/// <summary>
        /// Overridden process record method.
        /// </summary>
        protected override void ProcessRecord()
        {
            using (NtToken token = GetToken())
            {
                NtType type = GetNtType();
                if (type == null)
                {
                    throw new ArgumentException("Must specify a type.");
                }
                var result = NtSecurity.AccessCheck(GetSecurityDescriptor(),
                                                    token, AccessMask, Principal, type.GenericMapping, ObjectType).ToSpecificAccess(type.AccessRightsType);
                if (PassResult)
                {
                    WriteObject(result);
                    return;
                }

                var mask = result.SpecificGrantedAccess;
                if (MapToGeneric)
                {
                    mask = result.SpecificGenericGrantedAccess;
                }

                if (ConvertToString)
                {
                    string access_string = NtObjectUtils.GrantedAccessAsString(mask, type.GenericMapping, type.AccessRightsType, false);
                    WriteObject(access_string);
                }
                else
                {
                    WriteObject(mask);
                }
            }
        }
        private bool CheckForAccess <T>(SecurityDescriptor sd, NtToken token, T desired_access, GenericMapping generic_mapping) where T : Enum
        {
            var result = NtSecurity.AccessCheck(sd, token,
                                                desired_access, null, generic_mapping, false);

            if (!result.IsSuccess || !result.Result.Status.IsSuccess())
            {
                return(false);
            }
            return(result.Result.GrantedAccess.HasAccess);
        }
        private IEnumerable <AccessCheckResult> RunCheck(NtToken token, NtType type, ObjectTypeEntry[] object_types)
        {
            var results = new List <AccessCheckResult>();

            if (ResultList)
            {
                results.AddRange(NtSecurity.AccessCheckWithResultList(GetSecurityDescriptor(),
                                                                      token, GetDesiredAccess(), Principal, type.GenericMapping, object_types));
            }
            else
            {
                results.Add(NtSecurity.AccessCheck(GetSecurityDescriptor(),
                                                   token, GetDesiredAccess(), Principal, type.GenericMapping, object_types));
            }
            return(results);
        }
        /// <summary>
        /// Overridden process record method.
        /// </summary>
        protected override void ProcessRecord()
        {
            using (NtToken token = GetToken())
            {
                NtType type = GetNtType();
                if (type == null)
                {
                    throw new ArgumentException("Must specify a type.");
                }

                var object_types = ObjectType?.ToArray();
                // If we have multiple object types and pass result is true then
                // we don't support any another output format.
                if (object_types?.Length > 1 && PassResult)
                {
                    var result_list = NtSecurity.AccessCheckWithResultList(GetSecurityDescriptor(),
                                                                           token, AccessMask, Principal, type.GenericMapping, object_types);
                    WriteObject(result_list.Select(r => r.ToSpecificAccess(type.AccessRightsType)), true);
                    return;
                }

                var result = NtSecurity.AccessCheck(GetSecurityDescriptor(),
                                                    token, AccessMask, Principal, type.GenericMapping, object_types)
                             .ToSpecificAccess(type.AccessRightsType);
                if (PassResult)
                {
                    WriteObject(result);
                    return;
                }

                var mask = result.SpecificGrantedAccess;
                if (MapToGeneric)
                {
                    mask = result.SpecificGenericGrantedAccess;
                }

                if (ConvertToString)
                {
                    string access_string = NtSecurity.AccessMaskToString(mask, type.AccessRightsType, type.GenericMapping, false);
                    WriteObject(access_string);
                }
                else
                {
                    WriteObject(mask);
                }
            }
        }
예제 #5
0
        /// <summary>
        /// Overridden process record method.
        /// </summary>
        protected override void ProcessRecord()
        {
            using (NtToken token = GetToken())
            {
                NtType type = GetNtType();
                if (type == null)
                {
                    throw new ArgumentException("Must specify a Type.");
                }
                var object_types = ObjectType?.ToArray();
                var results      = new List <AccessCheckResultGeneric>();
                if (ResultList)
                {
                    results.AddRange(NtSecurity.AccessCheckWithResultList(GetSecurityDescriptor(),
                                                                          token, GetDesiredAccess(), Principal, type.GenericMapping, object_types).Select(r => r.ToSpecificAccess(type.AccessRightsType)));
                }
                else
                {
                    results.Add(NtSecurity.AccessCheck(GetSecurityDescriptor(),
                                                       token, GetDesiredAccess(), Principal, type.GenericMapping, object_types).ToSpecificAccess(type.AccessRightsType));
                }

                if (PassResult)
                {
                    WriteObject(results, true);
                    return;
                }

                var masks = results.Select(r => MapToGeneric ? r.SpecificGenericGrantedAccess : r.SpecificGrantedAccess);
                if (ConvertToString)
                {
                    WriteObject(masks.Select(m => NtSecurity.AccessMaskToString(m, type.AccessRightsType, type.GenericMapping, false)), true);
                }
                else
                {
                    WriteObject(masks, true);
                }
            }
        }