public static void ImpersonateToken(SafeNativeHandle hToken)
{
if (!NativeMethods.ImpersonateLoggedOnUser(hToken))
{
throw new Win32Exception("Failed to impersonate token");
}
}
public static extern bool LogonUserW(
string lpszUsername,
string lpszDomain,
string lpszPassword,
LogonType dwLogonType,
LogonProvider dwLogonProvider,
out SafeNativeHandle phToken);
public static extern bool DuplicateTokenEx(
SafeNativeHandle hExistingToken,
TokenAccessLevels dwDesiredAccess,
IntPtr lpTokenAttributes,
SecurityImpersonationLevel ImpersonationLevel,
TokenType TokenType,
out SafeNativeHandle phNewToken);
public static SafeNativeHandle GetTokenLinkedToken(SafeNativeHandle hToken)
{
using (SafeMemoryBuffer tokenInfo = GetTokenInformation(hToken,
NativeHelpers.TokenInformationClass.TokenLinkedToken))
{
return(new SafeNativeHandle(Marshal.ReadIntPtr(tokenInfo.DangerousGetHandle())));
}
}
public static TokenElevationType GetTokenElevationType(SafeNativeHandle hToken)
{
using (SafeMemoryBuffer tokenInfo = GetTokenInformation(hToken,
NativeHelpers.TokenInformationClass.TokenElevationType))
{
return((TokenElevationType)Marshal.ReadInt32(tokenInfo.DangerousGetHandle()));
}
}
public static SafeNativeHandle DuplicateToken(SafeNativeHandle hToken, TokenAccessLevels access,
SecurityImpersonationLevel impersonationLevel, TokenType tokenType)
{
SafeNativeHandle dupToken;
if (!NativeMethods.DuplicateTokenEx(hToken, access, IntPtr.Zero, impersonationLevel, tokenType, out dupToken))
{
throw new Win32Exception("Failed to duplicate token");
}
return(dupToken);
}
public static TokenStatistics GetTokenStatistics(SafeNativeHandle hToken)
{
using (SafeMemoryBuffer tokenInfo = GetTokenInformation(hToken,
NativeHelpers.TokenInformationClass.TokenStatistics))
{
TokenStatistics tokenStats = (TokenStatistics)Marshal.PtrToStructure(
tokenInfo.DangerousGetHandle(),
typeof(TokenStatistics));
return(tokenStats);
}
}
public static SecurityIdentifier GetTokenUser(SafeNativeHandle hToken)
{
using (SafeMemoryBuffer tokenInfo = GetTokenInformation(hToken,
NativeHelpers.TokenInformationClass.TokenUser))
{
NativeHelpers.TOKEN_USER tokenUser = (NativeHelpers.TOKEN_USER)Marshal.PtrToStructure(
tokenInfo.DangerousGetHandle(),
typeof(NativeHelpers.TOKEN_USER));
return(new SecurityIdentifier(tokenUser.User.Sid));
}
}
private static SafeNativeHandle TryOpenAccessToken(System.Diagnostics.Process process, TokenAccessLevels access)
{
try
{
using (SafeNativeHandle hProcess = OpenProcess(process.Id, ProcessAccessFlags.QueryInformation, false))
return(OpenProcessToken(hProcess, access));
}
catch (Win32Exception)
{
return(null);
}
}
public static SafeNativeHandle OpenProcessToken(SafeNativeHandle hProcess, TokenAccessLevels access)
{
SafeNativeHandle hToken;
if (!NativeMethods.OpenProcessToken(hProcess, access, out hToken))
{
throw new Win32Exception(String.Format("Failed to open proces token with access {0}",
access.ToString()));
}
return(hToken);
}
public static SafeNativeHandle OpenProcess(Int32 pid, ProcessAccessFlags access, bool inherit)
{
SafeNativeHandle hProcess = NativeMethods.OpenProcess(access, inherit, (UInt32)pid);
if (hProcess.IsInvalid)
{
throw new Win32Exception(String.Format("Failed to open process {0} with access {1}",
pid, access.ToString()));
}
return(hProcess);
}
public static List <PrivilegeInfo> GetTokenPrivileges(SafeNativeHandle hToken)
{
using (SafeMemoryBuffer tokenInfo = GetTokenInformation(hToken,
NativeHelpers.TokenInformationClass.TokenPrivileges))
{
NativeHelpers.TOKEN_PRIVILEGES tokenPrivs = (NativeHelpers.TOKEN_PRIVILEGES)Marshal.PtrToStructure(
tokenInfo.DangerousGetHandle(),
typeof(NativeHelpers.TOKEN_PRIVILEGES));
NativeHelpers.LUID_AND_ATTRIBUTES[] luidAttrs =
new NativeHelpers.LUID_AND_ATTRIBUTES[tokenPrivs.PrivilegeCount];
PtrToStructureArray(luidAttrs, IntPtr.Add(tokenInfo.DangerousGetHandle(),
Marshal.SizeOf(tokenPrivs.PrivilegeCount)));
return(luidAttrs.Select(la => new PrivilegeInfo(la)).ToList());
}
}
private static SafeMemoryBuffer GetTokenInformation(SafeNativeHandle hToken,
NativeHelpers.TokenInformationClass infoClass)
{
UInt32 tokenLength;
bool res = NativeMethods.GetTokenInformation(hToken, infoClass, new SafeMemoryBuffer(IntPtr.Zero), 0,
out tokenLength);
int errCode = Marshal.GetLastWin32Error();
if (!res && errCode != 24 && errCode != 122) // ERROR_INSUFFICIENT_BUFFER, ERROR_BAD_LENGTH
{
throw new Win32Exception(errCode, String.Format("GetTokenInformation({0}) failed to get buffer length",
infoClass.ToString()));
}
SafeMemoryBuffer tokenInfo = new SafeMemoryBuffer((int)tokenLength);
if (!NativeMethods.GetTokenInformation(hToken, infoClass, tokenInfo, tokenLength, out tokenLength))
{
throw new Win32Exception(String.Format("GetTokenInformation({0}) failed", infoClass.ToString()));
}
return(tokenInfo);
}
public static IEnumerable <SafeNativeHandle> EnumerateUserTokens(SecurityIdentifier sid,
TokenAccessLevels access = TokenAccessLevels.Query)
{
foreach (System.Diagnostics.Process process in System.Diagnostics.Process.GetProcesses())
{
// We always need the Query access level so we can query the TokenUser
using (process)
using (SafeNativeHandle hToken = TryOpenAccessToken(process, access | TokenAccessLevels.Query))
{
if (hToken == null)
{
continue;
}
if (!sid.Equals(GetTokenUser(hToken)))
{
continue;
}
yield return(hToken);
}
}
}
public static extern bool OpenProcessToken(
SafeNativeHandle ProcessHandle,
TokenAccessLevels DesiredAccess,
out SafeNativeHandle TokenHandle);
public static extern bool ImpersonateLoggedOnUser(
SafeNativeHandle hToken);
public static extern bool GetTokenInformation(
SafeNativeHandle TokenHandle,
NativeHelpers.TokenInformationClass TokenInformationClass,
SafeMemoryBuffer TokenInformation,
UInt32 TokenInformationLength,
out UInt32 ReturnLength);
