private string TryToGetAccountNameFromItem(accesstoken_item accesstokenItem) { var entityItem = accesstokenItem.security_principle; bool isSecurityPrincipalUndefined = ((entityItem == null) || (string.IsNullOrWhiteSpace(entityItem.Value))); return(isSecurityPrincipalUndefined ? string.Empty : entityItem.Value); }
public void FillItemTypeWithData(accesstoken_item itemTypeToFill, object collectedData) { var allCollectedAccessTokens = (List <string>)collectedData; this.SetExistentAccessTokens(itemTypeToFill, allCollectedAccessTokens); this.SetAbsentAccessTokens(itemTypeToFill); }
private void AssertGeneratedAccessTokenItem(ItemType itemToAssert, string expectedSecurityPrinciple) { accesstoken_item generatedItem = (accesstoken_item)itemToAssert; // Asserting SECURITY_PRINCIPLE item entity value Assert.IsNotNull(generatedItem.security_principle, "The entity item 'security_principle' cannot be null"); Assert.AreEqual(expectedSecurityPrinciple, generatedItem.security_principle.Value, "An entity item ('security_principle') with unexpected value was found."); }
public void Should_be_possible_to_collect_an_accesstoken_item_with_error_status() { var fakeItemWithError = new accesstoken_item() { status = StatusEnumeration.error, security_principle = new EntityItemStringType() { Value = "lfernandes" } }; var collectedItems = new AccessTokenObjectCollector().CollectDataForSystemItem(fakeItemWithError); Assert.AreEqual(StatusEnumeration.error, collectedItems.Single().ItemType.status); }
private IEnumerable <ItemType> CreateItemsToCollectFromSecurityPrincipleList(IList <string> securityPrinciples) { var itemsToCollect = new List <ItemType>(); foreach (var securityPrinciple in securityPrinciples) { var newItem = new accesstoken_item() { security_principle = OvalHelper.CreateItemEntityWithStringValue(securityPrinciple) }; itemsToCollect.Add(newItem); } return(itemsToCollect); }
private void AssertAbsentAccessTokens(accesstoken_item collectedAccessTokenItem) { this.assertAccessToken(collectedAccessTokenItem.seassignprimarytokenprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seauditprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.sebackupprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.sebatchlogonright, ABSENT); this.assertAccessToken(collectedAccessTokenItem.sechangenotifyprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.secreateglobalprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.secreatepagefileprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.secreatepermanentprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.secreatesymboliclinkprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.secreatetokenprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.sedenyinteractivelogonright, ABSENT); this.assertAccessToken(collectedAccessTokenItem.sedenynetworklogonright, ABSENT); this.assertAccessToken(collectedAccessTokenItem.sedenyservicelogonright, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seenabledelegationprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seimpersonateprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seincreasebasepriorityprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seincreasequotaprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seincreaseworkingsetprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seinteractivelogonright, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seloaddriverprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.selockmemoryprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.semachineaccountprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.semanagevolumeprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.senetworklogonright, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seprofilesingleprocessprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.serelabelprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seremoteinteractivelogonright, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seremoteshutdownprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.serestoreprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.sesecurityprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seservicelogonright, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seshutdownprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.sesyncagentprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.sesystemenvironmentprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.sesystemprofileprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.sesystemtimeprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.setakeownershipprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.setcbprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.setimezoneprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seundockprivilege, ABSENT); this.assertAccessToken(collectedAccessTokenItem.seunsolicitedinputprivilege, ABSENT); }
