private void _SetDACL(IntPtr handle) { //////////////////////////////////////////////////////////////////////////////// IntPtr ppsidOwner, ppsidGroup, ppDacl, ppSacl; ppsidOwner = ppsidGroup = ppDacl = ppSacl = IntPtr.Zero; uint status = GetSecurityInfo( handle, _SE_OBJECT_TYPE.SE_WINDOW_OBJECT, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, ref ppsidOwner, ref ppsidGroup, ref ppDacl, ref ppSacl, ref ppSecurityDescriptor ); if (0 != status) { Misc.GetWin32Error("GetSecurityInfo"); return; } else if (IntPtr.Zero == ppDacl) { Misc.GetWin32Error("ppDacl"); return; } Console.WriteLine(" [+] Recieved DACL : 0x{0}", ppDacl.ToString("X4")); //////////////////////////////////////////////////////////////////////////////// uint size = 0; CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinWorldSid, IntPtr.Zero, IntPtr.Zero, ref size); if (0 == size) { Misc.GetWin32Error("CreateWellKnownSid - Pass 1"); return; } Console.WriteLine(" [+] Create Everyone Sid - Pass 1 : 0x{0}", size.ToString("X4")); pSid = Marshal.AllocHGlobal((int)size); if (!CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinWorldSid, IntPtr.Zero, pSid, ref size)) { Misc.GetWin32Error("CreateWellKnownSid - Pass 2"); return; } Console.WriteLine(" [+] Create Everyone Sid - Pass 2 : 0x{0}", pSid.ToString("X4")); //////////////////////////////////////////////////////////////////////////////// _TRUSTEE_A trustee = new _TRUSTEE_A { pMultipleTrustee = IntPtr.Zero, MultipleTrusteeOperation = _MULTIPLE_TRUSTEE_OPERATION.NO_MULTIPLE_TRUSTEE, TrusteeForm = _TRUSTEE_FORM.TRUSTEE_IS_SID, TrusteeType = _TRUSTEE_TYPE.TRUSTEE_IS_WELL_KNOWN_GROUP, ptstrName = pSid }; _EXPLICIT_ACCESS_A explicitAccess = new _EXPLICIT_ACCESS_A { grfAccessPermissions = 0xf03ff, grfAccessMode = _ACCESS_MODE.GRANT_ACCESS, grfInheritance = 1, Trustee = trustee }; IntPtr newAcl = new IntPtr(); status = SetEntriesInAclW(1, ref explicitAccess, ppDacl, ref newAcl); if (0 != status) { Misc.GetWin32Error("SetEntriesInAclW"); return; } else if (IntPtr.Zero == newAcl) { Misc.GetWin32Error("newAcl"); return; } Console.WriteLine(" [+] Added Everyone to DACL : 0x{0}", newAcl.ToString("X4")); //////////////////////////////////////////////////////////////////////////////// status = SetSecurityInfo( handle, _SE_OBJECT_TYPE.SE_WINDOW_OBJECT, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, ppsidOwner, ppsidGroup, newAcl, ppSacl ); if (0 != status) { Misc.GetWin32Error("SetSecurityInfo"); return; } Console.WriteLine(" [+] Applied DACL to Object"); }
public static extern uint SetEntriesInAclW( uint cCountOfExplicitEntries, ref _EXPLICIT_ACCESS_A pListOfExplicitEntries, IntPtr OldAcl, ref IntPtr NewAcl );