public static extern bool LookupAccountSid(
string lpSystemName,
IntPtr Sid,
StringBuilder lpName,
ref uint cchName,
StringBuilder ReferencedDomainName,
ref uint cchReferencedDomainName,
out Winnt._SID_NAME_USE peUse
);
public static extern bool LookupAccountName(
StringBuilder lpSystemName,
StringBuilder lpAccountName,
ref Ntifs._SID Sid,
ref uint cbSid,
StringBuilder ReferencedDomainName,
ref uint cchReferencedDomainName,
out Winnt._SID_NAME_USE peUse
);
public static extern bool LookupAccountSid(
String lpSystemName,
IntPtr Sid,
IntPtr lpName,
ref UInt32 cchName,
IntPtr ReferencedDomainName,
ref UInt32 cchReferencedDomainName,
out Winnt._SID_NAME_USE peUse
);
////////////////////////////////////////////////////////////////////////////////
// Converts a SID Byte array to User Name
////////////////////////////////////////////////////////////////////////////////
internal static bool ConvertSidToName(IntPtr sid, out string userName)
{
StringBuilder sbUserName = new StringBuilder();
string lpSystemName = string.Empty;
StringBuilder lpName = new StringBuilder();
uint cchName = (uint)lpName.Capacity;
StringBuilder lpReferencedDomainName = new StringBuilder();
uint cchReferencedDomainName = (uint)lpReferencedDomainName.Capacity;
Winnt._SID_NAME_USE sidNameUse = new Winnt._SID_NAME_USE();
advapi32.LookupAccountSid(lpSystemName, sid, lpName, ref cchName, lpReferencedDomainName, ref cchReferencedDomainName, out sidNameUse);
lpName.EnsureCapacity((int)cchName + 1);
lpReferencedDomainName.EnsureCapacity((int)cchReferencedDomainName + 1);
byte[] bsid = new byte[16];
Marshal.Copy(sid, bsid, 0, 16);
bool retVal = advapi32.LookupAccountSid(lpSystemName, sid, lpName, ref cchName, lpReferencedDomainName, ref cchReferencedDomainName, out sidNameUse);
if (!retVal && 0 == lpName.Length)
{
Misc.GetWin32Error("LookupAccountSid");
}
if (lpReferencedDomainName.Length > 0)
{
sbUserName.Append(lpReferencedDomainName);
}
if (sbUserName.Length > 0)
{
sbUserName.Append(@"\");
}
if (lpName.Length > 0)
{
sbUserName.Append(lpName);
}
userName = sbUserName.ToString();
if (string.IsNullOrEmpty(userName))
{
return(false);
}
else
{
return(true);
}
}
////////////////////////////////////////////////////////////////////////////////
// SID Lookup Wrapper
////////////////////////////////////////////////////////////////////////////////
private static bool _LookupSid(string logonDomain, string userName, ref IntPtr hSid)
{
StringBuilder lpSystemName = new StringBuilder(logonDomain);
StringBuilder lpAccountName = new StringBuilder(userName);
uint cbSid = 0;
StringBuilder lpReferencedDomainName = new StringBuilder();
uint cchReferencedDomainName = 0;
Winnt._SID_NAME_USE peUse = new Winnt._SID_NAME_USE();
//Console.WriteLine(" - LookupAccountName");
advapi32.LookupAccountName(
lpSystemName,
lpAccountName,
hSid,
ref cbSid,
lpReferencedDomainName,
ref cchReferencedDomainName,
out peUse
);
hSid = Marshal.AllocHGlobal((int)cbSid);
lpReferencedDomainName.EnsureCapacity((int)cchReferencedDomainName);
bool retVal = advapi32.LookupAccountName(
lpSystemName,
lpAccountName,
hSid,
ref cbSid,
lpReferencedDomainName,
ref cchReferencedDomainName,
out peUse
);
if (!retVal)
{
Misc.GetWin32Error("LookupAccountName");
return(false);
}
IntPtr hStringUserSid = IntPtr.Zero;
advapi32.ConvertSidToStringSid(hSid, ref hStringUserSid);
string sddl = Marshal.PtrToStringAuto(hStringUserSid);
Console.WriteLine(" [+] {0} {1}", sddl, lpAccountName.ToString());
return(true);
}
////////////////////////////////////////////////////////////////////////////////
// Converts a SID Byte array to User Name
////////////////////////////////////////////////////////////////////////////////
public static Boolean ConvertSidToName(IntPtr sid, out String userName)
{
StringBuilder sbUserName = new StringBuilder();
StringBuilder lpName = new StringBuilder();
UInt32 cchName = (UInt32)lpName.Capacity;
StringBuilder lpReferencedDomainName = new StringBuilder();
UInt32 cchReferencedDomainName = (UInt32)lpReferencedDomainName.Capacity;
Winnt._SID_NAME_USE sidNameUse = new Winnt._SID_NAME_USE();
advapi32.LookupAccountSid(String.Empty, sid, lpName, ref cchName, lpReferencedDomainName, ref cchReferencedDomainName, out sidNameUse);
lpName.EnsureCapacity((Int32)cchName + 1);
lpReferencedDomainName.EnsureCapacity((Int32)cchReferencedDomainName + 1);
advapi32.LookupAccountSid(String.Empty, sid, lpName, ref cchName, lpReferencedDomainName, ref cchReferencedDomainName, out sidNameUse);
if (lpReferencedDomainName.Length > 0)
{
sbUserName.Append(lpReferencedDomainName);
}
if (sbUserName.Length > 0)
{
sbUserName.Append(@"\");
}
if (lpName.Length > 0)
{
sbUserName.Append(lpName);
}
userName = sbUserName.ToString();
if (String.IsNullOrEmpty(userName))
{
return(false);
}
else
{
return(true);
}
}
