private void btnRuntimeServerViewPermissions_Click(object sender, EventArgs e)
{
COMSecurity.ViewSecurity(m_registry, string.Format("{0} Permissions", m_runtime_server.Name), m_runtime_server.Permissions, false);
}
private void menuSecurityDefaultAccessRestriction_Click(object sender, EventArgs e)
{
COMSecurity.ViewSecurity(this, "Default Access Restrictions", m_registry.DefaultAccessRestriction, true);
}
private void btnViewAccessPermissions_Click(object sender, EventArgs e)
{
COMSecurity.ViewSecurity(m_registry, m_appid, true);
}
private void btnProcessViewAccessPermissions_Click(object sender, EventArgs e)
{
COMSecurity.ViewSecurity(m_registry, String.Format("{0} Access", m_process.Name),
m_process.AccessPermissions, true);
}
public bool AccessCheck(
ICOMAccessSecurity obj)
{
if (obj == null)
{
return(false);
}
string launch_sddl = m_ignore_default ? string.Empty : obj.DefaultLaunchPermission;
string access_sddl = m_ignore_default ? string.Empty : obj.DefaultAccessPermission;
bool check_launch = true;
string principal = m_principal;
if (obj is COMProcessEntry process)
{
access_sddl = process.AccessPermissions;
principal = process.UserSid;
check_launch = false;
}
else if (obj is COMAppIDEntry || obj is COMCLSIDEntry)
{
COMAppIDEntry appid = obj as COMAppIDEntry;
if (appid == null && obj is COMCLSIDEntry clsid)
{
appid = clsid.AppIDEntry;
if (appid == null)
{
return(false);
}
}
if (appid.HasLaunchPermission)
{
launch_sddl = appid.LaunchPermission;
}
if (appid.HasAccessPermission)
{
access_sddl = appid.AccessPermission;
}
}
else if (obj is COMRuntimeClassEntry runtime_class)
{
if (runtime_class.HasPermission)
{
launch_sddl = runtime_class.Permissions;
}
else if (runtime_class.ActivationType == ActivationType.OutOfProcess && runtime_class.HasServerPermission)
{
launch_sddl = runtime_class.ServerPermissions;
}
else if (runtime_class.TrustLevel == TrustLevel.PartialTrust)
{
launch_sddl = COMRuntimeClassEntry.DefaultActivationPermission;
}
else
{
// Set to denied access.
launch_sddl = "O:SYG:SYD:";
}
access_sddl = launch_sddl;
}
else if (obj is COMRuntimeServerEntry runtime_server)
{
if (runtime_server.HasPermission)
{
launch_sddl = runtime_server.Permissions;
}
else
{
launch_sddl = "O:SYG:SYD:";
}
access_sddl = launch_sddl;
}
else
{
return(false);
}
if (!m_access_cache.ContainsKey(access_sddl))
{
if (m_access_rights == 0)
{
m_access_cache[access_sddl] = true;
}
else
{
m_access_cache[access_sddl] = COMSecurity.IsAccessGranted(access_sddl,
principal, m_access_token, false, false, m_access_rights);
}
}
if (check_launch && !m_launch_cache.ContainsKey(launch_sddl))
{
if (m_launch_rights == 0)
{
m_launch_cache[launch_sddl] = true;
}
else
{
m_launch_cache[launch_sddl] = COMSecurity.IsAccessGranted(launch_sddl, principal, m_access_token,
true, true, m_launch_rights);
}
}
if (m_access_cache[access_sddl] && (!check_launch || m_launch_cache[launch_sddl]))
{
return(true);
}
return(false);
}
private void btnViewLaunchPermissions_Click(object sender, EventArgs e)
{
COMSecurity.ViewSecurity(m_registry, m_appid, false);
}
private void menuSecurityDefaultLaunchRestriction_Click(object sender, EventArgs e)
{
COMSecurity.ViewSecurity(m_registry, "Default Launch Restrictions", m_registry.DefaultLaunchRestriction, false);
}
private void LoadDefaultSecurity()
{
using (RegistryKey key = Registry.LocalMachine.OpenSubKey(@"Software\Microsoft\Ole"))
{
DefaultAccessPermission = GetSecurityDescriptor(key, "DefaultAccessPermission", COMSecurity.GetDefaultAccessPermissions());
DefaultAccessRestriction = GetSecurityDescriptor(key, "DefaultAccessRestriction", COMSecurity.GetDefaultAccessRestrictions());
DefaultLaunchPermission = GetSecurityDescriptor(key, "DefaultLaunchPermission", COMSecurity.GetDefaultLaunchPermissions());
DefaultLaunchRestriction = GetSecurityDescriptor(key, "DefaultLaunchRestriction", COMSecurity.GetDefaultLaunchRestrictions());
}
}
private void menuSecurityDefaultLaunch_Click(object sender, EventArgs e)
{
COMSecurity.ViewSecurity(m_registry, "Default Launch", m_registry.DefaultLaunchPermission, false);
}
private void menuSecurityDefaultAccess_Click(object sender, EventArgs e)
{
COMSecurity.ViewSecurity(m_registry, "Default Access", m_registry.DefaultAccessPermission, true);
}
private void LoadFromKey(RegistryKey key)
{
RunAs = key.GetValue("RunAs") as string;
string name = key.GetValue(null) as string;
