static CheckResult CheckDevice(string name, bool writable, EaBuffer ea_buffer) { CheckResult result = new CheckResult(name, NtStatus.STATUS_INVALID_PARAMETER, FileDeviceType.UNKNOWN); try { using (var imp = NtToken.Impersonate(_pid, _identify_only ? SecurityImpersonationLevel.Identification : SecurityImpersonationLevel.Impersonation)) { FileAccessRights access_mask = FileAccessRights.GenericRead; if (writable) { access_mask |= FileAccessRights.GenericWrite; } FileOpenOptions opts = _open_as_dir ? FileOpenOptions.DirectoryFile : FileOpenOptions.NonDirectoryFile; using (NtFile file = NtFile.Create(name, null, access_mask, NtApiDotNet.FileAttributes.Normal, FileShareMode.All, opts, FileDisposition.Open, ea_buffer)) { result = new CheckResult(name, NtStatus.STATUS_SUCCESS, file.DeviceType); } } } catch (NtException ex) { result = new CheckResult(name, ex.Status, FileDeviceType.UNKNOWN); } return(result); }
public static extern int NtOpenFile( out IntPtr FileHandle, FileAccessRights DesiredAccess, ObjectAttributes ObjAttr, [In][Out] IoStatus IoStatusBlock, ShareMode ShareAccess, FileOpenOptions OpenOptions);
static bool CheckDevice(string name, bool writable) { bool success = false; try { using (var imp = NtToken.Impersonate(_pid, _identify_only ? SecurityImpersonationLevel.Identification : SecurityImpersonationLevel.Impersonation)) { FileAccessRights access_mask = FileAccessRights.GenericRead; if (writable) { access_mask |= FileAccessRights.GenericWrite; } FileOpenOptions opts = _open_as_dir ? FileOpenOptions.DirectoryFile : FileOpenOptions.NonDirectoryFile; using (NtFile file = NtFile.Open(name, null, access_mask, FileShareMode.All, opts)) { success = true; } } } catch (Win32Exception ex) { // Ignore access denied and invalid function (indicates there's no IRP_MJ_CREATE handler) PrintError(name, ex); } catch (NtException ex) { PrintError(name, ex.AsWin32Exception()); } return(success); }
public static extern NtStatus NtOpenFile( out SafeKernelObjectHandle FileHandle, FileAccessRights DesiredAccess, ObjectAttributes ObjAttr, [Out] IoStatus IoStatusBlock, FileShareMode ShareAccess, FileOpenOptions OpenOptions);
/// <summary> /// Open a file with the Win32 CreateFile API. /// </summary> /// <param name="filename">The filename to open.</param> /// <param name="desired_access">The desired access.</param> /// <param name="share_mode">The share mode.</param> /// <param name="security_descriptor">Optional security descriptor.</param> /// <param name="inherit_handle">True to set the handle as inheritable.</param> /// <param name="creation_disposition">Creation disposition.</param> /// <param name="flags_and_attributes">Flags and attributes.</param> /// <param name="template_file">Optional template file.</param> /// <param name="throw_on_error">True to throw on error.</param> /// <returns>The opened file handle.</returns> public static NtResult <NtFile> CreateFile(string filename, FileAccessRights desired_access, FileShareMode share_mode, SecurityDescriptor security_descriptor, bool inherit_handle, CreateFileDisposition creation_disposition, CreateFileFlagsAndAttributes flags_and_attributes, NtFile template_file, bool throw_on_error) { using (var resources = new DisposableList()) { SECURITY_ATTRIBUTES sec_attr = null; if (security_descriptor != null || inherit_handle) { sec_attr = new SECURITY_ATTRIBUTES(); sec_attr.bInheritHandle = inherit_handle; sec_attr.lpSecurityDescriptor = security_descriptor == null ? SafeHGlobalBuffer.Null : resources.AddResource(security_descriptor.ToSafeBuffer()); } var handle = Win32NativeMethods.CreateFile(filename, desired_access, share_mode, sec_attr, creation_disposition, flags_and_attributes, template_file.GetHandle()); if (handle.IsInvalid) { return(GetLastWin32Error().CreateResultFromDosError <NtFile>(throw_on_error)); } return(new NtFile(handle).CreateResult()); } }
public static extern SafeFileHandle CreateFile( [MarshalAs(UnmanagedType.LPTStr)] string filename, [MarshalAs(UnmanagedType.U4)] FileAccessRights access, [MarshalAs(UnmanagedType.U4)] FileShare share, IntPtr securityAttributes, // optional SECURITY_ATTRIBUTES struct or IntPtr.Zero [MarshalAs(UnmanagedType.U4)] FileMode creationDisposition, [MarshalAs(UnmanagedType.U4)] CreateFileOptions flagsAndAttributes, IntPtr templateFile);
