public void BuildExplicitAccessWithNameTest() { EXPLICIT_ACCESS ea = default; Assert.That(() => BuildExplicitAccessWithName(out ea, userName, 0x10000000, ACCESS_MODE.SET_ACCESS, INHERIT_FLAGS.SUB_CONTAINERS_AND_OBJECTS_INHERIT), Throws.Nothing); Assert.That(ea.grfAccessMode, Is.Not.Zero); ea.WriteValues(); }
public void AuditQuerySetGlobalSaclTest() { Assert.That(AuditQueryGlobalSacl("Key", out var orig), ResultIs.Successful); var explAcc = new EXPLICIT_ACCESS { grfAccessMode = ACCESS_MODE.SET_AUDIT_SUCCESS, grfAccessPermissions = 0x20006 /* KEY_WRITE */, grfInheritance = INHERIT_FLAGS.NO_INHERITANCE, Trustee = new TRUSTEE(SafePSID.Everyone, TRUSTEE_TYPE.TRUSTEE_IS_WELL_KNOWN_GROUP) }; Assert.That(SetEntriesInAcl(1, new[] { explAcc }, PACL.NULL, out var newAcl), ResultIs.Successful); Assert.That(AuditSetGlobalSacl("Key", newAcl), ResultIs.Successful); Assert.That(AuditSetGlobalSacl("Key", orig), ResultIs.Successful); }
public void AuditQuerySetGlobalSaclTest() { Assert.That(AuditQueryGlobalSacl("Key", out var orig), Is.True); var psid = SafePSID.CreateWellKnown(WELL_KNOWN_SID_TYPE.WinWorldSid); var explAcc = new EXPLICIT_ACCESS { grfAccessMode = ACCESS_MODE.SET_AUDIT_SUCCESS, grfAccessPermissions = 0x20006 /* KEY_WRITE */, grfInheritance = INHERIT_FLAGS.NO_INHERITANCE, Trustee = new TRUSTEE(psid, TRUSTEE_TYPE.TRUSTEE_IS_WELL_KNOWN_GROUP) }; SetEntriesInAcl(1, new[] { explAcc }, PACL.NULL, out var newAcl).ThrowIfFailed(); Assert.That(AuditSetGlobalSacl("Key", newAcl), Is.True); Assert.That(AuditSetGlobalSacl("Key", orig), Is.True); }
public static int AdjustAccessControlListForUwp(string dllPath) { // Get current Access Control List int errorCode = GetNamedSecurityInfo(dllPath, SE_OBJECT_TYPE.SE_FILE_OBJECT, SecurityInfos.DiscretionaryAcl, out _, out _, out IntPtr currentAcl, out _, out IntPtr securityDescriptor); if (errorCode != 0) { Debug.WriteLine("Call to 'GetNamedSecurityInfoA' failed"); return(11); } // sid for all application packages if (ConvertStringSidToSid("S-1-15-2-1", out IntPtr sid) == 0) { Debug.WriteLine("Call to 'ConvertStringSidToSidA' failed"); return(12); } EXPLICIT_ACCESS access = new EXPLICIT_ACCESS { AccessPermissions = ACCESS_MASK.GENERIC_READ | ACCESS_MASK.GENERIC_EXECUTE, AccessMode = ACCESS_MODE.SET_ACCESS, Inheritance = ACCESS_INHERITANCE.SUB_CONTAINERS_AND_OBJECTS_INHERIT, trustee = new TRUSTEE { TrusteeForm = TRUSTEE_FORM.TRUSTEE_IS_SID, TrusteeType = TRUSTEE_TYPE.TRUSTEE_IS_WELL_KNOWN_GROUP, Name = sid } }; // Set new access entry in the Access Control List errorCode = SetEntriesInAcl(1, ref access, currentAcl, out IntPtr updatedAcl); if (errorCode != 0) { Debug.WriteLine("Call to 'SetEntriesInAclA' failed"); return(13); } // Set new Access Control List errorCode = SetNamedSecurityInfo(dllPath, SE_OBJECT_TYPE.SE_FILE_OBJECT, SecurityInfos.DiscretionaryAcl, IntPtr.Zero, IntPtr.Zero, updatedAcl, IntPtr.Zero); if (errorCode != 0) { Debug.WriteLine("Call to 'SetNamedSecurityInfoA' failed"); return(14); } if (securityDescriptor != IntPtr.Zero) { Kernel32.LocalFree(securityDescriptor); } if (updatedAcl != IntPtr.Zero) { Kernel32.LocalFree(updatedAcl); } return(0); }
