예제 #1
0
        private ObjectAttributes(SafeBuffer object_name, AttributeFlags attributes, SafeKernelObjectHandle root,
                                 SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
        {
            try {
                if (root == null)
                {
                    throw new ArgumentNullException(nameof(root), "Use SafeKernelObjectHandle.Null for a null handle");
                }
                Length     = Marshal.SizeOf(this);
                ObjectName = object_name;
                Attributes = attributes;
                if (sqos != null)
                {
                    SecurityQualityOfService = sqos.ToBuffer();
                }
                else
                {
                    SecurityQualityOfService = SafeHGlobalBuffer.Null;
                }

                RootDirectory = !root.IsInvalid ? NtObject.DuplicateHandle(root) : SafeKernelObjectHandle.Null;
                if (security_descriptor != null)
                {
                    SecurityDescriptor = security_descriptor.ToSafeBuffer();
                }
                else
                {
                    SecurityDescriptor = SafeHGlobalBuffer.Null;
                }
            } catch {
                Dispose();
                throw;
            }
        }
        /// <summary>
        /// Constructor
        /// </summary>
        /// <param name="object_name">The object name, can be null.</param>
        /// <param name="attributes">The object attribute flags.</param>
        /// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param>
        /// <param name="sqos">An optional security quality of service.</param>
        /// <param name="security_descriptor">An optional security descriptor.</param>
        public ObjectAttributes(string object_name, AttributeFlags attributes, SafeKernelObjectHandle root,
                                SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
        {
            Length = Marshal.SizeOf(this);
            if (object_name != null)
            {
                ObjectName = new UnicodeString(object_name).ToBuffer();
            }
            else
            {
                ObjectName = SafeHGlobalBuffer.Null;
            }

            Attributes = attributes;
            if (sqos != null)
            {
                SecurityQualityOfService = sqos.ToBuffer();
            }
            else
            {
                SecurityQualityOfService = SafeHGlobalBuffer.Null;
            }

            RootDirectory = !root.IsInvalid ? NtObject.DuplicateHandle(root) : SafeKernelObjectHandle.Null;
            if (security_descriptor != null)
            {
                SecurityDescriptor = security_descriptor.ToSafeBuffer();
            }
            else
            {
                SecurityDescriptor = SafeHGlobalBuffer.Null;
            }
        }
예제 #3
0
 /// <summary>
 /// Create an attribute which with create a handle automatically.
 /// </summary>
 /// <param name="security_quality_of_service">The security quality of service.</param>
 /// <returns>The security message attribute.</returns>
 public static AlpcSecurityMessageAttribute CreateHandleAttribute(SecurityQualityOfService security_quality_of_service)
 {
     return(new AlpcSecurityMessageAttribute()
     {
         Flags = AlpcSecurityAttrFlags.CreateHandle,
         SecurityQoS = security_quality_of_service,
         ContextHandle = -2
     });
 }
예제 #4
0
 internal SafeAlpcSecurityContextHandle(AlpcHandle handle, bool owns_handle, NtAlpc port,
                                        AlpcSecurityAttrFlags flags, SecurityQualityOfService security_quality_of_service)
     : base(IntPtr.Zero, owns_handle)
 {
     SetHandle(new IntPtr(handle.Value));
     _port = port;
     Flags = flags;
     SecurityQualityOfService = security_quality_of_service;
 }
        /// <summary>
        /// Convert a DOS filename to an NT filename and get as an ObjectAttributes structure
        /// </summary>
        /// <param name="filename">The DOS filename.</param>
        /// <param name="attributes">The object attribute flags.</param>
        /// <param name="sqos">An optional security quality of service.</param>
        /// <param name="security_descriptor">An optional security descriptor.</param>
        /// <param name="throw_on_error">True to throw on error.</param>
        /// <returns>The object attributes</returns>
        public static NtResult <ObjectAttributes> DosFileNameToObjectAttributes(string filename, AttributeFlags attributes,
                                                                                SecurityQualityOfService sqos, SecurityDescriptor security_descriptor, bool throw_on_error)
        {
            if (filename == null)
            {
                throw new ArgumentNullException("filename");
            }