/// <summary> /// Open a file with the Win32 CreateFile API. /// </summary> /// <param name="filename">The filename to open.</param> /// <param name="desired_access">The desired access.</param> /// <param name="share_mode">The share mode.</param> /// <param name="creation_disposition">Creation disposition.</param> /// <param name="flags_and_attributes">Flags and attributes.</param> /// <returns>The opened file handle.</returns> public static NtFile CreateFile(string filename, FileAccessRights desired_access, FileShareMode share_mode, CreateFileDisposition creation_disposition, CreateFileFlagsAndAttributes flags_and_attributes) { return(CreateFile(filename, desired_access, share_mode, creation_disposition, flags_and_attributes, true).Result); }
public static SafeFileHandle DuplicateHandle(this SafeFileHandle sourceHandle, ProcessHandle sourceAndTargetProcess, FileAccessRights desiredAccess, bool inheritHandle, DuplicateHandleOptions options) { SafeFileHandle targetHandle; if (!NativeMethods.DuplicateHandle(sourceAndTargetProcess, sourceHandle, sourceAndTargetProcess, out targetHandle, desiredAccess, inheritHandle, options)) { ErrorHelper.ThrowCustomWin32Exception(); } return targetHandle; }
internal static extern SafeKernelObjectHandle CreateFile( string lpFileName, FileAccessRights dwDesiredAccess, FileShareMode dwShareMode, SECURITY_ATTRIBUTES lpSecurityAttributes, CreateFileDisposition dwCreationDisposition, CreateFileFlagsAndAttributes dwFlagsAndAttributes, SafeKernelObjectHandle hTemplateFile );
public static extern NtStatus NtCreateMailslotFile( out SafeKernelObjectHandle FileHandle, FileAccessRights DesiredAccess, [In] ObjectAttributes ObjectAttributes, [Out] IoStatus IoStatusBlock, FileOpenOptions CreateOptions, int MailslotQuota, int MaximumMessageSize, LargeInteger ReadTimeout );
/// <summary> /// Open a file with the Win32 CreateFile API. /// </summary> /// <param name="filename">The filename to open.</param> /// <param name="desired_access">The desired access.</param> /// <param name="share_mode">The share mode.</param> /// <param name="creation_disposition">Creation disposition.</param> /// <param name="flags_and_attributes">Flags and attributes.</param> /// <param name="throw_on_error">True to throw on error.</param> /// <returns>The opened file handle.</returns> public static NtResult <NtFile> CreateFile(string filename, FileAccessRights desired_access, FileShareMode share_mode, CreateFileDisposition creation_disposition, CreateFileFlagsAndAttributes flags_and_attributes, bool throw_on_error) { return(CreateFile(filename, desired_access, share_mode, null, false, creation_disposition, flags_and_attributes, null, throw_on_error)); }
public static extern NtStatus NtCreateFile( out SafeKernelObjectHandle FileHandle, FileAccessRights DesiredAccess, ObjectAttributes ObjAttr, [Out] IoStatus IoStatusBlock, LargeInteger AllocationSize, FileAttributes FileAttributes, FileShareMode ShareAccess, FileDisposition CreateDisposition, FileOpenOptions CreateOptions, byte[] EaBuffer, int EaLength);
/// <summary> /// Open a file with the Win32 CreateFile API. /// </summary> /// <param name="filename">The filename to open.</param> /// <param name="desired_access">The desired access.</param> /// <param name="share_mode">The share mode.</param> /// <param name="security_descriptor">Optional security descriptor.</param> /// <param name="inherit_handle">True to set the handle as inheritable.</param> /// <param name="creation_disposition">Creation disposition.</param> /// <param name="flags_and_attributes">Flags and attributes.</param> /// <param name="template_file">Optional template file.</param> /// <returns>The opened file handle.</returns> public static NtFile CreateFile(string filename, FileAccessRights desired_access, FileShareMode share_mode, SecurityDescriptor security_descriptor, bool inherit_handle, CreateFileDisposition creation_disposition, CreateFileFlagsAndAttributes flags_and_attributes, NtFile template_file) { return(CreateFile(filename, desired_access, share_mode, security_descriptor, inherit_handle, creation_disposition, flags_and_attributes, template_file, true).Result); }
