コード例 #1
0
        public static uint ApiGetNamedSecurityInfo(
                                    string objectName,
                                    SecurityDescriptorApi.SE_OBJECT_TYPE object_type,
                                    out SecurityDescriptorApi.SECURITY_DESCRIPTOR pSECURITY_DESCRIPTOR)
        {
            Logger.Log(string.Format("SecurityDescriptorWrapper.ApiGetNamedSecurityInfo(objectName={0}", objectName), Logger.SecurityDescriptorLogLevel);

            IntPtr pZero = IntPtr.Zero;
            IntPtr pSidOwner = pZero;
            IntPtr pSidGroup = pZero;
            IntPtr pDacl = pZero;
            IntPtr pSacl = pZero;
            IntPtr pSecurityDescriptor = pZero;
            uint errorReturn = 0;
            pSECURITY_DESCRIPTOR = new SecurityDescriptorApi.SECURITY_DESCRIPTOR();

            try
            {
                errorReturn = SecurityDescriptorApi.GetNamedSecurityInfo(
                                    objectName,
                                    object_type,
                                    SecurityDescriptorApi.SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION |
                                    SecurityDescriptorApi.SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION |
                                    SecurityDescriptorApi.SECURITY_INFORMATION.DACL_SECURITY_INFORMATION,
                                    out pSidOwner,
                                    out pSidGroup,
                                    out pDacl,
                                    out pSacl,
                                    out pSecurityDescriptor);

                if (errorReturn != 0)
                {
                    Console.WriteLine("SecurityDescriptorWrapper.ApiGetNamedSecurityInfo() errorReturn: {0} ", errorReturn);
                    return errorReturn;
                }

                if (pSecurityDescriptor != IntPtr.Zero)
                {
                    pSECURITY_DESCRIPTOR = new SecurityDescriptorApi.SECURITY_DESCRIPTOR();
                    pSECURITY_DESCRIPTOR = (SecurityDescriptorApi.SECURITY_DESCRIPTOR)Marshal.PtrToStructure(pSecurityDescriptor, typeof(SecurityDescriptorApi.SECURITY_DESCRIPTOR));
                }
            }
            catch (Exception ex)
            {
                Logger.LogException(string.Format("SecurityDescriptorWrapper.ApiGetNamedSecurityInfo(objectName={0}", objectName), ex);
            }

            return errorReturn;
        }
コード例 #2
0
        public static uint ApiBuildTrusteeWithSid(IntPtr pSid, out SecurityDescriptorApi.TRUSTEE Trustee)
        {
            uint errorReturn = 0;
            IntPtr pTrustee = IntPtr.Zero;
            Trustee = new SecurityDescriptorApi.TRUSTEE();

            try
            {
                Logger.Log("SecurityDescriptorWrapper.ApiBuildTrusteeWithSid() called", Logger.SecurityDescriptorLogLevel);


                pTrustee = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(SecurityDescriptorApi.TRUSTEE)));
                bool bRet = SecurityDescriptorApi.BuildTrusteeWithSid(ref pTrustee, pSid);

                errorReturn = (uint)Marshal.GetLastWin32Error();

                Logger.Log("Build trustee returns" + errorReturn);
                if (pTrustee != IntPtr.Zero)
                {
                    Trustee = new SecurityDescriptorApi.TRUSTEE();
                    Trustee = (SecurityDescriptorApi.TRUSTEE)Marshal.PtrToStructure(pTrustee, typeof(SecurityDescriptorApi.TRUSTEE));
                }
            }
            catch (Exception ex)
            {
                errorReturn = (uint)Marshal.GetLastWin32Error();
                Logger.LogException("SecurityDescriptorWrapper.ApiBuildTrusteeWithSid()", ex);
                Logger.Log("Build trustee " + Marshal.GetLastWin32Error());
            }

