Пример #1
0
        public void EnumerateAccountRights_NoRightsFails()
        {
            LsaHandle handle = AuthenticationMethods.LsaOpenLocalPolicy(PolicyAccessRights.POLICY_READ);
            SID       sid    = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinBuiltinAnyPackageSid);

            SecurityMethods.LsaEnumerateAccountRights(handle, ref sid).Should().BeEmpty();
        }
Пример #2
0
        public void EnumerateAccountRights_ReadRightsFails()
        {
            LsaHandle handle = AuthenticationMethods.LsaOpenLocalPolicy(PolicyAccessRights.POLICY_READ);
            SID       sid    = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinBuiltinUsersSid);
            Action    action = () => SecurityMethods.LsaEnumerateAccountRights(handle, ref sid);

            action.ShouldThrow <UnauthorizedAccessException>();
        }
Пример #3
0
        public void EnumerateAccountRights_UserGroup()
        {
            LsaHandle handle = AuthenticationMethods.LsaOpenLocalPolicy(PolicyAccessRights.POLICY_EXECUTE);
            SID       sid    = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinBuiltinUsersSid);
            var       rights = SecurityMethods.LsaEnumerateAccountRights(handle, ref sid);

            rights.Should().NotBeEmpty();
            rights.Should().Contain("SeChangeNotifyPrivilege");
        }
Пример #4
0
 // [Fact]
 private void DumpAllWellKnownSids()
 {
     foreach (WELL_KNOWN_SID_TYPE type in Enum.GetValues(typeof(WELL_KNOWN_SID_TYPE)))
     {
         Debug.WriteLine(@"/// <summary>");
         try
         {
             SID sid = AuthorizationMethods.CreateWellKnownSid(type);
             AccountSidInformation info = AuthorizationMethods.LookupAccountSidLocal(sid);
             Debug.WriteLine($"/// {info.Name} ({AuthorizationMethods.ConvertSidToString(ref sid)}) [{info.Usage}]");
         }
         catch
         {
             Debug.WriteLine($"/// Unable to retrieve");
         }
         Debug.WriteLine(@"/// </summary>");
         Debug.WriteLine($"{type} = {(int)type},");
         Debug.WriteLine("");
     }
 }
Пример #5
0
        public void CreateWellKnownSid_Everyone()
        {
            SID sid = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinWorldSid);

            AuthorizationMethods.IsValidSid(ref sid).Should().BeTrue();
            sid.Revision.Should().Be(1);
            sid.IdentifierAuthority.Should().Be(SID_IDENTIFIER_AUTHORITY.WORLD);

            AuthorizationMethods.GetSidSubAuthorityCount(ref sid).Should().Be(1);
            AuthorizationMethods.GetSidSubAuthority(ref sid, 0).Should().Be(0);

            AuthorizationMethods.IsWellKnownSid(ref sid, WELL_KNOWN_SID_TYPE.WinWorldSid).Should().BeTrue();
            AuthorizationMethods.ConvertSidToString(ref sid).Should().Be("S-1-1-0");

            AccountSidInformation info = AuthorizationMethods.LookupAccountSidLocal(sid);

            info.Name.Should().Be("Everyone");
            info.DomainName.Should().Be("");
            info.Usage.Should().Be(SidNameUse.WellKnownGroup);
        }
Пример #6
0
        public void IsValidSid_GoodSid()
        {
            SID sid = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinBuiltinIUsersSid);

            AuthorizationMethods.IsValidSid(ref sid).Should().BeTrue();
        }