public void DumpAddGroup(
string name,
SidAttributes attributes
)
{
_groups.DumpAddGroup(name, attributes);
}
public SecurityIdentifier(IdentifierAuthority authority, uint[] subs, SidAttributes attributes)
{
this.authority = authority;
subAuthorities = subs;
Attributes = attributes;
}
private string GetAttributeString(SidAttributes Attributes)
{
string text = string.Empty;
if ((Attributes & SidAttributes.Integrity) != 0)
{
if ((Attributes & SidAttributes.IntegrityEnabled) != 0)
return "Integrity";
return "Integrity (Disabled)";
}
if ((Attributes & SidAttributes.LogonId) != 0)
text = "Logon ID";
else if ((Attributes & SidAttributes.Mandatory) != 0)
text = "Mandatory";
else if ((Attributes & SidAttributes.Owner) != 0)
text = "Owner";
else if ((Attributes & SidAttributes.Resource) != 0)
text = "Resource";
else if ((Attributes & SidAttributes.UseForDenyOnly) != 0)
text = "Use for Deny Only";
if ((Attributes & SidAttributes.EnabledByDefault) != 0)
return text + " (Default Enabled)";
if ((Attributes & SidAttributes.Enabled) != 0)
return text;
return text + " (Disabled)";
}
private Color GetAttributeColor(SidAttributes Attributes)
{
if ((Attributes & SidAttributes.Integrity) != 0)
{
if ((Attributes & SidAttributes.IntegrityEnabled) == 0)
{
return(Color.FromArgb(0xe0e0e0));
}
else
{
return(Color.White);
}
}
if ((Attributes & SidAttributes.EnabledByDefault) != 0)
{
return(Color.FromArgb(0xe0f0e0));
}
else if ((Attributes & SidAttributes.Enabled) != 0)
{
return(Color.White);
}
else
{
return(Color.FromArgb(0xf0e0e0));
}
}
public void DumpAddGroup(string name, SidAttributes attributes)
{
ListViewItem item = listGroups.Items.Add(new ListViewItem());
item.Text = PhUtils.GetBestUserName(name, Settings.Instance.ShowAccountDomains);
item.BackColor = GetAttributeColor(attributes);
item.SubItems.Add(new ListViewItem.ListViewSubItem(item, GetAttributeString(attributes)));
}
public void DumpAddGroup(string name, SidAttributes attributes)
{
ListViewItem item = listGroups.Items.Add(new ListViewItem());
item.Text = PhUtils.GetBestUserName(name, Settings.Instance.ShowAccountDomains);
item.BackColor = GetAttributeColor(attributes);
item.SubItems.Add(new ListViewItem.ListViewSubItem(item, GetAttributeString(attributes)));
}
public static SecurityIdentifier FromRpcSid(RpcSid sid, uint id = 0, SidAttributes attributes = 0)
{
if (sid == null)
{
throw new ArgumentNullException(nameof(sid));
}
return(new SecurityIdentifier(sid.IdentifierAuthority.Authority, Concat(sid.SubAuthority, id), attributes));
}
public SecurityIdentifier(IdentifierAuthority authority, int[] subs, SidAttributes attributes)
{
this.authority = authority;
SubAuthorities = subs;
Attributes = attributes;
BinaryForm = ToBinaryForm(authority, subs);
}
private Sid(IntPtr sid, bool hasAttributes, SidAttributes attributes, string systemName)
{
_memory = new MemoryAlloc(Win32.RtlLengthSid(sid));
Win32.RtlCopySid(_memory.Size, _memory, sid).ThrowIf();
_hasAttributes = hasAttributes;
_attributes = attributes;
_systemName = systemName;
}
public void Unmarshal(NdrBuffer buffer)
{
if (buffer == null)
{
throw new ArgumentNullException(nameof(buffer));
}
this.RelativeId = buffer.ReadUInt32LittleEndian();
this.Attributes = (SidAttributes)buffer.ReadInt32LittleEndian();
}
public void Unmarshal(NdrBuffer buffer)
{
if (buffer == null)
{
throw new ArgumentNullException(nameof(buffer));
}
buffer.ReadConformantStruct <RpcSid>(p => this.Sid = p);
this.Attributes = (SidAttributes)buffer.ReadInt32LittleEndian();
}
public SecurityIdentifier(ReadOnlySpan <byte> binary, SidAttributes attributes = 0)
{
BinaryForm = new ReadOnlyMemory <byte>(binary.ToArray());
authority = (IdentifierAuthority)binary.Slice(2, 6).AsLong();
Attributes = attributes;
SubAuthorities = new int[binary[1]];
for (var i = 0; i < SubAuthorities.Length; i++)
{
SubAuthorities[i] = (int)binary.Slice(8 + (4 * i), 4).AsLong(littleEndian: true);
}
}
private string GetAttributeString(SidAttributes Attributes)
{
string text = "";
if ((Attributes & SidAttributes.Integrity) != 0)
{
if ((Attributes & SidAttributes.IntegrityEnabled) != 0)
{
return("Integrity");
}
else
{
return("Integrity (Disabled)");
}
}
else if ((Attributes & SidAttributes.LogonId) != 0)
{
text = "Logon ID";
}
else if ((Attributes & SidAttributes.Mandatory) != 0)
{
text = "Mandatory";
}
else if ((Attributes & SidAttributes.Owner) != 0)
{
text = "Owner";
}
else if ((Attributes & SidAttributes.Resource) != 0)
{
text = "Resource";
}
else if ((Attributes & SidAttributes.UseForDenyOnly) != 0)
{
text = "Use for Deny Only";
}