internal static extern int SetEntriesInAcl(int cCountOfExplicitEntries, ref EXPLICIT_ACCESS pListOfExplicitEntries, IntPtr oldAcl, out IntPtr newAcl);
public static extern void BuildExplicitAccessWithName( ref EXPLICIT_ACCESS pExplicitAccess, string pTrusteeName, uint AccessPermissions, uint AccessMode, uint Inheritance);
static extern int SetEntriesInAcl(int CountofExplicitEntries, ref EXPLICIT_ACCESS ea, IntPtr OldAcl, out IntPtr NewAcl);
public static extern uint SetEntriesInAcl( ulong cCountOfExplicitEntries, EXPLICIT_ACCESS[] pListOfExplicitEntries, LwACL OldAcl, ref LwACL NewAcl );
public static void GrantAdministratorsAccess(string name, SE_OBJECT_TYPE type) { SID_IDENTIFIER_AUTHORITY sidNTAuthority = SECURITY_NT_AUTHORITY; // Create a SID for the BUILTIN\Administrators group. IntPtr sidAdmin = IntPtr.Zero; AllocateAndInitializeSid(ref sidNTAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, ref sidAdmin); // Set full control for Administrators. EXPLICIT_ACCESS[] explicitAccesss = new EXPLICIT_ACCESS[1]; explicitAccesss[0].grfAccessPermissions = ACCESS_MASK.GENERIC_ALL; explicitAccesss[0].grfAccessMode = ACCESS_MODE.SET_ACCESS; explicitAccesss[0].grfInheritance = NO_INHERITANCE; explicitAccesss[0].Trustee.TrusteeForm = TRUSTEE_FORM.TRUSTEE_IS_SID; explicitAccesss[0].Trustee.TrusteeType = TRUSTEE_TYPE.TRUSTEE_IS_GROUP; explicitAccesss[0].Trustee.ptstrName = sidAdmin; IntPtr acl = IntPtr.Zero; SetEntriesInAcl(1, ref explicitAccesss[0], 0, ref acl); Action <string, bool> setPrivilege = (privilege, allow) => { IntPtr token = IntPtr.Zero; TOKEN_PRIVILEGES tokenPrivileges = new TOKEN_PRIVILEGES(); OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, out token); if (allow) { LUID luid; LookupPrivilegeValueA(null, privilege, out luid); tokenPrivileges.PrivilegeCount = 1; tokenPrivileges.Privileges = new LUID_AND_ATTRIBUTES[1]; tokenPrivileges.Privileges[0].Luid = luid; tokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; } AdjustTokenPrivileges(token, false, ref tokenPrivileges, 0, IntPtr.Zero, IntPtr.Zero); CloseHandle(token); }; // Enable the SE_TAKE_OWNERSHIP_NAME privilege. setPrivilege(SE_TAKE_OWNERSHIP_NAME, true); // Set the owner in the object's security descriptor. SetNamedSecurityInfo( name, type, SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION, sidAdmin, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero); // Disable the SE_TAKE_OWNERSHIP_NAME privilege. setPrivilege(SE_TAKE_OWNERSHIP_NAME, false); //// Modify the object's DACL, //SetNamedSecurityInfo( // name, // type, // SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, // IntPtr.Zero, IntPtr.Zero, // acl, // IntPtr.Zero); FreeSid(sidAdmin); LocalFree(acl); }
