public MainForm()
{
InitializeComponent();
listViewProcesses.ListViewItemSorter = new ListItemComparer(0);
listViewThreads.ListViewItemSorter = new ListItemComparer(0);
listViewSessions.ListViewItemSorter = new ListItemComparer(0);
listViewHandles.ListViewItemSorter = new ListItemComparer(0);
RefreshProcessList(null, false);
using (NtToken token = NtProcess.Current.OpenToken())
{
if (token.SetPrivilege(TokenPrivilegeValue.SeTcbPrivilege, PrivilegeAttributes.Enabled))
{
RefreshSessionList();
}
else
{
tabControlTests.TabPages.Remove(tabPageSessions);
groupBoxServiceAccounts.Visible = false;
}
}
comboBoxS4ULogonType.Items.Add(SecurityLogonType.Batch);
comboBoxS4ULogonType.Items.Add(SecurityLogonType.Interactive);
comboBoxS4ULogonType.Items.Add(SecurityLogonType.Network);
comboBoxS4ULogonType.Items.Add(SecurityLogonType.NetworkCleartext);
comboBoxS4ULogonType.Items.Add(SecurityLogonType.NewCredentials);
comboBoxS4ULogonType.Items.Add(SecurityLogonType.Service);
comboBoxS4ULogonType.SelectedItem = SecurityLogonType.Network;
TokenForm.RegisterMainForm(this);
}
public MainForm()
{
InitializeComponent();
listViewProcesses.ListViewItemSorter = new ListItemComparer(0);
listViewThreads.ListViewItemSorter = new ListItemComparer(0);
listViewSessions.ListViewItemSorter = new ListItemComparer(0);
listViewHandles.ListViewItemSorter = new ListItemComparer(0);
listViewServices.ListViewItemSorter = new ListItemComparer(0);
AddGrouping("Name", p => p.Name);
AddGrouping("Session ID", p => $"Session {p.SessionId}");
AddGrouping("Sandbox", p => GetSandboxName(p.ProcessToken));
AddGrouping("Integrity Level", p => p.ProcessToken.IntegrityLevel.ToString());
AddGrouping("User", p => p.ProcessToken.User.Name);
AddGrouping("Elevation Type", p => GetElevationTypeName(p.ProcessToken));
AddGrouping("Authentication ID", p => p.ProcessToken.AuthenticationId.ToString());
AddGrouping("Origin ID", p => p.ProcessToken.Origin.ToString());
AddGrouping("Flags", p => p.ProcessToken.Flags.ToString());
AddGrouping("Package Name", p =>
{
if (!p.ProcessToken.AppContainer)
{
return("None");
}
if (!string.IsNullOrWhiteSpace(p.ProcessToken.PackageFullName))
{
return(p.ProcessToken.PackageFullName);
}
return(p.ProcessToken.AppContainerSid.Name);
});
AddGrouping("Security Descriptor", p => GetSecurityDescriptor(p.ProcessToken));
AddGrouping("Process Security Descriptor", p => GetSecurityDescriptor(p.ProcessSecurity));
AddGrouping("Trust Level", p => p.ProcessToken.TrustLevel?.Name ?? "Untrusted");
AddGrouping("No Child Process", p => p.ProcessToken.NoChildProcess ? "No Child Process" : "Unrestricted");
AddGrouping("Chrome Sandbox Type", p => GetChromeSandboxType(p));
RefreshProcessList(null, false, false);
using (NtToken token = NtProcess.Current.OpenToken())
{
if (token.SetPrivilege(TokenPrivilegeValue.SeTcbPrivilege, PrivilegeAttributes.Enabled))
{
RefreshSessionList();
}
else
{
tabControlTests.TabPages.Remove(tabPageSessions);
groupBoxServiceAccounts.Visible = false;
}
}
RefreshServiceList();
comboBoxS4ULogonType.Items.Add(SecurityLogonType.Batch);
comboBoxS4ULogonType.Items.Add(SecurityLogonType.Interactive);
comboBoxS4ULogonType.Items.Add(SecurityLogonType.Network);
comboBoxS4ULogonType.Items.Add(SecurityLogonType.NetworkCleartext);
comboBoxS4ULogonType.Items.Add(SecurityLogonType.NewCredentials);
comboBoxS4ULogonType.Items.Add(SecurityLogonType.Service);
comboBoxS4ULogonType.SelectedItem = SecurityLogonType.Network;
TokenForm.RegisterMainForm(this);
}
public MainForm()
{
InitializeComponent();
RefreshProcessList(null, false);
RefreshSessionList();
comboBoxS4ULogonType.Items.Add(LogonType.Batch);
comboBoxS4ULogonType.Items.Add(LogonType.Interactive);
comboBoxS4ULogonType.Items.Add(LogonType.Network);
comboBoxS4ULogonType.Items.Add(LogonType.NetworkCleartext);
comboBoxS4ULogonType.Items.Add(LogonType.NewCredentials);
comboBoxS4ULogonType.Items.Add(LogonType.Service);
comboBoxS4ULogonType.SelectedItem = LogonType.Network;
TokenForm.RegisterMainForm(this);
}