public void Should_be_possible_to_collect_a_simple_accesstoken_object() { var fakeItemToCollect = new accesstoken_item() { security_principle = new EntityItemStringType() { Value = "mss\\lfernandes" } }; var systemDataSource = this.CreateMockedSystemDataSource(new string[] { "SeDebugPrivilege", "SeDenyRemoteInteractiveLogonRight", "SeDenyBatchLogonRight" }.ToList(), null); var collectedItems = systemDataSource.CollectDataForSystemItem(fakeItemToCollect); this.DoBasicAssert(collectedItems, 1); var collectedAccessTokenItem = (accesstoken_item)collectedItems.Single().ItemType; Assert.AreEqual(StatusEnumeration.exists, collectedAccessTokenItem.status, "Unexpected item type status was found."); this.AssertSecurityPrincipalEntity(collectedAccessTokenItem); this.AssertExistentAccessTokens(collectedAccessTokenItem); this.AssertAbsentAccessTokens(collectedAccessTokenItem); }
public void Should_be_possible_to_create_collected_accesstoken_item_if_an_error_occurs() { var fakeItemToCollect = new accesstoken_item() { security_principle = new EntityItemStringType() { Value = "mss\\lfernandes" } }; var systemDataSource = this.CreateMockedSystemDataSource(new string[] { }.ToList(), new Exception(TEST_EXCEPTION_MESSAGE)); var collectedItems = systemDataSource.CollectDataForSystemItem(fakeItemToCollect); this.DoBasicAssert(collectedItems, 1); var collectedItem = collectedItems.Single().ItemType; Assert.AreEqual(StatusEnumeration.error, collectedItem.status); Assert.IsNotNull(collectedItem.message); Assert.IsTrue(collectedItem.message.First().Value.Contains("AccessTokenObjectCollector")); }
private void SetAbsentAccessTokens(accesstoken_item accessTokenItemType) { if (accessTokenItemType.sesecurityprivilege == null) { accessTokenItemType.sesecurityprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.sebackupprivilege == null) { accessTokenItemType.sebackupprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.serestoreprivilege == null) { accessTokenItemType.serestoreprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.sesystemtimeprivilege == null) { accessTokenItemType.sesystemtimeprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seshutdownprivilege == null) { accessTokenItemType.seshutdownprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seremoteshutdownprivilege == null) { accessTokenItemType.seremoteshutdownprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.setakeownershipprivilege == null) { accessTokenItemType.setakeownershipprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.sedebugprivilege == null) { accessTokenItemType.sedebugprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.sesystemenvironmentprivilege == null) { accessTokenItemType.sesystemenvironmentprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.sesystemprofileprivilege == null) { accessTokenItemType.sesystemprofileprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seprofilesingleprocessprivilege == null) { accessTokenItemType.seprofilesingleprocessprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seincreasebasepriorityprivilege == null) { accessTokenItemType.seincreasebasepriorityprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seloaddriverprivilege == null) { accessTokenItemType.seloaddriverprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.secreatepagefileprivilege == null) { accessTokenItemType.secreatepagefileprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seincreasequotaprivilege == null) { accessTokenItemType.seincreasequotaprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.sechangenotifyprivilege == null) { accessTokenItemType.sechangenotifyprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seundockprivilege == null) { accessTokenItemType.seundockprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.semanagevolumeprivilege == null) { accessTokenItemType.semanagevolumeprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seimpersonateprivilege == null) { accessTokenItemType.seimpersonateprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.secreateglobalprivilege == null) { accessTokenItemType.secreateglobalprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.setimezoneprivilege == null) { accessTokenItemType.setimezoneprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.secreatesymboliclinkprivilege == null) { accessTokenItemType.secreatesymboliclinkprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seinteractivelogonright == null) { accessTokenItemType.seinteractivelogonright = this.CreateFalseEntityItem(); } if (accessTokenItemType.senetworklogonright == null) { accessTokenItemType.senetworklogonright = this.CreateFalseEntityItem(); } if (accessTokenItemType.sebatchlogonright == null) { accessTokenItemType.sebatchlogonright = this.CreateFalseEntityItem(); } if (accessTokenItemType.seremoteinteractivelogonright == null) { accessTokenItemType.seremoteinteractivelogonright = this.CreateFalseEntityItem(); } if (accessTokenItemType.seassignprimarytokenprivilege == null) { accessTokenItemType.seassignprimarytokenprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seauditprivilege == null) { accessTokenItemType.seauditprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.secreatepermanentprivilege == null) { accessTokenItemType.secreatepermanentprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.secreatetokenprivilege == null) { accessTokenItemType.secreatetokenprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seenabledelegationprivilege == null) { accessTokenItemType.seenabledelegationprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seincreaseworkingsetprivilege == null) { accessTokenItemType.seincreaseworkingsetprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.selockmemoryprivilege == null) { accessTokenItemType.selockmemoryprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.semachineaccountprivilege == null) { accessTokenItemType.semachineaccountprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.serelabelprivilege == null) { accessTokenItemType.serelabelprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.sesyncagentprivilege == null) { accessTokenItemType.sesyncagentprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.setcbprivilege == null) { accessTokenItemType.setcbprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seunsolicitedinputprivilege == null) { accessTokenItemType.seunsolicitedinputprivilege = this.CreateFalseEntityItem(); } if (accessTokenItemType.seservicelogonright == null) { accessTokenItemType.seservicelogonright = this.CreateFalseEntityItem(); } if (accessTokenItemType.sedenybatchLogonright == null) { accessTokenItemType.sedenybatchLogonright = this.CreateFalseEntityItem(); } if (accessTokenItemType.sedenyinteractivelogonright == null) { accessTokenItemType.sedenyinteractivelogonright = this.CreateFalseEntityItem(); } if (accessTokenItemType.sedenynetworklogonright == null) { accessTokenItemType.sedenynetworklogonright = this.CreateFalseEntityItem(); } if (accessTokenItemType.sedenyremoteInteractivelogonright == null) { accessTokenItemType.sedenyremoteInteractivelogonright = this.CreateFalseEntityItem(); } if (accessTokenItemType.sedenyservicelogonright == null) { accessTokenItemType.sedenyservicelogonright = this.CreateFalseEntityItem(); } }
private void SetExistentAccessTokens(accesstoken_item accessTokenItemType, List <string> collectedAccessTokens) { foreach (string accessToken in collectedAccessTokens) { switch (accessToken) { case "SeSecurityPrivilege": accessTokenItemType.sesecurityprivilege = CreateTrueEntityItem(); break; case "SeBackupPrivilege": accessTokenItemType.sebackupprivilege = CreateTrueEntityItem(); break; case "SeRestorePrivilege": accessTokenItemType.serestoreprivilege = CreateTrueEntityItem(); break; case "SeSystemtimePrivilege": accessTokenItemType.sesystemtimeprivilege = CreateTrueEntityItem(); break; case "SeShutdownPrivilege": accessTokenItemType.seshutdownprivilege = CreateTrueEntityItem(); break; case "SeRemoteShutdownPrivilege": accessTokenItemType.seremoteshutdownprivilege = CreateTrueEntityItem(); break; case "SeTakeOwnershipPrivilege": accessTokenItemType.setakeownershipprivilege = CreateTrueEntityItem(); break; case "SeDebugPrivilege": accessTokenItemType.sedebugprivilege = CreateTrueEntityItem(); break; case "SeSystemEnvironmentPrivilege": accessTokenItemType.sesystemenvironmentprivilege = CreateTrueEntityItem(); break; case "SeSystemProfilePrivilege": accessTokenItemType.sesystemprofileprivilege = CreateTrueEntityItem(); break; case "SeProfileSingleProcessPrivilege": accessTokenItemType.seprofilesingleprocessprivilege = CreateTrueEntityItem(); break; case "SeIncreaseBasePriorityPrivilege": accessTokenItemType.seincreasebasepriorityprivilege = CreateTrueEntityItem(); break; case "SeLoadDriverPrivilege": accessTokenItemType.seloaddriverprivilege = CreateTrueEntityItem(); break; case "SeCreatePagefilePrivilege": accessTokenItemType.secreatepagefileprivilege = CreateTrueEntityItem(); break; case "SeIncreaseQuotaPrivilege": accessTokenItemType.seincreasequotaprivilege = CreateTrueEntityItem(); break; case "SeChangeNotifyPrivilege": accessTokenItemType.sechangenotifyprivilege = CreateTrueEntityItem(); break; case "SeUndockPrivilege": accessTokenItemType.seundockprivilege = CreateTrueEntityItem(); break; case "SeManageVolumePrivilege": accessTokenItemType.semanagevolumeprivilege = CreateTrueEntityItem(); break; case "SeImpersonatePrivilege": accessTokenItemType.seimpersonateprivilege = CreateTrueEntityItem(); break; case "SeCreateGlobalPrivilege": accessTokenItemType.secreateglobalprivilege = CreateTrueEntityItem(); break; case "SeTimeZonePrivilege": accessTokenItemType.setimezoneprivilege = CreateTrueEntityItem(); break; case "SeCreateSymbolicLinkPrivilege": accessTokenItemType.secreatesymboliclinkprivilege = CreateTrueEntityItem(); break; case "SeInteractiveLogonRight": accessTokenItemType.seinteractivelogonright = CreateTrueEntityItem(); break; case "SeNetworkLogonRight": accessTokenItemType.senetworklogonright = CreateTrueEntityItem(); break; case "SeBatchLogonRight": accessTokenItemType.sebatchlogonright = CreateTrueEntityItem(); break; case "SeRemoteInteractiveLogonRight": accessTokenItemType.seremoteinteractivelogonright = CreateTrueEntityItem(); break; case "SeAssignPrimaryTokenPrivilege": accessTokenItemType.seassignprimarytokenprivilege = CreateTrueEntityItem(); break; case "SeAuditPrivilege": accessTokenItemType.seauditprivilege = CreateTrueEntityItem(); break; case "SeCreatePermanentPrivilege": accessTokenItemType.secreatepermanentprivilege = CreateTrueEntityItem(); break; case "SeCreateTokenPrivilege": accessTokenItemType.secreatetokenprivilege = CreateTrueEntityItem(); break; case "SeEnableDelegationPrivilege": accessTokenItemType.seenabledelegationprivilege = CreateTrueEntityItem(); break; case "SeIncreaseWorkingSetPrivilege": accessTokenItemType.seincreaseworkingsetprivilege = CreateTrueEntityItem(); break; case "SeLockMemoryPrivilege": accessTokenItemType.selockmemoryprivilege = CreateTrueEntityItem(); break; case "SeMachineAccountPrivilege": accessTokenItemType.semachineaccountprivilege = CreateTrueEntityItem(); break; case "SeRelabelPrivilege": accessTokenItemType.serelabelprivilege = CreateTrueEntityItem(); break; case "SeSyncAgentPrivilege": accessTokenItemType.sesyncagentprivilege = CreateTrueEntityItem(); break; case "SeTcbPrivilege": accessTokenItemType.setcbprivilege = CreateTrueEntityItem(); break; case "SeUnsolicitedInputPrivilege": accessTokenItemType.seunsolicitedinputprivilege = CreateTrueEntityItem(); break; case "SeServiceLogonRight": accessTokenItemType.seservicelogonright = CreateTrueEntityItem(); break; case "SeDenyBatchLogonRight": accessTokenItemType.sedenybatchLogonright = CreateTrueEntityItem(); break; case "SeDenyInteractiveLogonRight": accessTokenItemType.sedenyinteractivelogonright = CreateTrueEntityItem(); break; case "SeDenyNetworkLogonRight": accessTokenItemType.sedenynetworklogonright = CreateTrueEntityItem(); break; case "SeDenyRemoteInteractiveLogonRight": accessTokenItemType.sedenyremoteInteractivelogonright = CreateTrueEntityItem(); break; case "SeDenyServiceLogonRight": accessTokenItemType.sedenyservicelogonright = CreateTrueEntityItem(); break; } } }
private void AssertExistentAccessTokens(accesstoken_item collectedAccessTokenItem) { this.assertAccessToken(collectedAccessTokenItem.sedebugprivilege, EXISTENT); this.assertAccessToken(collectedAccessTokenItem.sedenyremoteInteractivelogonright, EXISTENT); this.assertAccessToken(collectedAccessTokenItem.sedenybatchLogonright, EXISTENT); }
private void AssertSecurityPrincipalEntity(accesstoken_item collectedAccessTokenItem) { Assert.IsNotNull(collectedAccessTokenItem.security_principle); Assert.AreEqual("mss\\lfernandes", collectedAccessTokenItem.security_principle.Value); }