Exemple #1
0
        private void PopulateEntries()
        {
            DirectoryAccessRights granted_access = _directory.GrantedAccess;

            if ((granted_access & DirectoryAccessRights.ReadControl) == DirectoryAccessRights.ReadControl)
            {
                _sd   = _directory.GetSecurityDescriptorBytes(SecurityInformation.Dacl | SecurityInformation.Label | SecurityInformation.Group | SecurityInformation.Owner);
                _sddl = NtSecurity.SecurityDescriptorToSddl(_sd, SecurityInformation.Dacl | SecurityInformation.Label | SecurityInformation.Group | SecurityInformation.Owner);
            }
            else
            {
                _sd   = new byte[0];
                _sddl = String.Empty;
            }


            _full_path = _directory.FullPath;
            if (String.IsNullOrWhiteSpace(_full_path))
            {
                _full_path = _orig_path;
            }

            if ((granted_access & DirectoryAccessRights.Query) != DirectoryAccessRights.Query)
            {
                _entries = new List <ObjectDirectoryEntry>();
            }
            else
            {
                _entries = new List <ObjectDirectoryEntry>(_directory.Query().Select(e => new ObjectDirectoryEntry(e.Name, e.TypeName, this)));
            }
        }
Exemple #2
0
        static void CheckAccess(string path, byte[] sd, NtType type)
        {
            try
            {
                if (_type_filter.Count > 0)
                {
                    if (!_type_filter.Contains(type.Name.ToLower()))
                    {
                        return;
                    }
                }

                if (sd.Length > 0)
                {
                    uint granted_access = 0;

                    if (_dir_rights != 0)
                    {
                        granted_access = NtSecurity.GetAllowedAccess(_token, type, (uint)_dir_rights, sd);
                    }
                    else
                    {
                        granted_access = NtSecurity.GetMaximumAccess(_token, type, sd);
                    }

                    if (granted_access != 0)
                    {
                        // As we can get all the rights for the directory get maximum
                        if (_dir_rights != 0)
                        {
                            granted_access = NtSecurity.GetMaximumAccess(_token, type, sd);
                        }

                        if (!_show_write_only || type.HasWritePermission(granted_access))
                        {
                            Console.WriteLine("<{0}> {1} : {2:X08} {3}", type.Name, path, granted_access, AccessMaskToString(type, granted_access));
                            if (_print_sddl)
                            {
                                Console.WriteLine("{0}", NtSecurity.SecurityDescriptorToSddl(sd, SecurityInformation.AllBasic));
                            }
                        }
                    }
                }
            }
            catch (Exception)
            {
            }
        }
Exemple #3
0
        void ReadStringSecurityDescriptor()
        {
            if (_sd == null)
            {
                ReadSecurityDescriptor();
            }

            if (_sd.Length > 0)
            {
                _sddl = NtSecurity.SecurityDescriptorToSddl(_sd, SecurityInformation.Owner | SecurityInformation.Group | SecurityInformation.Dacl | SecurityInformation.Label);
            }
            else
            {
                _sddl = string.Empty;
            }
        }