            return errorReturn;
        }
コード例 #3
0
 public static extern WinError SetFileSecurity(
     [MarshalAs(UnmanagedType.LPWStr)] string lpFileName,
     SecurityDescriptorApi.SECURITY_INFORMATION SecurityInformation,
     IntPtr pSecurityDescriptor
 );
コード例 #4
0
        public static bool ApiAdjustTokenPrivileges(ref IntPtr pProcessTokenHandle, string sPrivilizeValue)
        {
            Logger.Log(string.Format("SecurityDescriptorWrapper.ApiAdjustTokenPrivileges()"), Logger.SecurityDescriptorLogLevel);

            bool bIsSuccess = false;
            uint returnLength = 0, IreturnLength = 0;

            try
            {
                SecurityDescriptorApi.TOKEN_PRIVILEGES pPreviousTpStruct = new SecurityDescriptorApi.TOKEN_PRIVILEGES();
                IntPtr pPreviousToken = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(SecurityDescriptorApi.TOKEN_PRIVILEGES)));

                //Call the GetTokenInformation at the first time to get the length of the TOKEN_PRIVILEGES structure.
                bIsSuccess = SecurityDescriptorApi.GetTokenInformation(
                    pProcessTokenHandle,
                    SecurityDescriptorApi.TOKEN_INFORMATION_CLASS.TokenPrivileges,
                    pPreviousTpStruct,
                    0,
                    out returnLength);
                Logger.Log("Error at SecurityDescriptorApi.GetTokenInformation: " + Marshal.GetLastWin32Error(), Logger.SecurityDescriptorLogLevel);

                bIsSuccess = SecurityDescriptorApi.GetTokenInformation(
                    pProcessTokenHandle,
                    SecurityDescriptorApi.TOKEN_INFORMATION_CLASS.TokenPrivileges,
                    pPreviousTpStruct,
                    returnLength,
                    out IreturnLength);
                Logger.Log("Error at SecurityDescriptorApi.GetTokenInformation: " + Marshal.GetLastWin32Error(), Logger.SecurityDescriptorLogLevel);

                IntPtr pLuid = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(SecurityDescriptorApi.LwLUID)));
                SecurityDescriptorApi.LookupPrivilegeValueW("", sPrivilizeValue, out pLuid);

                uint privilige = SecurityDescriptorApi.SE_PRIVILEGE_ENABLED; //| SecurityDescriptorApi.SE_SECURITY_NAME;
                pPreviousTpStruct.Attributes     = (int)privilige;
                pPreviousTpStruct.PrivilegeCount = 1;
                pPreviousTpStruct.Luid           = pLuid;

                bIsSuccess = SecurityDescriptorApi.AdjustTokenPrivileges(
                    pProcessTokenHandle,
                    false,
                    pPreviousTpStruct,
                    0,
                    IntPtr.Zero,
                    0);
                Logger.Log("Error at SecurityDescriptorApi.AdjustTokenPrivileges: " + Marshal.GetLastWin32Error(), Logger.SecurityDescriptorLogLevel);
                if (!bIsSuccess)
                {
                    Logger.Log(string.Format("SecurityDescriptorWrapper.ApiAdjustTokenPrivileges:bIsSuccess()" + bIsSuccess), Logger.SecurityDescriptorLogLevel);
                    Logger.Log("Error code: " + Marshal.GetLastWin32Error());
                }
            }
            catch (Exception ex)
            {
                Logger.LogException(string.Format("SecurityDescriptorWrapper.ApiAdjustTokenPrivileges()"), ex);
            }
            finally
            {
                //if (pProcessTokenHandle != IntPtr.Zero)
                //    SecurityDescriptorApi.CloseHandle(pProcessTokenHandle);
            }

            return(bIsSuccess);
        }
コード例 #5
0
 public static extern WinError GetFileSecurity(
     [MarshalAs(UnmanagedType.LPWStr)] string lpFileName,
     SecurityDescriptorApi.SECURITY_INFORMATION RequestedInformation,
     ref IntPtr pSecurityDescriptor,
     uint nLength,
     out uint lpnLengthNeeded
 );