public MainWindow()
{
InitializeComponent();
// Open the port in the firewall
Type type = Type.GetTypeFromProgID("HNetCfg.FWOpenPort");
INetFwOpenPort port = Activator.CreateInstance(type) as INetFwOpenPort;
port.Port = 19283;
port.Name = "Mayhem";
port.Enabled = true;
Type netFwMgrType = Type.GetTypeFromProgID("HNetCfg.FwMgr", false);
INetFwMgr mgr = (INetFwMgr)Activator.CreateInstance(netFwMgrType);
INetFwOpenPorts ports = mgr.LocalPolicy.CurrentProfile.GloballyOpenPorts;
ports.Add(port);
// Add the ACL
string name = WindowsIdentity.GetCurrent().Name;
SecurityIdentity sid = SecurityIdentity.SecurityIdentityFromName(name);
string acl = "D:(A;;GA;;;" + sid + ")";
Debug.WriteLine(acl);
SetHttpNamespaceAcl("http://+:19283/", acl);
Close();
}
public override bool Equals(object obj)
{
if (obj == null)
{
return(false);
}
if (obj is SecurityIdentity)
{
SecurityIdentity sd = (SecurityIdentity)obj;
return(string.Compare(sid, sd.sid, true) == 0);
}
return(false);
}
public void SetHttpNamespaceAcl(string urlPrefix, string acl)
{
HTTPAPI_VERSION version = new HTTPAPI_VERSION();
version.HttpApiMajorVersion = 1;
version.HttpApiMinorVersion = 0;
HttpInitialize(version, HTTP_INITIALIZE_CONFIG, IntPtr.Zero);
HTTP_SERVICE_CONFIG_URLACL_SET urlAclConfig = new HTTP_SERVICE_CONFIG_URLACL_SET();
urlAclConfig.KeyDesc.pUrlPrefix = urlPrefix;
urlAclConfig.ParamDesc.pStringSecurityDescriptor = acl;
IntPtr UrlAclConfig = Marshal.AllocHGlobal(Marshal.SizeOf(urlAclConfig));
Marshal.StructureToPtr(urlAclConfig, UrlAclConfig, false);
try
{
uint retval = HttpSetServiceConfiguration(IntPtr.Zero, HTTP_SERVICE_CONFIG_ID.HttpServiceConfigUrlAclInfo, UrlAclConfig, (uint)Marshal.SizeOf(urlAclConfig), IntPtr.Zero);
if (retval != 0 && retval != 183)
{
throw new ExternalException("Error Setting Configuration: " + SecurityIdentity.GetErrorMessage(retval));
}
}
catch (Exception e)
{
Debug.WriteLine(e);
}
finally
{
if (UrlAclConfig != IntPtr.Zero)
{
Marshal.DestroyStructure(UrlAclConfig, typeof(HTTP_SERVICE_CONFIG_URLACL_SET));
Marshal.FreeHGlobal(UrlAclConfig);
}
}
}
/// <summary>
/// Creates a Security Identity from an object name (e.g. DOMAIN\AccountName)
/// </summary>
/// <param name="name">A security object name (i.e. a Computer, Account, or Group)</param>
/// <returns>A populated Security Identity</returns>
public static SecurityIdentity SecurityIdentityFromName(string name)
{
if (name == null)
{
throw new ArgumentNullException("name");
}
if (name == "")
{
throw new ArgumentException("Argument 'name' cannot be the empty string.", "name");
}
LSA_OBJECT_ATTRIBUTES attribs = new LSA_OBJECT_ATTRIBUTES();
attribs.Attributes = 0;
attribs.ObjectName = IntPtr.Zero;
attribs.RootDirectory = IntPtr.Zero;
attribs.SecurityDescriptor = IntPtr.Zero;
attribs.SecurityQualityOfService = IntPtr.Zero;
attribs.Length = (uint)Marshal.SizeOf(attribs);
IntPtr handle;
int status = LsaOpenPolicy(IntPtr.Zero, ref attribs, ACCESS_MASK.POLICY_LOOKUP_NAMES, out handle);
if (status != 0)
{
throw new ExternalException("Unable to Find Object: " + GetErrorMessage(LsaNtStatusToWinError(status)));
}
try
{
LSA_UNICODE_STRING nameString = new LSA_UNICODE_STRING();
nameString.Buffer = name;
nameString.Length = (ushort)(name.Length * UnicodeEncoding.CharSize);
nameString.MaxLength = (ushort)((name.Length * UnicodeEncoding.CharSize) + UnicodeEncoding.CharSize);
IntPtr domains;
IntPtr sids;
status = LsaLookupNames2(handle, 0, 1, new[] { nameString }, out domains, out sids);
if (status != 0)
{
throw new ExternalException("Unable to Find Object: " + GetErrorMessage(LsaNtStatusToWinError(status)));
}
try
{
SecurityIdentity secId = new SecurityIdentity();
LSA_TRANSLATED_SID2 lsaSid = (LSA_TRANSLATED_SID2)Marshal.PtrToStructure(sids, typeof(LSA_TRANSLATED_SID2));
IntPtr sidStruct = lsaSid.Sid;
IntPtr sidString;
// Get the SID string
if (!ConvertSidToStringSid(sidStruct, out sidString))
{
throw new ExternalException("Unable to Find Object: " + GetErrorMessage(GetLastError()));
}
try
{
// Marshal and store the SID string
secId.sid = Marshal.PtrToStringAnsi(sidString);
}
finally
{
if (sidString != IntPtr.Zero)
{
LocalFree(sidString);
}
}
// Check if the SID is a well known SID
secId.wellKnownSidType = (WELL_KNOWN_SID_TYPE)Array.IndexOf(WellKnownSids, secId.sid);
SID_NAME_USE nameUse;
uint nameLen = 0;
uint domainLen = 0;
// Get the lengths for the object and domain names
LookupAccountSid(null, sidStruct, IntPtr.Zero, ref nameLen, IntPtr.Zero, ref domainLen, out nameUse);
if (nameLen == 0)
{
throw new ExternalException("Unable to Find SID: " + GetErrorMessage(GetLastError()));
}
IntPtr accountName = Marshal.AllocHGlobal((IntPtr)nameLen);
IntPtr domainName = domainLen > 0 ? Marshal.AllocHGlobal((IntPtr)domainLen) : IntPtr.Zero;
try
{
// Get the object and domain names
if (!LookupAccountSid(null, sidStruct, accountName, ref nameLen, domainName, ref domainLen, out nameUse))
{
throw new ExternalException("Unable to Find SID: " + GetErrorMessage(GetLastError()));
}
// Marshal and store the object name
secId.name = string.Format("{0}{1}{2}", domainLen > 1 ? Marshal.PtrToStringAnsi(domainName) : "", domainLen > 1 ? "\\" : "", Marshal.PtrToStringAnsi(accountName));
return(secId);
}
finally
{
if (accountName != IntPtr.Zero)
{
Marshal.FreeHGlobal(accountName);
}
if (domainName != IntPtr.Zero)
{
Marshal.FreeHGlobal(domainName);
}
}
}
finally
{
if (domains != IntPtr.Zero)
{
LsaFreeMemory(domains);
}
if (sids != IntPtr.Zero)
{
LsaFreeMemory(sids);
}
}
}
finally
{
if (handle != IntPtr.Zero)
{
LsaClose(handle);
}
}
}
