예제 #1
0
 internal static extern bool CreateAppContainerToken(
     SafeKernelObjectHandle TokenHandle,
     ref SECURITY_CAPABILITIES SecurityCapabilities,
     out SafeKernelObjectHandle AppContainerTokenHandle);
 static extern bool WTSQueryUserToken(int SessionId, out SafeKernelObjectHandle phToken);
예제 #3
0
 internal static extern NtStatus GetAppContainerRegistryLocation(
     KeyAccessRights desiredAccess,
     out SafeKernelObjectHandle phAppContainerKey
     );
 static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, SecurityLogonType dwLogonType,
     int dwLogonProvider, out SafeKernelObjectHandle phToken);
예제 #5
0
 internal NtMailslotFile(SafeKernelObjectHandle handle, IoStatus io_status)
     : base(handle, io_status)
 {
 }
 static extern bool CreateProcessAsUser(
   SafeKernelObjectHandle hToken,
   string lpApplicationName,
   string lpCommandLine,
   IntPtr lpProcessAttributes,
   IntPtr lpThreadAttributes,
   bool bInheritHandles,
   CreateProcessFlags dwCreationFlags,
   IntPtr lpEnvironment,
   string lpCurrentDirectory,
   ref STARTUPINFOEX lpStartupInfo,
   out PROCESS_INFORMATION lpProcessInformation);
예제 #7
0
        public static SafeKernelObjectHandle DuplicateToken(SafeKernelObjectHandle existing_token)
        {
            IntPtr new_token;

              using (ObjectAttributes obja = new ObjectAttributes(null))
              {
            StatusToNtException(NtDuplicateToken(existing_token.DangerousGetHandle(),
              GenericAccessRights.MaximumAllowed, obja, false, TokenType.Primary, out new_token));
            return new SafeKernelObjectHandle(new_token, true);
              }
        }
예제 #8
0
 public static extern NtStatus NtAlpcImpersonateClientContainerOfPort(
     [In] SafeKernelObjectHandle PortHandle,
     [In] AlpcPortMessage PortMessage,
     AlpcImpersonateClientContainerOfPortFlags Flags
     );
예제 #9
0
 public static extern NtStatus NtAlpcCreateSecurityContext(
     SafeKernelObjectHandle PortHandle,
     AlpcCreateSecurityContextFlags Flags,
     ref AlpcSecurityAttr SecurityAttribute);
예제 #10
0
 public static extern NtStatus NtAlpcDisconnectPort(
     [In] SafeKernelObjectHandle PortHandle,
     AlpcDisconnectPortFlags Flags
     );
예제 #11
0
 public static extern NtStatus NtAlpcSetInformation(
     [In] SafeKernelObjectHandle PortHandle,
     AlpcPortInformationClass PortInformationClass,
     SafeBuffer PortInformation,
     int Length);
예제 #12
0
 public static extern NtStatus NtAlpcCreatePort(
     out SafeKernelObjectHandle PortHandle,
     [In] ObjectAttributes ObjectAttributes,
     [In] AlpcPortAttributes PortAttributes
     );
예제 #13
0
 public static void SetTokenSessionId(SafeKernelObjectHandle token, int session_id)
 {
     byte[] buffer = BitConverter.GetBytes(session_id);
     NtSetInformationToken(token, TokenInformationClass.TokenSessionId,
                           buffer, buffer.Length);
 }
예제 #14
0
 public static extern int NtSetInformationToken(
     SafeKernelObjectHandle TokenHandle,
     TokenInformationClass TokenInformationClass,
     byte[] TokenInformation,
     int TokenInformationLength);
예제 #15
0
 internal static extern bool GetModuleInformation(
     SafeKernelObjectHandle hProcess,
     IntPtr hModule,
     out MODULEINFO lpmodinfo,
     int cb
     );
예제 #16
0
 public static extern NtStatus NtAlpcRevokeSecurityContext(
     SafeKernelObjectHandle PortHandle,
     AlpcRevokeSecurityContextFlags Flags,
     AlpcHandle ContextHandle
     );
예제 #17
0
 internal static extern bool GetClipboardAccessToken(out SafeKernelObjectHandle handle, TokenAccessRights desired_access);
예제 #18
0
