private void SetupAppIdEntry(COMAppIDEntry entry)
        {
            textBoxAppIdName.Text            = entry.Name;
            textBoxAppIdGuid.Text            = entry.AppId.FormatGuid();
            textBoxLaunchPermission.Text     = entry.LaunchPermission;
            textBoxAccessPermission.Text     = entry.AccessPermission;
            textBoxAppIDRunAs.Text           = GetStringValue(entry.RunAs);
            textBoxAppIDService.Text         = GetStringValue(entry.IsService ? entry.LocalService.Name : null);
            textBoxAppIDFlags.Text           = entry.Flags.ToString();
            textBoxDllSurrogate.Text         = GetStringValue(entry.DllSurrogate);
            btnViewAccessPermissions.Enabled = entry.HasAccessPermission;
            btnViewLaunchPermissions.Enabled = entry.HasLaunchPermission;
            tabControlProperties.TabPages.Add(tabPageAppID);

            if (entry.IsService)
            {
                textBoxServiceName.Text            = entry.LocalService.Name;
                textBoxServiceDisplayName.Text     = GetStringValue(entry.LocalService.DisplayName);
                textBoxServiceType.Text            = entry.LocalService.ServiceType.ToString();
                textBoxServiceImagePath.Text       = entry.LocalService.ImagePath;
                textBoxServiceDll.Text             = GetStringValue(entry.LocalService.ServiceDll);
                textBoxServiceUserName.Text        = GetStringValue(entry.LocalService.UserName);
                textBoxServiceProtectionLevel.Text = entry.LocalService.ProtectionLevel.ToString();
                tabControlProperties.TabPages.Add(tabPageService);
            }

            m_appid = entry;
        }
        public static string GetAccessPermission(ICOMAccessSecurity obj)
        {
            if (obj is COMProcessEntry process)
            {
                return(process.AccessPermissions);
            }
            else if (obj is COMAppIDEntry || obj is COMCLSIDEntry)
            {
                COMAppIDEntry appid = obj as COMAppIDEntry;
                if (appid == null && obj is COMCLSIDEntry clsid)
                {
                    appid = clsid.AppIDEntry;
                    if (appid == null)
                    {
                        throw new ArgumentException("No AppID available for class");
                    }
                }

                if (appid.HasAccessPermission)
                {
                    return(appid.AccessPermission);
                }
                throw new ArgumentException("AppID doesn't have an access permission");
            }

            throw new ArgumentException("Can't get access permission for object");
        }
        private void LoadAppIDs(RegistryKey rootKey)
        {
            m_appid = new SortedDictionary <Guid, COMAppIDEntry>();

            using (RegistryKey appIdKey = rootKey.OpenSubKey("AppID"))
            {
                if (appIdKey != null)
                {
                    string[] subkeys = appIdKey.GetSubKeyNames();
                    foreach (string key in subkeys)
                    {
                        Guid appid;

                        if (Guid.TryParse(key, out appid))
                        {
                            if (!m_appid.ContainsKey(appid))
                            {
                                using (RegistryKey regKey = appIdKey.OpenSubKey(key))
                                {
                                    if (regKey != null)
                                    {
                                        COMAppIDEntry ent = new COMAppIDEntry(appid, regKey);
                                        m_appid.Add(appid, ent);
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
 private void SetupAppIdEntry(COMAppIDEntry entry)
 {
     textBoxAppIdName.Text        = entry.Name;
     textBoxAppIdGuid.Text        = entry.AppId.ToString("B");
     textBoxLaunchPermission.Text = entry.LaunchPermissionString ?? String.Empty;
     textBoxAccessPermission.Text = entry.AccessPermissionString ?? String.Empty;
     lblAppIdRunAs.Text           = String.Format("Run As: {0}", entry.RunAs ?? "N/A");
     lblService.Text          = String.Format("Service: {0}", entry.LocalService ?? "N/A");
     textBoxDllSurrogate.Text = entry.DllSurrogate ?? "N/A";
     tabControlProperties.TabPages.Add(tabPageAppID);
 }
        public static string GetLaunchPermission(ICOMAccessSecurity obj)
        {
            if (obj is COMAppIDEntry || obj is COMCLSIDEntry)
            {
                COMAppIDEntry appid = obj as COMAppIDEntry;
                if (appid == null && obj is COMCLSIDEntry clsid)
                {
                    appid = clsid.AppIDEntry;
                    if (appid == null)
                    {
                        throw new ArgumentException("No AppID available for class");
                    }
                }

