private static string GetAccountNameFromSID(string sidString) { SecurityIdentifier sid = new SecurityIdentifier(sidString); if (sid.IsAccountSid() && sid.IsValidTargetType(typeof(NTAccount))) { try { NTAccount account = (NTAccount)sid.Translate(typeof(NTAccount)); return(account.Value); } catch (IdentityNotMappedException) { // Some or all identity references could not be translated. return(null); } catch (System.ArgumentNullException) { // The target translation type is null. return(null); } catch (System.ArgumentException) { // The target translation type is not an IdentityReference type. return(null); } catch (System.SystemException) { // A Win32 error code was returned. return(null); } } else { return(null); } }
/// <summary> /// Converts a SID to a user account name. /// </summary> public static string SidToAccountName(string sid) { SecurityIdentifier identifier = new SecurityIdentifier(sid); if (!identifier.IsValidTargetType(typeof(NTAccount))) { return(null); } return(identifier.Translate(typeof(NTAccount)).ToString()); }
public static string SidToAccountName(SecurityIdentifier sid) { try { return((sid.IsValidTargetType(typeof(NTAccount))) ? ((NTAccount)sid.Translate(typeof(NTAccount))).Value : sid.Value); } catch { return(sid.Value); } }
private void GetWellKnownSid(bool domain) { SecurityIdentifier currDomain = null; if (domain) { currDomain = WindowsIdentity.GetCurrent().User.AccountDomainSid; Console.WriteLine("\n+++ Domain SID: {0} +++", currDomain); } foreach (WellKnownSidType wsid in Enum.GetValues(typeof(WellKnownSidType))) { Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write("{0}: ", wsid); Console.ResetColor(); try { SecurityIdentifier sid = new SecurityIdentifier(wsid, domain ? new SecurityIdentifier(currDomain.Value) : null); try { Console.WriteLine("{0} , {1} ", (sid.IsValidTargetType(typeof(NTAccount)) ? sid.Translate(typeof(NTAccount)).ToString() : "-"), sid.Value ); } catch (Exception e) { Console.ForegroundColor = ConsoleColor.DarkRed; Console.WriteLine(" !{0}", e.Message); Console.ResetColor(); } } catch (Exception e) { Console.ForegroundColor = ConsoleColor.DarkMagenta; Console.WriteLine(" !{0}", e.Message); Console.ResetColor(); } } }
private void GetNTAcctForPath(String path) { FileSecurity fs = File.GetAccessControl(path); AuthorizationRuleCollection ntarc = fs.GetAccessRules(true, true, typeof(NTAccount)); AuthorizationRuleCollection siarc = fs.GetAccessRules(true, true, typeof(SecurityIdentifier)); Console.WriteLine("Checking SIDs on path: {0}", path); Console.WriteLine("\n== By NTAccount =="); foreach (FileSystemAccessRule fsar in ntarc) { NTAccount nta = (NTAccount)fsar.IdentityReference; Console.WriteLine("{0} <=> {1}", nta.Value, nta.IsValidTargetType(typeof(SecurityIdentifier)) ? nta.Translate(typeof(SecurityIdentifier)).ToString() : "-"); } Console.WriteLine("\n== By SecurityIdentifier == "); foreach (FileSystemAccessRule siar in siarc) { SecurityIdentifier sia = (SecurityIdentifier)siar.IdentityReference; try { Console.WriteLine("SDDL:{0} <=> {1}", sia.Value, (sia.IsAccountSid() ? (sia.IsValidTargetType(typeof(NTAccount)) ? sia.Translate(typeof(NTAccount)).ToString() : "-") : "Not a real Windows Account")); } catch (Exception e) { Console.WriteLine("Error: {0}", e.Message); } } }