private static extern uint SetEntriesInAcl( int CountofExplicitEntries, ref EXPLICIT_ACCESS ea, uint OldAcl, ref IntPtr NewAcl);
public void _createSecuritydesc() { byte[] SECURITY_WORLD_SID_AUTHORITY = new byte[6] { 0, 0, 0, 0, 0, 1 }; SidIdentifierAuthority NtAuthority = new SidIdentifierAuthority(); NtAuthority.Value = SECURITY_WORLD_SID_AUTHORITY; IntPtr AuthenticatedUsersSid = IntPtr.Zero; //const int AuthenticatedUser = 11; const int SECURITY_WORLD_RID = 0; // Get the SID for the Authenticated Uses group if (!NativeMethods.AllocateAndInitializeSid(ref NtAuthority, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, out AuthenticatedUsersSid)) { NativeMethods.FreeSid(AuthenticatedUsersSid); throw new Win32Exception("Failed to AllocateAndInitializeSid"); } // Remember to free the SID when you are done //NativeMethods.FreeSid(AuthenticatedUsersSid); IntPtr SPECIFIC_RIGHTS_ALL = (IntPtr)0x0000FFFF; IntPtr STANDARD_RIGHTS_ALL = (IntPtr)0x001F0000; IntPtr SPECIFIC_N_STANDARD_RIGHTS_ALL = (IntPtr)0x001FFFFF; uint SET_ACCESS = 2; EXPLICIT_ACCESS ea = new EXPLICIT_ACCESS(); ea.grfAccessPermissions = (uint)RightFlags.SPECIFIC_N_STANDARD_RIGHTS_ALL; //(uint)SPECIFIC_N_STANDARD_RIGHTS_ALL; ea.grfAccessMode = SET_ACCESS; ea.grfInheritance = 0; //NO_INHERITANCE ea.Trustee.TrusteeForm = TRUSTEE_FORM.TRUSTEE_IS_SID; //TRUSTEE_IS_SID ea.Trustee.TrusteeType = TRUSTEE_TYPE.TRUSTEE_IS_WELL_KNOWN_GROUP; //TRUSTEE_IS_WELL_KNOWN_GROUP ea.Trustee.ptstrName = AuthenticatedUsersSid; IntPtr NewAclPointer = IntPtr.Zero; _ACL NewAcl = new _ACL(); // Marshal.StructureToPtr(NewAcl, NewAclPointer, true); int dwRes = NativeMethods.SetEntriesInAcl(1, ref ea, IntPtr.Zero, out NewAclPointer); if (dwRes != 0) { throw new Win32Exception("Failed to SetEntriesInAcl"); } SECURITY_DESCRIPTOR sec = new SECURITY_DESCRIPTOR(); Marshal.SizeOf(sec); IntPtr pSDlocalAlloc = NativeMethods.LocalAlloc((uint)LMEMFlags.LMEM_FIXED_N_ZEROINIT, (UIntPtr)Marshal.SizeOf(sec)); //Marshal.PtrToStructure(pSDlocalAlloc, sec); if (pSDlocalAlloc == IntPtr.Zero || pSDlocalAlloc == null) { throw new Win32Exception("Failed to localAlloc"); } if (!NativeMethods.InitializeSecurityDescriptor(out sec, 1)) { throw new Win32Exception("Failed to InitializeSecurityDescriptor"); } if (!NativeMethods.SetSecurityDescriptorDacl(ref sec, true, NewAclPointer, false)) { throw new Win32Exception("Failed to SetSecurityDescriptorDacl"); } //byte[] src = getBytes(sec); //IntPtr dest = Marshal.AllocHGlobal(src.Length); //Marshal.Copy(src, 0, dest, src.Length); //sa.bInheritHandle = 0; //sa.nLength = Marshal.SizeOf(sa); //sa.lpSecurityDescriptor = dest; //Marshal.FreeHGlobal(dest); //-------------------- //byte[] src = getBytes(sec); //IntPtr dest = Marshal.AllocHGlobal(src.Length); //Marshal.Copy(src, 0, dest, src.Length); //gay1 Marshal.StructureToPtr(sec, pSDlocalAlloc, true); sa.bInheritHandle = 0; sa.nLength = (uint)Marshal.SizeOf(sa); // its 24 or 816 (8x100 +8(int) +8(int)) sa.lpSecurityDescriptor = pSDlocalAlloc; // dest;//0x00000193dc8f7420 //gay1 end //Marshal.FreeHGlobal(dest); //sa.lpSecurityDescriptor = getBytes(sa); //Serialize(); // Marshal.by(gay, SECURITY_ATTRIBUTES); NativeMethods.FreeSid(AuthenticatedUsersSid); NativeMethods.LocalFree(pSDlocalAlloc); }
/// <summary> /// Changes object ownership /// </summary> /// <param name="ObjectName"></param> /// <param name="ObjectType"></param> /// <returns></returns> public bool ChangeObjectOwnership(string ObjectName, SE_OBJECT_TYPE ObjectType) { bool success = false; IntPtr pSidAdmin = IntPtr.Zero; IntPtr pAcl = IntPtr.Zero; string name = ObjectName; SID_IDENTIFIER_AUTHORITY sidNTAuthority = new SID_IDENTIFIER_AUTHORITY() { Value = new byte[] { 0, 0, 0, 0, 0, 5 } }; success = AllocateAndInitializeSid(ref sidNTAuthority, (byte)2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, ref pSidAdmin); if (ObjectName.StartsWith("HKEY_CLASSES_ROOT")) { name = ObjectName.Replace("HKEY_CLASSES_ROOT", "CLASSES_ROOT"); } else if (ObjectName.StartsWith("HKEY_CURRENT_USER")) { name = ObjectName.Replace("HKEY_CURRENT_USER", "CURRENT_USER"); } else if (ObjectName.StartsWith("HKEY_LOCAL_MACHINE")) { name = ObjectName.Replace("HKEY_LOCAL_MACHINE", "MACHINE"); } else if (ObjectName.StartsWith("HKEY_USERS")) { name = ObjectName.Replace("HKEY_USERS", "USERS"); } if (success) { EXPLICIT_ACCESS[] explicitAccesss = new EXPLICIT_ACCESS[1]; explicitAccesss[0].grfAccessPermissions = ACCESS_MASK.GENERIC_ALL; explicitAccesss[0].grfAccessMode = ACCESS_MODE.SET_ACCESS; explicitAccesss[0].grfInheritance = NO_INHERITANCE; explicitAccesss[0].Trustee.TrusteeForm = TRUSTEE_FORM.TRUSTEE_IS_SID; explicitAccesss[0].Trustee.TrusteeType = TRUSTEE_TYPE.TRUSTEE_IS_GROUP; explicitAccesss[0].Trustee.ptstrName = pSidAdmin; //modify dacl SetEntriesInAcl(1, ref explicitAccesss[0], IntPtr.Zero, out pAcl); success = SetPrivilege(SE_TAKE_OWNERSHIP_NAME, true); if (success) { // set admin as owner int p = SetNamedSecurityInfo(name, ObjectType, SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION, pSidAdmin, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero); success = SetPrivilege(SE_TAKE_OWNERSHIP_NAME, false); if (success) { SetNamedSecurityInfo(name, ObjectType, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, IntPtr.Zero, IntPtr.Zero, pAcl, IntPtr.Zero); } } } if (pSidAdmin != IntPtr.Zero) { FreeSid(pSidAdmin); } if (pAcl != IntPtr.Zero) { LocalFree(pAcl); } return success; }