 public static extern NtStatus NtAlpcDeletePortSection(
     SafeKernelObjectHandle PortHandle,
     AlpcDeletePortSectionFlags Flags,
     AlpcHandle SectionHandle
     );
        /// <summary>
        /// Constructor
        /// </summary>
        /// <param name="object_name">The object name, can be null.</param>
        /// <param name="attributes">The object attribute flags.</param>
        /// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param>
        /// <param name="sqos">An optional security quality of service.</param>
        /// <param name="security_descriptor">An optional security descriptor.</param>
        public ObjectAttributes(string object_name, AttributeFlags attributes, SafeKernelObjectHandle root, 
            SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
        {
            Length = Marshal.SizeOf(this);
            if (object_name != null)
            {
                ObjectName = new UnicodeString(object_name).ToBuffer();
            }
            else
            {
                ObjectName = SafeHGlobalBuffer.Null;
            }

            Attributes = attributes;
            if (sqos != null)
            {
                SecurityQualityOfService = sqos.ToBuffer();
            }
            else
            {
                SecurityQualityOfService = SafeHGlobalBuffer.Null; 
            }

            RootDirectory = !root.IsInvalid ? NtObject.DuplicateHandle(root) : SafeKernelObjectHandle.Null;
            if (security_descriptor != null)
            {
                SecurityDescriptor = security_descriptor.ToSafeBuffer();
            }
            else
            {
                SecurityDescriptor = SafeHGlobalBuffer.Null;
            }
        }
예제 #20
0
 public static extern NtStatus NtAlpcCreateResourceReserve(
     SafeKernelObjectHandle PortHandle,
     AlpcCreateResourceReserveFlags Flags,
     IntPtr MessageSize,
     out AlpcHandle ResourceId
     );
예제 #21
0
 public static SafeKernelObjectHandle OpenProcessToken()
 {
     IntPtr new_token;
       StatusToNtException(NtOpenProcessTokenEx(new IntPtr(-1),
     GenericAccessRights.MaximumAllowed, AttributeFlags.None, out new_token));
       using (SafeKernelObjectHandle ret = new SafeKernelObjectHandle(new_token, true))
       {
     return DuplicateToken(ret);
       }
 }
예제 #22
0
 public static extern NtStatus NtAlpcDeleteResourceReserve(
     SafeKernelObjectHandle PortHandle,
     AlpcDeleteResourceReserveFlags Flags,
     AlpcHandle ResourceId
     );
 internal static extern SecStatusCode ImportSecurityContext(
     string pszPackage,
     SecBuffer pPackedContext,
     SafeKernelObjectHandle Token,
     [Out] SecHandle phContext
     );
예제 #24
0
 public static extern NtStatus NtAlpcCreateSectionView(
     SafeKernelObjectHandle PortHandle,
     AlpcCreateSectionViewFlags Flags,
     ref AlpcDataViewAttr ViewAttributes
     );
 static extern bool SaferComputeTokenFromLevel(IntPtr LevelHandle, SafeHandle InAccessToken, 
     out SafeKernelObjectHandle OutAccessToken, SaferFlags dwFlags, IntPtr lpReserved);
예제 #26
0
 public static extern NtStatus NtAlpcDeleteSectionView(
     SafeKernelObjectHandle PortHandle,
     AlpcDeleteSectionViewFlags Flags,
     IntPtr ViewBase
     );
 private static extern bool GetClipboardAccessToken(out SafeKernelObjectHandle handle, TokenAccessRights desired_access);
예제 #28
0
 public static extern NtStatus NtAlpcCancelMessage(
     SafeKernelObjectHandle PortHandle,
     AlpcCancelMessageFlags Flags,
     ref AlpcContextAttr MessageContext
     );
예제 #29
0
 internal static extern Win32Error GetPackageFullNameFromToken(
     SafeKernelObjectHandle token,
