public MainForm() { InitializeComponent(); listViewProcesses.ListViewItemSorter = new ListItemComparer(0); listViewThreads.ListViewItemSorter = new ListItemComparer(0); listViewSessions.ListViewItemSorter = new ListItemComparer(0); listViewHandles.ListViewItemSorter = new ListItemComparer(0); RefreshProcessList(null, false); using (NtToken token = NtProcess.Current.OpenToken()) { if (token.SetPrivilege(TokenPrivilegeValue.SeTcbPrivilege, PrivilegeAttributes.Enabled)) { RefreshSessionList(); } else { tabControlTests.TabPages.Remove(tabPageSessions); groupBoxServiceAccounts.Visible = false; } } comboBoxS4ULogonType.Items.Add(SecurityLogonType.Batch); comboBoxS4ULogonType.Items.Add(SecurityLogonType.Interactive); comboBoxS4ULogonType.Items.Add(SecurityLogonType.Network); comboBoxS4ULogonType.Items.Add(SecurityLogonType.NetworkCleartext); comboBoxS4ULogonType.Items.Add(SecurityLogonType.NewCredentials); comboBoxS4ULogonType.Items.Add(SecurityLogonType.Service); comboBoxS4ULogonType.SelectedItem = SecurityLogonType.Network; TokenForm.RegisterMainForm(this); }
public MainForm() { InitializeComponent(); listViewProcesses.ListViewItemSorter = new ListItemComparer(0); listViewThreads.ListViewItemSorter = new ListItemComparer(0); listViewSessions.ListViewItemSorter = new ListItemComparer(0); listViewHandles.ListViewItemSorter = new ListItemComparer(0); listViewServices.ListViewItemSorter = new ListItemComparer(0); AddGrouping("Name", p => p.Name); AddGrouping("Session ID", p => $"Session {p.SessionId}"); AddGrouping("Sandbox", p => GetSandboxName(p.ProcessToken)); AddGrouping("Integrity Level", p => p.ProcessToken.IntegrityLevel.ToString()); AddGrouping("User", p => p.ProcessToken.User.Name); AddGrouping("Elevation Type", p => GetElevationTypeName(p.ProcessToken)); AddGrouping("Authentication ID", p => p.ProcessToken.AuthenticationId.ToString()); AddGrouping("Origin ID", p => p.ProcessToken.Origin.ToString()); AddGrouping("Flags", p => p.ProcessToken.Flags.ToString()); AddGrouping("Package Name", p => { if (!p.ProcessToken.AppContainer) { return("None"); } if (!string.IsNullOrWhiteSpace(p.ProcessToken.PackageFullName)) { return(p.ProcessToken.PackageFullName); } return(p.ProcessToken.AppContainerSid.Name); }); AddGrouping("Security Descriptor", p => GetSecurityDescriptor(p.ProcessToken)); AddGrouping("Process Security Descriptor", p => GetSecurityDescriptor(p.ProcessSecurity)); AddGrouping("Trust Level", p => p.ProcessToken.TrustLevel?.Name ?? "Untrusted"); AddGrouping("No Child Process", p => p.ProcessToken.NoChildProcess ? "No Child Process" : "Unrestricted"); AddGrouping("Chrome Sandbox Type", p => GetChromeSandboxType(p)); RefreshProcessList(null, false, false); using (NtToken token = NtProcess.Current.OpenToken()) { if (token.SetPrivilege(TokenPrivilegeValue.SeTcbPrivilege, PrivilegeAttributes.Enabled)) { RefreshSessionList(); } else { tabControlTests.TabPages.Remove(tabPageSessions); groupBoxServiceAccounts.Visible = false; } } RefreshServiceList(); comboBoxS4ULogonType.Items.Add(SecurityLogonType.Batch); comboBoxS4ULogonType.Items.Add(SecurityLogonType.Interactive); comboBoxS4ULogonType.Items.Add(SecurityLogonType.Network); comboBoxS4ULogonType.Items.Add(SecurityLogonType.NetworkCleartext); comboBoxS4ULogonType.Items.Add(SecurityLogonType.NewCredentials); comboBoxS4ULogonType.Items.Add(SecurityLogonType.Service); comboBoxS4ULogonType.SelectedItem = SecurityLogonType.Network; TokenForm.RegisterMainForm(this); }
public MainForm() { InitializeComponent(); RefreshProcessList(null, false); RefreshSessionList(); comboBoxS4ULogonType.Items.Add(LogonType.Batch); comboBoxS4ULogonType.Items.Add(LogonType.Interactive); comboBoxS4ULogonType.Items.Add(LogonType.Network); comboBoxS4ULogonType.Items.Add(LogonType.NetworkCleartext); comboBoxS4ULogonType.Items.Add(LogonType.NewCredentials); comboBoxS4ULogonType.Items.Add(LogonType.Service); comboBoxS4ULogonType.SelectedItem = LogonType.Network; TokenForm.RegisterMainForm(this); }