            UnicodeStringOut nt_name       = new UnicodeStringOut();
            RtlRelativeName  relative_name = new RtlRelativeName();

            try
            {
                NtStatus status = NtRtl.RtlDosPathNameToRelativeNtPathName_U_WithStatus(filename, out nt_name,
                                                                                        out IntPtr short_path, relative_name);
                if (!status.IsSuccess())
                {
                    return(status.CreateResultFromError <ObjectAttributes>(throw_on_error));
                }
                string final_name;
                SafeKernelObjectHandle root = SafeKernelObjectHandle.Null;

                if (relative_name.RelativeName.Buffer != IntPtr.Zero)
                {
                    final_name = relative_name.RelativeName.ToString();
                    root       = new SafeKernelObjectHandle(relative_name.ContainingDirectory, false);
                }
                else
                {
                    final_name = nt_name.ToString();
                }

                return(status.CreateResult(false, () =>
                                           new ObjectAttributes(final_name, attributes, root, sqos, security_descriptor)));
            }
            finally
            {
                if (nt_name.Buffer != IntPtr.Zero)
                {
                    NtRtl.RtlFreeUnicodeString(ref nt_name);
                }

                if (relative_name.RelativeName.Buffer != IntPtr.Zero)
                {
                    NtRtl.RtlReleaseRelativeName(relative_name);
                }
            }
        }
        /// <summary>
        /// Open an NT object with a specified type.
        /// </summary>
        /// <param name="typename">The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type.</param>
        /// <param name="path">The path to the object to open.</param>
        /// <param name="root">A root directory to open from.</param>
        /// <param name="access">Generic access rights to the object.</param>
        /// <param name="attributes">Attributes to open the object.</param>
        /// <param name="security_quality_of_service">Security quality of service.</param>
        /// <param name="throw_on_error">True to throw on error.</param>
        /// <returns>The opened object.</returns>
        /// <exception cref="NtException">Thrown if an error occurred opening the object.</exception>
        public static NtResult <NtObject> OpenWithType(string typename, string path, NtObject root,
                                                       AttributeFlags attributes, AccessMask access, SecurityQualityOfService security_quality_of_service, bool throw_on_error)
        {
            using (var obj_attr = new ObjectAttributes(path, attributes, root, security_quality_of_service, null))
            {
                if (typename == null)
                {
                    typename = NtDirectory.GetDirectoryEntryType(path, root);
                }

                // Brute force the open.
                if (typename == null)
                {
                    foreach (var nttype in NtType.GetTypes().Where(t => t.CanOpen))
                    {
                        var result = nttype.Open(obj_attr, access, false);
                        if (result.IsSuccess)
                        {
                            return(result);
                        }
                    }

                    return(NtStatus.STATUS_OBJECT_TYPE_MISMATCH.CreateResultFromError <NtObject>(true));
                }

