static void Main(string[] args)
{
bool show_help = false;
uint standard_filter = 0;
int pid = Process.GetCurrentProcess().Id;
try
{
OptionSet opts = new OptionSet()
{
{ "r", "Recursive tree directory listing",
v => _recursive = v != null },
{ "sddl", "Print full SDDL security descriptors", v => _print_sddl = v != null },
{ "p|pid=", "Specify a PID of a process to impersonate when checking", v => pid = int.Parse(v.Trim()) },
{ "w", "Show only write permissions granted", v => _show_write_only = v != null },
{ "f=", String.Format("Filter on a specific file right [{0}]",
String.Join(",", Enum.GetNames(typeof(FileAccessRights)))), v => _file_filter |= ParseRight(v, typeof(FileAccessRights)) },
{ "d=", String.Format("Filter on a specific directory right [{0}]",
String.Join(",", Enum.GetNames(typeof(FileDirectoryAccessRights)))), v => _dir_filter |= ParseRight(v, typeof(FileDirectoryAccessRights)) },
{ "s=", String.Format("Filter on a standard right [{0}]",
String.Join(",", Enum.GetNames(typeof(StandardAccessRights)))), v => standard_filter |= ParseRight(v, typeof(StandardAccessRights)) },
{ "x=", "Specify a base path to exclude from recursive search", v => _walked.Add(v.ToLower()) },
{ "q", "Don't print errors", v => _quiet = v != null },
{ "onlydirs", "Only check the permissions of directories", v => _only_dirs = v != null },
{ "h|help", "show this message and exit", v => show_help = v != null },
};
List <string> paths = opts.Parse(args);
if (show_help || (paths.Count == 0))
{
ShowHelp(opts);
}
else
{
_type = ObjectTypeInfo.GetTypeByName("file");
_token = NativeBridge.OpenProcessToken(pid);
_file_filter |= standard_filter;
_dir_filter |= standard_filter;
foreach (string path in paths)
{
if ((File.GetAttributes(path) & FileAttributes.Directory) == FileAttributes.Directory)
{
DumpDirectory(new DirectoryInfo(path));
}
else
{
DumpFile(new FileInfo(path));
}
}
}
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
}
static void Main(string[] args)
{
bool show_help = false;
int pid = Process.GetCurrentProcess().Id;
try
{
OptionSet opts = new OptionSet()
{
{ "r", "Recursive tree directory listing",
v => _recursive = v != null },
{ "sddl", "Print full SDDL security descriptors", v => _print_sddl = v != null },
{ "p|pid=", "Specify a PID of a process to impersonate when checking", v => pid = int.Parse(v.Trim()) },
{ "w", "Show only write permissions granted", v => _show_write_only = v != null },
{ "k=", String.Format("Filter on a specific key right [{0}]",
String.Join(",", Enum.GetNames(typeof(KeyAccessRights)))), v => _key_rights |= ParseRight(v, typeof(KeyAccessRights)) },
{ "s=", String.Format("Filter on a standard right [{0}]",
String.Join(",", Enum.GetNames(typeof(StandardAccessRights)))), v => _key_rights |= ParseRight(v, typeof(StandardAccessRights)) },
{ "x=", "Specify a base path to exclude from recursive search", v => _walked.Add(v.ToLower()) },
{ "h|help", "show this message and exit", v => show_help = v != null },
};
List <string> paths = opts.Parse(args);
if (show_help || (paths.Count == 0))
{
ShowHelp(opts);
}
else
{
_type = ObjectTypeInfo.GetTypeByName("key");
_token = NativeBridge.OpenProcessToken(pid);
foreach (string path in paths)
{
RegistryKey key = OpenKey(path);
if (key != null)
{
try
{
DumpKey(key);
}
finally
{
key.Close();
}
}
}
}
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
}
static void DumpDirectory(ObjectDirectory dir)
{
if (_walked.Contains(dir.FullPath.ToLower()))
{
return;
}
_walked.Add(dir.FullPath.ToLower());
try
{
CheckAccess(dir.FullPath, dir.SecurityDescriptor, ObjectTypeInfo.GetTypeByName("Directory"));
if (_recursive)
{
foreach (ObjectDirectoryEntry entry in dir.Entries)
{
try
{
if (entry.IsDirectory)
{
DumpDirectory(ObjectNamespace.OpenDirectory(entry.FullPath));
}
else
{
CheckAccess(entry.FullPath, entry.SecurityDescriptor, ObjectTypeInfo.GetTypeByName(entry.TypeName));
}
}
catch (Exception ex)
{
Console.Error.WriteLine("Error opening {0} {1}", entry.FullPath, ex.Message);
}
}
}
}
catch (Exception ex)
{
Console.Error.WriteLine("Error dumping directory {0} {1}", dir.FullPath, ex.Message);
}
}