/// <summary> /// Gets the application access rules implied by the access rights to the file. /// </summary> public static void SetAccessRules(String filePath, IList <ApplicationAccessRule> accessRules, bool replaceExisting) { // get the current permissions from the file or directory. FileSystemSecurity security = null; FileInfo fileInfo = new FileInfo(filePath); DirectoryInfo directoryInfo = null; if (!fileInfo.Exists) { directoryInfo = new DirectoryInfo(filePath); if (!directoryInfo.Exists) { throw new FileNotFoundException("File or directory does not exist.", filePath); } security = directoryInfo.GetAccessControl(AccessControlSections.Access); } else { security = fileInfo.GetAccessControl(AccessControlSections.Access); } if (replaceExisting) { // can't use inhieritance when setting permissions security.SetAccessRuleProtection(true, false); // remove all existing access rules. AuthorizationRuleCollection authorizationRules = security.GetAccessRules(true, true, typeof(NTAccount)); for (int ii = 0; ii < authorizationRules.Count; ii++) { FileSystemAccessRule accessRule = authorizationRules[ii] as FileSystemAccessRule; // only care about file system rules. if (accessRule == null) { continue; } security.RemoveAccessRule(accessRule); } } // allow children to inherit rules for directories. InheritanceFlags flags = InheritanceFlags.None; if (directoryInfo != null) { flags = InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit; } // add the new rules. for (int ii = 0; ii < accessRules.Count; ii++) { ApplicationAccessRule applicationRule = accessRules[ii]; IdentityReference identityReference = applicationRule.IdentityReference; if (identityReference == null) { if (applicationRule.IdentityName.StartsWith("S-")) { SecurityIdentifier sid = new SecurityIdentifier(applicationRule.IdentityName); if (!sid.IsValidTargetType(typeof(NTAccount))) { continue; } identityReference = sid.Translate(typeof(NTAccount)); } else { identityReference = new NTAccount(applicationRule.IdentityName); } } FileSystemAccessRule fileRule = null; switch (applicationRule.Right) { case ApplicationAccessRight.Run: { fileRule = new FileSystemAccessRule( identityReference, (applicationRule.RuleType == AccessControlType.Allow) ? Read : Configure, flags, PropagationFlags.None, ApplicationAccessRule.Convert(applicationRule.RuleType)); break; } case ApplicationAccessRight.Update: { fileRule = new FileSystemAccessRule( identityReference, (applicationRule.RuleType == AccessControlType.Allow) ? Update : ConfigureOnly | UpdateOnly, flags, PropagationFlags.None, ApplicationAccessRule.Convert(applicationRule.RuleType)); security.SetAccessRule(fileRule); break; } case ApplicationAccessRight.Configure: { fileRule = new FileSystemAccessRule( identityReference, (applicationRule.RuleType == AccessControlType.Allow) ? Configure : ConfigureOnly, flags, PropagationFlags.None, ApplicationAccessRule.Convert(applicationRule.RuleType)); break; } } try { security.SetAccessRule(fileRule); } catch (Exception e) { Utils.Trace( "Could not set access rule for account '{0}' on file '{1}'. Error={2}", applicationRule.IdentityName, filePath, e.Message); } } if (directoryInfo != null) { directoryInfo.SetAccessControl((DirectorySecurity)security); return; } fileInfo.SetAccessControl((FileSecurity)security); }
public ProgramInstallInfo(RegistryKey key) { Key = key; Comments = GetValueAsString("Comments"); Contact = GetValueAsString("Contact"); DisplayName = GetValueAsString("DisplayName"); DisplayVersion = GetValueAsString("DisplayVersion"); EstimatedSize = GetValueAsInt("EstimatedSize"); HelpLink = GetValueAsString("HelpLink"); HelpTelephone = GetValueAsString("HelpTelephone"); var installDateValue = GetValueAsString("InstallDate"); DateTime installDate; if (!DateTime.TryParse(installDateValue, out installDate)) { DateTime.TryParseExact(installDateValue, "yyyyMMdd", CultureInfo.CurrentCulture, DateTimeStyles.None, out installDate); } InstallDate = installDate; InstallLocation = GetValueAsString("InstallLocation"); InstallSource = GetValueAsString("InstallSource"); Language = GetValueAsInt("Language"); ModifyPath = GetValueAsString("ModifyPath"); Path = GetValueAsString("Path"); ProductCode = Guid.Empty; Guid productCode; var keyName = System.IO.Path.GetFileName(key.Name); if (Guid.TryParse(keyName, out productCode)) { ProductCode = productCode; } Publisher = GetValueAsString("Publisher"); Readme = GetValueAsString("Readme"); Size = GetValueAsString("Size"); UninstallString = GetValueAsString("UninstallString"); UrlInfoAbout = GetValueAsString("URLInfoAbout"); UrlUpdateInfo = GetValueAsString("URLUpdateInfo"); User = String.Empty; if (key.Name.StartsWith("HKEY_USERS", StringComparison.InvariantCultureIgnoreCase)) { var match = Regex.Match(key.Name, @"^HKEY_USERS\\([^\\]+)\\"); if (match.Success) { User = match.Groups[1].Value; try { var sid = new SecurityIdentifier(User); if (sid.IsValidTargetType(typeof(NTAccount))) { var ntAccount = sid.Translate(typeof(NTAccount)) as NTAccount; if (ntAccount != null) { User = ntAccount.Value; } } } // ReSharper disable once EmptyGeneralCatchClause catch (Exception) { } } } var intVersion = GetValueAsInt("Version"); string rawVersion; if (intVersion != 0) { var major = intVersion >> 24; // first 8 bits are major version number var minor = (intVersion & 0x00ff0000) >> 16; // bits 9 - 16 are the minor version number var build = intVersion & 0x0000ffff; // last 16 bits are the build number rawVersion = String.Format("{0}.{1}.{2}", major, minor, build); } else { rawVersion = GetValueAsString("Version"); } Version version; if (Version.TryParse(rawVersion, out version)) { Version = version; } VersionMajor = GetValueAsInt("VersionMajor"); VersionMinor = GetValueAsInt("VersionMinor"); var windowsInstallerValue = GetValueAsInt("WindowsInstaller"); WindowsInstaller = (windowsInstallerValue > 0); }
private void ImpersonateUser(String userName, String domainName) { if (domainName == null) { domainName = "."; } IntPtr tokenHandle = WindowsIdentity.GetCurrent().Token; Console.WriteLine("Before Impersonation"); Console.WriteLine("Token {0}", tokenHandle); Console.WriteLine("Auth type: {0}", WindowsIdentity.GetCurrent().AuthenticationType); Console.WriteLine("Impersonation Level: {0}", WindowsIdentity.GetCurrent().ImpersonationLevel); Console.WriteLine("Owner of Process: {0}", WindowsIdentity.GetCurrent().Owner); Console.WriteLine("User: {0}", WindowsIdentity.GetCurrent().User); IntPtr phToken = IntPtr.Zero; SecureString pwd = new SecureString(); // Use the AppendChar method to add each char value to the secure string. Console.Write("PW: "); char[] che = Console.ReadLine().TrimEnd(Environment.NewLine.ToCharArray()).ToCharArray(); foreach (char ch in che) { pwd.AppendChar(ch); } IntPtr pwdPtr = Marshal.SecureStringToGlobalAllocUnicode(pwd); bool status; status = LogonUser(userName, domainName, pwdPtr, 3, 3, out phToken); pwd.Dispose(); if (status) { Console.WriteLine("Impersonating token {0} with token {1}", tokenHandle, phToken); try { using (WindowsImpersonationContext wic = WindowsIdentity.Impersonate(phToken)) { SecurityIdentifier ownerSid = WindowsIdentity.GetCurrent().Owner; SecurityIdentifier userSid = WindowsIdentity.GetCurrent().User; Console.WriteLine("After Impersonation"); Console.WriteLine("Token {0}", WindowsIdentity.GetCurrent().Token); Console.WriteLine("|-Name {0}", WindowsIdentity.GetCurrent().Name); Console.WriteLine("|-Auth type: {0}", WindowsIdentity.GetCurrent().AuthenticationType); Console.WriteLine("|-Impersonation Level: {0}", WindowsIdentity.GetCurrent().ImpersonationLevel); Console.WriteLine("|-Owner of Process: {0} {1}", ownerSid, (ownerSid.IsValidTargetType(typeof(NTAccount)) ? ownerSid.Translate(typeof(NTAccount)).ToString() : "-") ); Console.WriteLine("|-User: {0} {1}", userSid, (userSid.IsValidTargetType(typeof(NTAccount)) ? userSid.Translate(typeof(NTAccount)).ToString() : "-") ); } } catch (Exception e) { Console.WriteLine("Impersonation failed: {0}", e.Message); } } else { int err = Marshal.GetLastWin32Error(); if (err != 0) { Console.Write("Unable to Impersonate"); Console.WriteLine(" : {0} - {1} ", err, new Win32Exception(err).Message); } } }