                NtType type = NtType.GetTypeByName(typename, false);
                if (type != null && type.CanOpen)
                {
                    return(type.Open(obj_attr, access, throw_on_error));
                }
                else
                {
                    return(NtStatus.STATUS_OBJECT_TYPE_MISMATCH.CreateResultFromError <NtObject>(true));
                }
            }
        }
예제 #7
0
 public static extern NtStatus NtImpersonateThread(
     SafeKernelObjectHandle ThreadHandle,
     SafeKernelObjectHandle ThreadToImpersonate,
     SecurityQualityOfService SecurityQualityOfService);
예제 #8
0
 /// <summary>
 /// Constructor
 /// </summary>
 /// <param name="object_name">The object name, can be null.</param>
 /// <param name="attributes">The object attribute flags.</param>
 /// <param name="root">An optional root handle, Will duplicate the handle.</param>
 /// <param name="sqos">An optional security quality of service.</param>
 /// <param name="security_descriptor">An optional security descriptor.</param>
 public ObjectAttributes(string object_name, AttributeFlags attributes, NtObject root,
                         SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
     : this(object_name, attributes, root?.Handle ?? SafeKernelObjectHandle.Null, sqos, security_descriptor)
 {
 }
예제 #9
0
 /// <summary>
 /// Constructor
 /// </summary>
 /// <param name="object_name">The object name, can be null.</param>
 /// <param name="attributes">The object attribute flags.</param>
 /// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param>
 /// <param name="sqos">An optional security quality of service.</param>
 /// <param name="security_descriptor">An optional security descriptor.</param>
 public ObjectAttributes(string object_name, AttributeFlags attributes, SafeKernelObjectHandle root,
                         SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
     : this(object_name != null ? new UnicodeString(object_name).ToBuffer() : SafeHGlobalBuffer.Null,
            attributes, root, sqos, security_descriptor)
 {
 }
예제 #10
0
 private ObjectAttributes(byte[] object_name, AttributeFlags attributes, SafeKernelObjectHandle root,
                          SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
     : this(new UnicodeStringBytesSafeBuffer(object_name), attributes, root, sqos, security_descriptor)
 {
 }
예제 #11
0
 /// <summary>
 /// Convert a DOS filename to an NT filename and get as an ObjectAttributes structure
 /// </summary>
 /// <param name="filename">The DOS filename.</param>
 /// <param name="attributes">The object attribute flags.</param>
 /// <param name="sqos">An optional security quality of service.</param>
 /// <param name="security_descriptor">An optional security descriptor.</param>
 /// <returns>The object attributes</returns>
 public static ObjectAttributes DosFileNameToObjectAttributes(string filename, AttributeFlags attributes,
                                                              SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
 {
     return(DosFileNameToObjectAttributes(filename, attributes, sqos, security_descriptor, true).Result);
 }
 /// <summary>
 /// Constructor
 /// </summary>
 /// <param name="object_name">The object name, can be null.</param>
 /// <param name="attributes">The object attribute flags.</param>
 /// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param>
 /// <param name="sqos">An optional security quality of service.</param>
 /// <param name="security_descriptor">An optional security descriptor.</param>
 public ObjectAttributes(string object_name, AttributeFlags attributes, NtObject root, 
     SecurityQualityOfService sqos, SecurityDescriptor security_descriptor) 
     : this(object_name, attributes, root != null ? root.Handle : SafeKernelObjectHandle.Null, sqos, security_descriptor)
 {
 }
        /// <summary>
        /// Constructor
        /// </summary>
        /// <param name="object_name">The object name, can be null.</param>
        /// <param name="attributes">The object attribute flags.</param>
        /// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param>
        /// <param name="sqos">An optional security quality of service.</param>
        /// <param name="security_descriptor">An optional security descriptor.</param>
        public ObjectAttributes(string object_name, AttributeFlags attributes, SafeKernelObjectHandle root, 
            SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
        {
            Length = Marshal.SizeOf(this);
            if (object_name != null)
            {
                ObjectName = new UnicodeString(object_name).ToBuffer();
            }
            else
            {
                ObjectName = SafeHGlobalBuffer.Null;
            }

            Attributes = attributes;
            if (sqos != null)
            {
                SecurityQualityOfService = sqos.ToBuffer();
            }
            else
            {
                SecurityQualityOfService = SafeHGlobalBuffer.Null; 
            }