if (!String.IsNullOrWhiteSpace(name))
{
Name = name.ToString();
}
else
{
Name = AppId.FormatGuidDefault();
}
AccessPermission = COMSecurity.GetStringSDForSD(key.GetValue("AccessPermission") as byte[]);
LaunchPermission = COMSecurity.GetStringSDForSD(key.GetValue("LaunchPermission") as byte[]);
DllSurrogate = key.GetValue("DllSurrogate") as string;
if (DllSurrogate != null)
{
if (String.IsNullOrWhiteSpace(DllSurrogate))
{
DllSurrogate = "dllhost.exe";
}
else
{
string dllexe = key.GetValue("DllSurrogateExecutable") as string;
if (!String.IsNullOrWhiteSpace(dllexe))
{
DllSurrogate = dllexe;
}
}
}
else
{
DllSurrogate = String.Empty;
}
object flags = key.GetValue("AppIDFlags");
if (flags != null)
{
Flags = (COMAppIDFlags)flags;
}
string local_service = key.GetValue("LocalService") as string;
if (!String.IsNullOrWhiteSpace(local_service))
{
try
{
using (RegistryKey serviceKey = Registry.LocalMachine.OpenSubKey(@"System\CurrentControlSet\Services\" + local_service))
{
using (ServiceController service = new ServiceController(local_service))
{
LocalService = new COMAppIDServiceEntry(serviceKey, service);
}
}
}
catch
{
}
}
if (String.IsNullOrWhiteSpace(RunAs))
{
RunAs = String.Empty;
}
object rotflags = key.GetValue("ROTFlags");
if (rotflags != null && rotflags is int)
{
RotFlags = (COMAppIDRotFlags)rotflags;
}
}
private void btnOK_Click(object sender, EventArgs e)
{
try
{
if (radioCurrentProcess.Checked)
{
Token = SafeProcessHandle.Current.OpenTokenAsImpersonation(SecurityImpersonationLevel.SecurityIdentification);
}
else if (radioSpecificProcess.Checked)
{
if (listViewProcesses.SelectedItems.Count < 1)
{
throw new InvalidOperationException("Please select a process from the list");
}
Token = ((SafeTokenHandle)listViewProcesses.SelectedItems[0].Tag).DuplicateImpersonation(SecurityImpersonationLevel.SecurityIdentification);
}
else if (radioAnonymous.Checked)
{
using (SafeTokenHandle token = SafeTokenHandle.AnonymousToken)
{
Token = token.DuplicateImpersonation(SecurityImpersonationLevel.SecurityIdentification);
}
}
if (checkBoxSetIL.Checked)
{
Token.SetIntegrityLevel((SecurityIntegrityLevel)comboBoxIL.SelectedItem);
}
if (checkBoxLocalAccess.Checked)
{
AccessRights |= COMAccessRights.ExecuteLocal;
}
if (checkBoxRemoteAccess.Checked)
{
AccessRights |= COMAccessRights.ExecuteRemote;
}
if (!_process_security)
{
if (checkBoxLocalLaunch.Checked)
{
LaunchRights |= COMAccessRights.ExecuteLocal;
}
if (checkBoxRemoteLaunch.Checked)
{
LaunchRights |= COMAccessRights.ExecuteRemote;
}
if (checkBoxLocalActivate.Checked)
{
LaunchRights |= COMAccessRights.ActivateLocal;
}
if (checkBoxRemoteActivate.Checked)
{
LaunchRights |= COMAccessRights.ActivateRemote;
}
if (!_process_security)
{
Principal = COMSecurity.UserToSid(textBoxPrincipal.Text);
}
}
DialogResult = DialogResult.OK;
Close();
}
catch (Exception ex)
{
Program.ShowError(this, ex);
}
}
private void btnOK_Click(object sender, EventArgs e)
{
try
{
if (radioCurrentProcess.Checked)
{
Token = OpenImpersonationToken();
}
else if (radioSpecificProcess.Checked)
{
NtProcess process = selectProcessControl.SelectedProcess;
if (process == null)
{
throw new InvalidOperationException("Please select a process from the list");
}
using (var token = NtToken.OpenProcessToken(process, false, TokenAccessRights.Duplicate))
{
Token = token.DuplicateToken(TokenType.Impersonation, SecurityImpersonationLevel.Impersonation, TokenAccessRights.GenericAll);
}
}
else if (radioAnonymous.Checked)
{
Token = TokenUtils.GetAnonymousToken();
}
if (checkBoxSetIL.Checked)
{
Token.SetIntegrityLevel((TokenIntegrityLevel)comboBoxIL.SelectedItem);
}
if (checkBoxLocalAccess.Checked)
{
AccessRights |= COMAccessRights.ExecuteLocal;
}
if (checkBoxRemoteAccess.Checked)
{
AccessRights |= COMAccessRights.ExecuteRemote;
}
if (!_process_security)
{
if (checkBoxLocalLaunch.Checked)
{
LaunchRights |= COMAccessRights.ExecuteLocal;
}
if (checkBoxRemoteLaunch.Checked)
{
LaunchRights |= COMAccessRights.ExecuteRemote;
}
if (checkBoxLocalActivate.Checked)
{
LaunchRights |= COMAccessRights.ActivateLocal;
}
if (checkBoxRemoteActivate.Checked)
{
LaunchRights |= COMAccessRights.ActivateRemote;
}
if (!_process_security)
{
Principal = COMSecurity.UserToSid(textBoxPrincipal.Text).ToString();
}
}
DialogResult = DialogResult.OK;
Close();
}
catch (Exception ex)
{
EntryPoint.ShowError(this, ex);
}
}