/// <summary> /// Method to create an object from a set of object attributes. /// </summary> /// <param name="obj_attributes">The object attributes to create/open from.</param> protected override object CreateObject(ObjectAttributes obj_attributes) { FileAccessRights access = Access; if (Link) { if (access == FileAccessRights.None) { access = FileAccessRights.ReadAttributes; } } else { access |= FileAccessRights.Delete; } string target = ResolveNewName ? PSUtils.ResolveWin32Path(SessionState, NewName) : NewName; using (var file = NtFile.Open(obj_attributes, access, ShareMode, Options)) { if (RenameFlags != 0) { if (ReplaceIfExists) { RenameFlags |= FileRenameInformationExFlags.ReplaceIfExists; } if (Link) { file.CreateHardlinkEx(target, NewNameRoot, RenameFlags); } else { file.RenameEx(target, NewNameRoot, RenameFlags); } } else { if (Link) { file.CreateHardlink(target, NewNameRoot, ReplaceIfExists); } else { file.Rename(target, NewNameRoot, ReplaceIfExists); } } } return(null); }
public static SafeFileHandle OpenFile(string name, FileAccessRights DesiredAccess, ShareMode ShareAccess, FileOpenOptions OpenOptions, bool inherit) { AttributeFlags flags = AttributeFlags.CaseInsensitive; if (inherit) { flags |= AttributeFlags.Inherit; } using (ObjectAttributes obja = new ObjectAttributes(name, flags)) { IntPtr handle; IoStatusBlock iostatus = new IoStatusBlock(); StatusToNtException(NtOpenFile(out handle, DesiredAccess, obja, iostatus, ShareAccess, OpenOptions)); return(new SafeFileHandle(handle, true)); } }
public static extern NtStatus NtCreateNamedPipeFile( out SafeKernelObjectHandle FileHandle, FileAccessRights DesiredAccess, [In] ObjectAttributes ObjectAttributes, [Out] IoStatus IoStatusBlock, FileShareMode ShareAccess, FileDisposition CreateDisposition, FileOpenOptions CreateOptions, NamedPipeType NamedPipeType, NamedPipeReadMode ReadMode, NamedPipeCompletionMode CompletionMode, int MaximumInstances, int InboundQuota, int OutboundQuota, LargeInteger DefaultTimeout );
static string AccessMaskToString(uint granted_access, bool directory) { if (_type.HasFullPermission(granted_access)) { return("Full Permission"); } if (directory) { FileDirectoryAccessRights rights = (FileDirectoryAccessRights)granted_access; return(rights.ToString()); } else { FileAccessRights rights = (FileAccessRights)granted_access; return(rights.ToString()); } }
static string AccessMaskToString(uint granted_access, bool directory) { if (_type.HasFullPermission(granted_access)) { return("Full Permission"); } string file_rights; if (directory) { FileDirectoryAccessRights rights = (FileDirectoryAccessRights)(granted_access & 0x1FF); file_rights = rights.ToString(); } else { FileAccessRights rights = (FileAccessRights)(granted_access & 0x1FF); file_rights = rights.ToString(); } StandardAccessRights standard = (StandardAccessRights)(granted_access & 0x1F0000); return(String.Join(", ", new string[] { standard.ToString(), file_rights })); }
public void AddAuditRule(IdentityReference identityReference, FileAccessRights accessMask, AuditFlags flags) { AddAuditRule(new FileAuditRule(identityReference, accessMask, flags)); }
public static extern bool DuplicateHandle(ProcessHandle sourceProcessHandle, SafeHandle sourceHandle, ProcessHandle targetProcess, out SafeFileHandle targetHandle, FileAccessRights desiredAccess, bool inheritHandle, DuplicateHandleOptions options);
public void AddAccessRule(IdentityReference identityReference, FileAccessRights accessMask, AccessControlType type) { AddAccessRule(new FileAccessRule(identityReference, accessMask, type)); }
public void AddAccessRule(IdentityReference identityReference, FileAccessRights accessMask, AccessControlType type) { AddAccessRule(new FileAccessRule(identityReference, accessMask, type)); }
public static SafeFileHandle DuplicateHandle(this SafeFileHandle sourceHandle, ProcessHandle sourceAndTargetProcess, FileAccessRights desiredAccess, bool inheritHandle, DuplicateHandleOptions options) { SafeFileHandle targetHandle; if (!NativeMethods.DuplicateHandle(sourceAndTargetProcess, sourceHandle, sourceAndTargetProcess, out targetHandle, desiredAccess, inheritHandle, options)) { ErrorHelper.ThrowCustomWin32Exception(); } return(targetHandle); }
public FileAuditRule(IdentityReference identity, FileAccessRights accessRights, AuditFlags type) : base(identity, (int)accessRights, false, InheritanceFlags.None, PropagationFlags.None, type) { }
public void AddAuditRule(IdentityReference identityReference, FileAccessRights accessMask, AuditFlags flags) { AddAuditRule(new FileAuditRule(identityReference, accessMask, flags)); }
