public static extern bool LookupAccountSid( string lpSystemName, IntPtr Sid, StringBuilder lpName, ref uint cchName, StringBuilder ReferencedDomainName, ref uint cchReferencedDomainName, out Winnt._SID_NAME_USE peUse );
public static extern bool LookupAccountName( StringBuilder lpSystemName, StringBuilder lpAccountName, ref Ntifs._SID Sid, ref uint cbSid, StringBuilder ReferencedDomainName, ref uint cchReferencedDomainName, out Winnt._SID_NAME_USE peUse );
public static extern bool LookupAccountSid( String lpSystemName, IntPtr Sid, IntPtr lpName, ref UInt32 cchName, IntPtr ReferencedDomainName, ref UInt32 cchReferencedDomainName, out Winnt._SID_NAME_USE peUse );
//////////////////////////////////////////////////////////////////////////////// // Converts a SID Byte array to User Name //////////////////////////////////////////////////////////////////////////////// internal static bool ConvertSidToName(IntPtr sid, out string userName) { StringBuilder sbUserName = new StringBuilder(); string lpSystemName = string.Empty; StringBuilder lpName = new StringBuilder(); uint cchName = (uint)lpName.Capacity; StringBuilder lpReferencedDomainName = new StringBuilder(); uint cchReferencedDomainName = (uint)lpReferencedDomainName.Capacity; Winnt._SID_NAME_USE sidNameUse = new Winnt._SID_NAME_USE(); advapi32.LookupAccountSid(lpSystemName, sid, lpName, ref cchName, lpReferencedDomainName, ref cchReferencedDomainName, out sidNameUse); lpName.EnsureCapacity((int)cchName + 1); lpReferencedDomainName.EnsureCapacity((int)cchReferencedDomainName + 1); byte[] bsid = new byte[16]; Marshal.Copy(sid, bsid, 0, 16); bool retVal = advapi32.LookupAccountSid(lpSystemName, sid, lpName, ref cchName, lpReferencedDomainName, ref cchReferencedDomainName, out sidNameUse); if (!retVal && 0 == lpName.Length) { Misc.GetWin32Error("LookupAccountSid"); } if (lpReferencedDomainName.Length > 0) { sbUserName.Append(lpReferencedDomainName); } if (sbUserName.Length > 0) { sbUserName.Append(@"\"); } if (lpName.Length > 0) { sbUserName.Append(lpName); } userName = sbUserName.ToString(); if (string.IsNullOrEmpty(userName)) { return(false); } else { return(true); } }
//////////////////////////////////////////////////////////////////////////////// // SID Lookup Wrapper //////////////////////////////////////////////////////////////////////////////// private static bool _LookupSid(string logonDomain, string userName, ref IntPtr hSid) { StringBuilder lpSystemName = new StringBuilder(logonDomain); StringBuilder lpAccountName = new StringBuilder(userName); uint cbSid = 0; StringBuilder lpReferencedDomainName = new StringBuilder(); uint cchReferencedDomainName = 0; Winnt._SID_NAME_USE peUse = new Winnt._SID_NAME_USE(); //Console.WriteLine(" - LookupAccountName"); advapi32.LookupAccountName( lpSystemName, lpAccountName, hSid, ref cbSid, lpReferencedDomainName, ref cchReferencedDomainName, out peUse ); hSid = Marshal.AllocHGlobal((int)cbSid); lpReferencedDomainName.EnsureCapacity((int)cchReferencedDomainName); bool retVal = advapi32.LookupAccountName( lpSystemName, lpAccountName, hSid, ref cbSid, lpReferencedDomainName, ref cchReferencedDomainName, out peUse ); if (!retVal) { Misc.GetWin32Error("LookupAccountName"); return(false); } IntPtr hStringUserSid = IntPtr.Zero; advapi32.ConvertSidToStringSid(hSid, ref hStringUserSid); string sddl = Marshal.PtrToStringAuto(hStringUserSid); Console.WriteLine(" [+] {0} {1}", sddl, lpAccountName.ToString()); return(true); }
//////////////////////////////////////////////////////////////////////////////// // Converts a SID Byte array to User Name //////////////////////////////////////////////////////////////////////////////// public static Boolean ConvertSidToName(IntPtr sid, out String userName) { StringBuilder sbUserName = new StringBuilder(); StringBuilder lpName = new StringBuilder(); UInt32 cchName = (UInt32)lpName.Capacity; StringBuilder lpReferencedDomainName = new StringBuilder(); UInt32 cchReferencedDomainName = (UInt32)lpReferencedDomainName.Capacity; Winnt._SID_NAME_USE sidNameUse = new Winnt._SID_NAME_USE(); advapi32.LookupAccountSid(String.Empty, sid, lpName, ref cchName, lpReferencedDomainName, ref cchReferencedDomainName, out sidNameUse); lpName.EnsureCapacity((Int32)cchName + 1); lpReferencedDomainName.EnsureCapacity((Int32)cchReferencedDomainName + 1); advapi32.LookupAccountSid(String.Empty, sid, lpName, ref cchName, lpReferencedDomainName, ref cchReferencedDomainName, out sidNameUse); if (lpReferencedDomainName.Length > 0) { sbUserName.Append(lpReferencedDomainName); } if (sbUserName.Length > 0) { sbUserName.Append(@"\"); } if (lpName.Length > 0) { sbUserName.Append(lpName); } userName = sbUserName.ToString(); if (String.IsNullOrEmpty(userName)) { return(false); } else { return(true); } }