if ((Attributes & SidAttributes.EnabledByDefault) != 0)
{
return(text + " (Default Enabled)");
}
else if ((Attributes & SidAttributes.Enabled) != 0)
{
return(text);
}
else
{
return(text + " (Disabled)");
}
}
private Sid(IntPtr sid, bool hasAttributes, SidAttributes attributes, string systemName)
{
NtStatus status;
_memory = new MemoryAlloc(Win32.RtlLengthSid(sid));
if ((status = Win32.RtlCopySid(_memory.Size, _memory, sid)) >= NtStatus.Error)
{
Win32.ThrowLastError(status);
}
_hasAttributes = hasAttributes;
_attributes = attributes;
_systemName = systemName;
}
public SecurityIdentifier(byte[] binary, SidAttributes attributes = 0)
{
BinaryForm = binary;
var span = new Span <byte>(binary);
authority = (IdentifierAuthority)span.Slice(2, 6).AsLong();
Attributes = attributes;
SubAuthorities = new int[binary[1]];
for (var i = 0; i < SubAuthorities.Length; i++)
{
SubAuthorities[i] = (int)span.Slice(8 + (4 * i), 4).AsLong(littleEndian: true);
}
}
private Color GetAttributeColor(SidAttributes Attributes)
{
if ((Attributes & SidAttributes.Integrity) != 0)
{
if ((Attributes & SidAttributes.IntegrityEnabled) == 0)
return Color.FromArgb(0xe0e0e0);
else
return Color.White;
}
if ((Attributes & SidAttributes.EnabledByDefault) != 0)
return Color.FromArgb(0xe0f0e0);
else if ((Attributes & SidAttributes.Enabled) != 0)
return Color.White;
else
return Color.FromArgb(0xf0e0e0);
}
public SecurityIdentifier(byte[] binary, SidAttributes attributes = 0)
{
authority = (IdentifierAuthority)BytesToLong(binary, 2, 5);
Attributes = attributes;
var subs = new int[binary[1]];
for (var i = 0; i < binary[1]; i++)
{
subs[i] =
(int)(
(((uint)binary[8 + 4 * i + 0]) << 0) +
(((uint)binary[8 + 4 * i + 1]) << 8) +
(((uint)binary[8 + 4 * i + 2]) << 16) +
(((uint)binary[8 + 4 * i + 3]) << 24)
);
}
subAuthorities = new int[subs.Length];
subs.CopyTo(subAuthorities, 0);
}
private static SecurityIdentifier[] ParseExtraSids(NdrBinaryReader pacStream, int extraSidCount, int extraSidPointer)
{
if (extraSidPointer == 0)
{
return(new SecurityIdentifier[0]);
}
int realExtraSidCount = pacStream.ReadInt();
if (realExtraSidCount != extraSidCount)
{
throw new InvalidDataException($"Expected Sid count {extraSidCount} doesn't match actual sid count {realExtraSidCount}");
}
var extraSidAtts = new SecurityIdentifier[extraSidCount];
var pointers = new int[extraSidCount];
var attributes = new SidAttributes[extraSidCount];
for (int i = 0; i < extraSidCount; i++)
{
pointers[i] = pacStream.ReadInt();
attributes[i] = (SidAttributes)pacStream.ReadUnsignedInt();
}
for (int i = 0; i < extraSidCount; i++)
{
SecurityIdentifier sid = null;
if (pointers[i] != 0)
{
sid = new SecurityIdentifier(pacStream.ReadSid(), attributes[i]);
}
extraSidAtts[i] = sid;
}
return(extraSidAtts);
}
public void Unmarshal(NdrBuffer buffer)
{
buffer.ReadConformantStruct <RpcSid>(p => Sid = p);
Attributes = (SidAttributes)buffer.ReadInt32LittleEndian();
}
public void Unmarshal(NdrBuffer buffer)
{
RelativeId = buffer.ReadUInt32LittleEndian();
Attributes = (SidAttributes)buffer.ReadInt32LittleEndian();
}
public SidAndAttributes(SidAttributes attributes, IntPtr sid)
{
_securityIdentifier = new SecurityIdentifier(sid);
_attributes = attributes;
}
public SecurityIdentifier(SecurityIdentifier sid, SidAttributes attributes)
: this(sid.authority, sid.SubAuthorities, attributes)
{
}
public void DumpAddGroup(
string name,
SidAttributes attributes
)
{
_groups.DumpAddGroup(name, attributes);
}
public SidAndAttributes(SidAttributes attributes, IntPtr sid)
{
_securityIdentifier = new SecurityIdentifier(sid);
_attributes = attributes;
}
/// <summary>
/// Copies the specified SID.
/// </summary>
/// <param name="sid">A pointer to an existing SID.</param>
/// <param name="attributes">The attributes associated with the SID.</param>
/// <param name="systemName">The name of the system on which the SID is located.</param>
public Sid(IntPtr sid, SidAttributes attributes, string systemName)
: this(sid, true, attributes, systemName)
{
}
/// <summary>
/// Copies the specified SID.
/// </summary>
/// <param name="sid">A pointer to an existing SID.</param>
/// <param name="attributes">The attributes associated with the SID.</param>
public Sid(IntPtr sid, SidAttributes attributes)
: this(sid, attributes, null)
{
}
public static SecurityIdentifier FromRpcSid(RpcSid sid, int id = 0, SidAttributes attributes = 0)
{
return(new SecurityIdentifier(sid.IdentifierAuthority.Authority, Concat(sid.SubAuthority, id), attributes));
}
public SidAndAttributes(SID sid, SidAttributes attributes)
{
Sid = sid;
Attributes = attributes;
}