private static void AllowFileAccess(AppContainerProfile container, string folder, FileAccessRights accessRights) { var securityInfo = Win32Security.GetSecurityInfo( folder, SeObjectType.File, SecurityInformation.Dacl); var existingAce = securityInfo.Dacl.FirstOrDefault(d => d.Sid == container.Sid); if (existingAce is not null && existingAce.Type == AceType.Allowed && existingAce.Mask == accessRights && existingAce.Flags == (AceFlags.ContainerInherit | AceFlags.ObjectInherit)) { // Ace already exists. return; } var ace = new Ace( AceType.Allowed, AceFlags.ContainerInherit | AceFlags.ObjectInherit, accessRights, container.Sid); securityInfo.AddAce(ace); Win32Security.SetSecurityInfo( folder, SeObjectType.File, SecurityInformation.Dacl, securityInfo, true); }
/// <summary> /// Creates or opens a file or I/O device. The most commonly used I/O devices are as follows: file, file stream, directory, physical disk, volume, console buffer, tape drive, communications resource, mailslot, and pipe. /// The function returns a handle that can be used to access the file or device for various types of I/O depending on the file or device and the flags and attributes specified. /// </summary> /// <param name="path"> /// The name of the file or device to be created or opened. You may use either forward slashes (/) or backslashes (\) in this name. /// </param> /// <param name="access"> /// The requested access to the file or device, which can be summarized as read, write, both or neither. /// </param> /// <param name="share"> /// The requested sharing mode of the file or device, which can be read, write, both, delete, all of these, or none. /// Access requests to attributes or extended attributes are not affected by this flag. /// </param> /// <param name="mode"> /// An action to take on a file or device that exists or does not exist. /// For devices other than files, this parameter is usually set to FileMode.Open. /// </param> /// <param name="attributes"> /// The file or device attributes. /// </param> /// <param name="flags"> /// The file or device flags. /// </param> /// <returns>If the function succeeds, the return value is an open handle to the specified file, device, named pipe, or mail slot.</returns> public static SafeFileHandle CreateFile(string path, FileAccessRights access, FileShare share, FileMode mode, FileAttributes attributes, FileFlags flags) { return(CreateFileInternal(path, (uint)access, share, mode, (uint)attributes | (uint)flags)); }
private SafeFileHandle CreateConnection(string deviceId, FileAccessRights desiredAccess, uint shareMode, uint creationDisposition) { Logger?.Log($"Calling {nameof(APICalls.CreateFile)} for DeviceId: {deviceId}. Desired Access: {desiredAccess}. Share mode: {shareMode}. Creation Disposition: {creationDisposition}", nameof(ApiService), null, LogLevel.Information); return(APICalls.CreateFile(deviceId, desiredAccess, shareMode, IntPtr.Zero, creationDisposition, 0, IntPtr.Zero)); }
public SafeFileHandle CreateReadConnection(string deviceId, FileAccessRights desiredAccess) { return(CreateConnection(deviceId, desiredAccess, APICalls.FileShareRead | APICalls.FileShareWrite, APICalls.OpenExisting)); }
public FileAuditRule(IdentityReference identity, FileAccessRights accessRights, AuditFlags type) : base(identity, (int)accessRights, false, InheritanceFlags.None, PropagationFlags.None, type) { }
private protected BaseNtFilePropertyCmdlet(FileAccessRights desired_access, FileShareMode share_mode, FileOpenOptions options) { _desired_access = desired_access; _share_mode = share_mode; _options = options; }
public static extern bool DuplicateHandle(ProcessHandle sourceProcessHandle, SafeHandle sourceHandle, ProcessHandle targetProcess, out SafeFileHandle targetHandle, FileAccessRights desiredAccess, bool inheritHandle, DuplicateHandleOptions options);
/// <summary> /// Convert a file access rights mask to a directory file access mask. /// </summary> /// <param name="access">The access to convert.</param> /// <returns>The converted access rights.</returns> public static FileDirectoryAccessRights ToDirectoryAccessRights(this FileAccessRights access) { AccessMask mask = access; return(mask.ToSpecificAccess <FileDirectoryAccessRights>()); }
public static extern SafeFileHandle CreateFile(string lpFileName, FileAccessRights dwDesiredAccess, uint dwShareMode, IntPtr lpSecurityAttributes, uint dwCreationDisposition, uint dwFlagsAndAttributes, IntPtr hTemplateFile);