                if (appid.HasLaunchPermission)
                {
                    return(appid.LaunchPermission);
                }
                throw new ArgumentException("AppID doesn't have an launch permission");
            }
            else if (obj is COMRuntimeClassEntry runtime_class)
            {
                if (runtime_class.HasPermission)
                {
                    return(runtime_class.Permissions);
                }
                else if (runtime_class.ActivationType == ActivationType.OutOfProcess && runtime_class.HasServerPermission)
                {
                    return(runtime_class.ServerPermissions);
                }
                throw new ArgumentException("RuntimeClass doesn't have an launch permission");
            }
            else if (obj is COMRuntimeServerEntry runtime_server)
            {
                if (runtime_server.HasPermission)
                {
                    return(runtime_server.Permissions);
                }
                throw new ArgumentException("RuntimeServer doesn't have an launch permission");
            }
            throw new ArgumentException("Can't get launch permission for object");
        }
 public static void ViewSecurity(IWin32Window parent, COMAppIDEntry appid, bool access)
 {
     ViewSecurity(parent, String.Format("{0} {1}", appid.Name, access ? "Access" : "Launch"),
                  access ? appid.AccessPermission : appid.LaunchPermission, access);
 }
Exemple #7
0
 public static void ViewSecurity(COMRegistry registry, COMAppIDEntry appid, bool access)
 {
     ViewSecurity(registry, string.Format("{0} {1}", appid.Name, access ? "Access" : "Launch"),
                  access ? appid.AccessPermission : appid.LaunchPermission, access);
 }
        public bool AccessCheck(
            ICOMAccessSecurity obj)
        {
            if (obj == null)
            {
                return(false);
            }

            string launch_sddl  = m_ignore_default ? string.Empty : obj.DefaultLaunchPermission;
            string access_sddl  = m_ignore_default ? string.Empty : obj.DefaultAccessPermission;
            bool   check_launch = true;
            string principal    = m_principal;

            if (obj is COMProcessEntry process)
            {
                access_sddl  = process.AccessPermissions;
                principal    = process.UserSid;
                check_launch = false;
            }
            else if (obj is COMAppIDEntry || obj is COMCLSIDEntry)
            {
                COMAppIDEntry appid = obj as COMAppIDEntry;
                if (appid == null && obj is COMCLSIDEntry clsid)
                {
                    appid = clsid.AppIDEntry;
                    if (appid == null)
                    {
                        return(false);
                    }
                }

                if (appid.HasLaunchPermission)
                {
                    launch_sddl = appid.LaunchPermission;
                }

                if (appid.HasAccessPermission)
                {
                    access_sddl = appid.AccessPermission;
                }
            }
            else if (obj is COMRuntimeClassEntry runtime_class)
            {
                if (runtime_class.HasPermission)
                {
                    launch_sddl = runtime_class.Permissions;
                }
                else if (runtime_class.ActivationType == ActivationType.OutOfProcess && runtime_class.HasServerPermission)
                {
                    launch_sddl = runtime_class.ServerPermissions;
                }
                else if (runtime_class.TrustLevel == TrustLevel.PartialTrust)
                {
                    launch_sddl = COMRuntimeClassEntry.DefaultActivationPermission;
                }
                else
                {
                    // Set to denied access.
                    launch_sddl = "O:SYG:SYD:";
                }
                access_sddl = launch_sddl;
            }
            else if (obj is COMRuntimeServerEntry runtime_server)
            {
                if (runtime_server.HasPermission)
                {
                    launch_sddl = runtime_server.Permissions;
                }
                else
                {
                    launch_sddl = "O:SYG:SYD:";
                }
                access_sddl = launch_sddl;
            }
            else
            {
                return(false);
            }

            if (!m_access_cache.ContainsKey(access_sddl))
            {
                if (m_access_rights == 0)
                {
                    m_access_cache[access_sddl] = true;
                }
                else
                {
                    m_access_cache[access_sddl] = COMSecurity.IsAccessGranted(access_sddl,
                                                                              principal, m_access_token, false, false, m_access_rights);
                }
            }

            if (check_launch && !m_launch_cache.ContainsKey(launch_sddl))
            {
                if (m_launch_rights == 0)
                {
                    m_launch_cache[launch_sddl] = true;
                }
                else
                {
                    m_launch_cache[launch_sddl] = COMSecurity.IsAccessGranted(launch_sddl, principal, m_access_token,
                                                                              true, true, m_launch_rights);
                }
            }

            if (m_access_cache[access_sddl] && (!check_launch || m_launch_cache[launch_sddl]))
            {
                return(true);
            }
            return(false);
        }
        private void LoadAppIDs(bool filterIL, bool filterAC)
        {
            List <IGrouping <Guid, COMCLSIDEntry> > clsidsByAppId = m_reg.ClsidsByAppId.ToList();
            IDictionary <Guid, COMAppIDEntry>       appids        = m_reg.AppIDs;