            RootDirectory = !root.IsInvalid ? NtObject.DuplicateHandle(root) : SafeKernelObjectHandle.Null;
            if (security_descriptor != null)
            {
                SecurityDescriptor = security_descriptor.ToSafeBuffer();
            }
            else
            {
                SecurityDescriptor = SafeHGlobalBuffer.Null;
            }
        }
예제 #14
0
 /// <summary>
 /// Create an Object Attributes structure with a raw name. Useful for Object ID handling.
 /// </summary>
 /// <param name="object_name">The name of the object in raw bytes.</param>
 /// <param name="attributes">The object attribute flags.</param>
 /// <param name="root">An optional root handle, Will duplicate the handle.</param>
 /// <param name="sqos">An optional security quality of service.</param>
 /// <param name="security_descriptor">An optional security descriptor.</param>
 /// <returns>The created object attributes.</returns>
 public static ObjectAttributes CreateWithRawName(byte[] object_name, AttributeFlags attributes, NtObject root,
                                                  SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
 {
     return(new ObjectAttributes(object_name, attributes, root.GetHandle(), sqos, security_descriptor));
 }
예제 #15
0
 /// <summary>
 /// Open an NT object with a specified type.
 /// </summary>
 /// <param name="typename">The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type.</param>
 /// <param name="path">The path to the object to open.</param>
 /// <param name="root">A root directory to open from.</param>
 /// <param name="access">Generic access rights to the object.</param>
 /// <param name="attributes">Attributes to open the object.</param>
 /// <param name="security_quality_of_service">Security quality of service.</param>
 /// <param name="throw_on_error">True to throw on error.</param>
 /// <returns>The opened object.</returns>
 /// <exception cref="NtException">Thrown if an error occurred opening the object.</exception>
 public static NtResult <NtObject> OpenWithType(string typename, string path, NtObject root,
                                                AttributeFlags attributes, AccessMask access, SecurityQualityOfService security_quality_of_service, bool throw_on_error)
 {
     using (var obj_attr = new ObjectAttributes(path, attributes, root, security_quality_of_service, null))
     {
         NtType type = NtType.GetTypeByName(typename ?? NtDirectory.GetDirectoryEntryType(path, root), false);
         return(OpenWithType(type, obj_attr, access, throw_on_error));
     }
 }
예제 #16
0
 /// <summary>
 /// Constructor
 /// </summary>
 /// <param name="object_id">An object ID.</param>
 /// <param name="attributes">The object attribute flags.</param>
 /// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param>
 /// <param name="sqos">An optional security quality of service.</param>
 /// <param name="security_descriptor">An optional security descriptor.</param>
 public ObjectAttributes(long object_id, AttributeFlags attributes, SafeKernelObjectHandle root,
                         SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
     : this(BitConverter.GetBytes(object_id),
            attributes, root, sqos, security_descriptor)
 {
 }
예제 #17
0
 /// <summary>
 /// Open an NT object with a specified type.
 /// </summary>
 /// <param name="typename">The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type.</param>
 /// <param name="path">The path to the object to open.</param>
 /// <param name="root">A root directory to open from.</param>
 /// <param name="access">Generic access rights to the object.</param>
 /// <param name="attributes">Attributes to open the object.</param>
 /// <param name="security_quality_of_service">Security quality of service.</param>
 /// <returns>The opened object.</returns>
 /// <exception cref="NtException">Thrown if an error occurred opening the object.</exception>
 public static NtObject OpenWithType(string typename, string path, NtObject root,
                                     AttributeFlags attributes, AccessMask access, SecurityQualityOfService security_quality_of_service)
 {
     return(OpenWithType(typename, path, root, attributes, access, security_quality_of_service, true).Result);
 }
 /// <summary>
 /// Impersonate another thread.
 /// </summary>
 /// <param name="thread">The thread to impersonate.</param>
 /// <param name="security_quality_of_service">The impersonation security quality of service.</param>
 /// <param name="throw_on_error">True to throw on error.</param>
 /// <returns>The imperonsation context. Dispose to revert to self.</returns>
 public NtResult <ThreadImpersonationContext> ImpersonateThread(NtThread thread,
                                                                SecurityQualityOfService security_quality_of_service, bool throw_on_error)
 {
     return(NtSystemCalls.NtImpersonateThread(Handle, thread.Handle, security_quality_of_service)
            .CreateResult(throw_on_error, () => new ThreadImpersonationContext(Duplicate())));
 }