     ref int packageFullNameLength,
     StringBuilder packageFullName
     );
 internal NtGeneric(SafeKernelObjectHandle handle) : base(handle)
 {
 }
예제 #31
0
 internal static extern int GetModuleFileNameEx(
     SafeKernelObjectHandle hProcess,
     IntPtr hModule,
     StringBuilder lpFilename,
     int nSize
     );
 internal static extern bool SaferComputeTokenFromLevel(IntPtr LevelHandle, SafeHandle InAccessToken,
                                                        out SafeKernelObjectHandle OutAccessToken, SaferFlags dwFlags, IntPtr lpReserved);
예제 #33
0
 internal static extern bool ImageGetCertificateData(
     SafeKernelObjectHandle FileHandle,
     int CertificateIndex,
     SafeBuffer Certificate,
     ref int RequiredLength
     );
 internal static extern bool WTSQueryUserToken(int SessionId, out SafeKernelObjectHandle phToken);
 public static extern NtStatus NtWaitForSingleObject(
   SafeKernelObjectHandle Handle,
   bool Alertable,
   LargeInteger Timeout
 );
 internal static extern int GetFinalPathNameByHandle(SafeKernelObjectHandle hFile, StringBuilder lpszFilePath,
                                                     int cchFilePath, Win32PathNameFlags dwFlags);
 static extern bool CreateProcessWithTokenW(
   SafeKernelObjectHandle hToken,
   int dwLogonFlags,
   string lpApplicationName,
   string lpCommandLine,
   CreateProcessFlags dwCreationFlags,
   IntPtr lpEnvironment,
   string lpCurrentDirectory,
   ref STARTUPINFOEX lpStartupInfo,
   out PROCESS_INFORMATION lpProcessInformation);
 internal static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, SecurityLogonType dwLogonType,
                                       int dwLogonProvider, out SafeKernelObjectHandle phToken);
 internal CreateUserProcessResult(SafeKernelObjectHandle process_handle, SafeKernelObjectHandle thread_handle,
   ProcessCreateInfoData create_info,
   SectionImageInformation image_info, ClientId client_id)
 {
     Process = new NtProcess(process_handle);
     Thread = new NtThread(thread_handle);
     ImageFile = new NtFile(new SafeKernelObjectHandle(create_info.Success.FileHandle, true));
     SectionHandle = new NtSection(new SafeKernelObjectHandle(create_info.Success.SectionHandle, true));
     ImageInfo = image_info;
     ClientId = client_id;
     CreateInfo = create_info;
     CreateState = ProcessCreateState.Success;
 }
 internal static extern SecStatusCode QuerySecurityContextToken(SecHandle phContext, out SafeKernelObjectHandle Token);
예제 #41
0
 public static extern int NtSetInformationToken(
     SafeKernelObjectHandle TokenHandle,
     TokenInformationClass TokenInformationClass,
     byte[] TokenInformation,
     int TokenInformationLength);
 internal static extern SecStatusCode ExportSecurityContext(
     SecHandle phContext,
     SecPkgContextExportFlags fFlags,
     [In, Out] SecBuffer pPackedContext,
     out SafeKernelObjectHandle pToken
     );
예제 #43
0
 public static void SetTokenSessionId(SafeKernelObjectHandle token, int session_id)
 {
     byte[] buffer = BitConverter.GetBytes(session_id);
       NtSetInformationToken(token, TokenInformationClass.TokenSessionId,
     buffer, buffer.Length);
 }
 static extern NtStatus LsaLogonUser(SafeLsaHandle LsaHandle, LsaString OriginName, SecurityLogonType LogonType, uint AuthenticationPackage,
     SafeBuffer AuthenticationInformation,
     int AuthenticationInformationLength,
     IntPtr LocalGroups,
     TOKEN_SOURCE SourceContext,
     out IntPtr ProfileBuffer,
     out int ProfileBufferLength,
     out Luid LogonId,
     out SafeKernelObjectHandle Token,
     out QUOTA_LIMITS Quotas,
     out NtStatus SubStatus
 );