            List <TreeNode> serverNodes = new List <TreeNode>();

            foreach (IGrouping <Guid, COMCLSIDEntry> pair in clsidsByAppId)
            {
                if (appids.ContainsKey(pair.Key))
                {
                    COMAppIDEntry appidEnt = appids[pair.Key];

                    if (filterIL && String.IsNullOrWhiteSpace(COMUtilities.GetILForSD(appidEnt.AccessPermission)) &&
                        String.IsNullOrWhiteSpace(COMUtilities.GetILForSD(appidEnt.LaunchPermission)))
                    {
                        continue;
                    }

                    if (filterAC && !COMUtilities.SDHasAC(appidEnt.AccessPermission) && !COMUtilities.SDHasAC(appidEnt.LaunchPermission))
                    {
                        continue;
                    }

                    TreeNode node = new TreeNode(appidEnt.Name);
                    node.Tag = appidEnt;

                    StringBuilder builder = new StringBuilder();

                    AppendFormatLine(builder, "AppID: {0}", pair.Key);
                    if (!String.IsNullOrWhiteSpace(appidEnt.RunAs))
                    {
                        AppendFormatLine(builder, "RunAs: {0}", appidEnt.RunAs);
                    }

                    if (!String.IsNullOrWhiteSpace(appidEnt.LocalService))
                    {
                        AppendFormatLine(builder, "LocalService: {0}", appidEnt.LocalService);
                    }

                    string perm = appidEnt.LaunchPermissionString;
                    if (perm != null)
                    {
                        AppendFormatLine(builder, "Launch: {0}", LimitString(perm, 64));
                    }

                    perm = appidEnt.AccessPermissionString;
                    if (perm != null)
                    {
                        AppendFormatLine(builder, "Access: {0}", LimitString(perm, 64));
                    }

                    node.ToolTipText = builder.ToString();

                    int count = pair.Count();

                    TreeNode[] clsidNodes = new TreeNode[count];
                    string[]   nodeNames  = new string[count];
                    int        j          = 0;

                    foreach (COMCLSIDEntry ent in pair)
                    {
                        clsidNodes[j] = CreateClsidNode(ent);
                        nodeNames[j]  = ent.Name;
                        j++;
                    }

                    Array.Sort(nodeNames, clsidNodes);
                    node.Nodes.AddRange(clsidNodes);

                    serverNodes.Add(node);
                }
            }

            treeComRegistry.Nodes.AddRange(serverNodes.ToArray());
            Text = "AppIDs";
        }
        private void LoadLocalServices()
        {
            List <IGrouping <Guid, COMCLSIDEntry> > clsidsByAppId = m_reg.ClsidsByAppId.ToList();
            IDictionary <Guid, COMAppIDEntry>       appids        = m_reg.AppIDs;
            Dictionary <string, ServiceController>  services;

            try
            {
                services = ServiceController.GetServices().ToDictionary(s => s.ServiceName.ToLower());
            }
            catch (Win32Exception)
            {
                services = new Dictionary <string, ServiceController>();
            }

            List <TreeNode> serverNodes = new List <TreeNode>();

            foreach (IGrouping <Guid, COMCLSIDEntry> pair in clsidsByAppId)
            {
                if (appids.ContainsKey(pair.Key) && !String.IsNullOrWhiteSpace(appids[pair.Key].LocalService))
                {
                    COMAppIDEntry appidEnt = appids[pair.Key];

                    string name = appidEnt.LocalService;

                    if (services.ContainsKey(name.ToLower()))
                    {
                        try
                        {
                            ServiceController sc = services[name.ToLower()];

                            string displayName = sc.DisplayName;
                            if (!String.IsNullOrWhiteSpace(displayName))
                            {
                                name = displayName;
                            }
                        }
                        catch (Win32Exception)
                        {
                        }
                    }

                    TreeNode node = new TreeNode(name);

                    StringBuilder builder = new StringBuilder();

                    AppendFormatLine(builder, "AppID: {0}", pair.Key);
                    if (!String.IsNullOrWhiteSpace(appidEnt.RunAs))
                    {
                        AppendFormatLine(builder, "RunAs: {0}", appidEnt.RunAs);
                    }

                    node.ToolTipText = builder.ToString();
                    node.Tag         = appidEnt;

                    int count = pair.Count();

                    TreeNode[] clsidNodes = new TreeNode[count];
                    string[]   nodeNames  = new string[count];
                    int        j          = 0;

                    foreach (COMCLSIDEntry ent in pair)
                    {
                        clsidNodes[j] = CreateClsidNode(ent);
                        nodeNames[j]  = ent.Name;
                        j++;
                    }

                    Array.Sort(nodeNames, clsidNodes);
                    node.Nodes.AddRange(clsidNodes);

                    serverNodes.Add(node);
                }
            }

            treeComRegistry.Nodes.AddRange(serverNodes.ToArray());
            Text = "Local Services";
        }