO_INHERITANCE
ea.Trustee.TrusteeForm = TRUSTEE_FORM.TRUSTEE_IS_SID; //TRUSTEE_IS_SID
ea.Trustee.TrusteeType = TRUSTEE_TYPE.TRUSTEE_IS_WELL_KNOWN_GROUP; //TRUSTEE_IS_WELL_KNOWN_GROUP
ea.Trustee.ptstrName = AuthenticatedUsersSid;
IntPtr NewAclPointer = IntPtr.Zero;
_ACL NewAcl = new _ACL();
// Marshal.StructureToPtr(NewAcl, NewAclPointer, true);
int dwRes = NativeMethods.SetEntriesInAcl(1, ref ea, IntPtr.Zero, out NewAclPointer);
if (dwRes != 0)
{
throw new Win32Exception("Failed to SetEntriesInAcl");
}
SECURITY_DESCRIPTOR sec = new SECURITY_DESCRIPTOR();
Marshal.SizeOf(sec);
IntPtr pSDlocalAlloc = NativeMethods.LocalAlloc((uint)LMEMFlags.LMEM_FIXED_N_ZEROINIT, (UIntPtr)Marshal.SizeOf(sec));
//Marshal.PtrToStructure(pSDlocalAlloc, sec);
if (pSDlocalAlloc == IntPtr.Zero || pSDlocalAlloc == null)
{
throw new Win32Exception("Failed to localAlloc");
}
if (!NativeMethods.InitializeSecurityDescriptor(out sec, 1))
{
throw new Win32Exception("Failed to InitializeSecurityDescriptor");
}
if (!NativeMethods.SetSecurityDescriptorDacl(ref sec, true, NewAclPointer, false))
{
throw new Win32Exception("Failed to SetSecurityDescriptorDacl");
}
//byte[] src = getBytes(sec);
//IntPtr dest = Marshal.AllocHGlobal(src.Length);
//Marshal.Copy(src, 0, dest, src.Length);
//sa.bInheritHandle = 0;
//sa.nLength = Marshal.SizeOf(sa);
//sa.lpSecurityDescriptor = dest;
//Marshal.FreeHGlobal(dest);
//--------------------
//byte[] src = getBytes(sec);
//IntPtr dest = Marshal.AllocHGlobal(src.Length);
//Marshal.Copy(src, 0, dest, src.Length);
//gay1
Marshal.StructureToPtr(sec, pSDlocalAlloc, true);
sa.bInheritHandle = 0;
sa.nLength = (uint)Marshal.SizeOf(sa); // its 24 or 816 (8x100 +8(int) +8(int))
sa.lpSecurityDescriptor = pSDlocalAlloc; // dest;//0x00000193dc8f7420
//gay1 end
//Marshal.FreeHGlobal(dest);
//sa.lpSecurityDescriptor = getBytes(sa);
//Serialize();
// Marshal.by(gay, SECURITY_ATTRIBUTES);
NativeMethods.FreeSid(AuthenticatedUsersSid);
NativeMethods.LocalFree(pSDlocalAlloc);
}
internal static void ElevateSelf(bool processCreated)
{
try {
var ntAuth = new SidIdentifierAuthority();
ntAuth.Value = new byte[] {0, 0, 0, 0, 0, 5};
var psid = IntPtr.Zero;
bool isAdmin;
if (AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin) {
return; // yes, we're an elevated admin
}
} catch {
// :) Seems that we need to elevate?
}
if (!processCreated) {
// we're not an admin I guess.
try {
var process = new Process {
StartInfo = {
UseShellExecute = true,
WorkingDirectory = Environment.CurrentDirectory,
FileName = Assembly.GetEntryAssembly().Location,
Verb = "runas",
Arguments = Environment.GetCommandLineArgs().Skip(1).Aggregate(string.Empty, (current, each) => current + " \"" + each + "\"").Trim() + " __EPM1__",
ErrorDialog = true,
ErrorDialogParentHandle = GetForegroundWindow(),
WindowStyle = ProcessWindowStyle.Maximized,
}
};
if (!process.Start()) {
throw new Exception();
}
// since we want the parent process to be able to wait for this, we'll wait for the child process.
while( ParentIsRunning && !process.WaitForExit(100) ) {
Thread.Sleep(100);
}
} catch {
// nWindow.Fail(LocalizedMessage.IDS_REQUIRES_ADMIN_RIGHTS, "The installer requires administrator permissions.");
}
}
// we should have elevated, or failed to. either way, GTFO.
Environment.Exit(0);
}
