public void EnumerateAccountRights_NoRightsFails() { LsaHandle handle = AuthenticationMethods.LsaOpenLocalPolicy(PolicyAccessRights.POLICY_READ); SID sid = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinBuiltinAnyPackageSid); SecurityMethods.LsaEnumerateAccountRights(handle, ref sid).Should().BeEmpty(); }
public void ExpandEnvironmentVariablesForUser() { ShellMethods.ExpandEnvironmentVariablesForUser( AuthorizationMethods.OpenProcessToken(AccessTokenRights.Impersonate | AccessTokenRights.Query | AccessTokenRights.Duplicate), @"%USERNAME%"). Should().Be(Environment.GetEnvironmentVariable("USERNAME")); }
private static bool CanCreateSymbolicLinks() { // Assuming that the current thread can replicate rights from the process using (var processToken = AuthorizationMethods.OpenProcessToken(AccessTokenRights.Query | AccessTokenRights.Read)) { return(AuthorizationMethods.HasPrivilege(processToken, Privilege.CreateSymbolicLink)); } }
public void EnumerateAccountRights_ReadRightsFails() { LsaHandle handle = AuthenticationMethods.LsaOpenLocalPolicy(PolicyAccessRights.POLICY_READ); SID sid = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinBuiltinUsersSid); Action action = () => SecurityMethods.LsaEnumerateAccountRights(handle, ref sid); action.ShouldThrow <UnauthorizedAccessException>(); }
public void IsPrivilegeEnabled_ForCurrentProcess() { using (var token = AuthorizationMethods.OpenProcessToken(AccessTokenRights.Read)) { token.IsInvalid.Should().BeFalse(); AuthorizationMethods.IsPrivilegeEnabled(token, Privilege.ChangeNotify).Should().BeTrue(); AuthorizationMethods.IsPrivilegeEnabled(token, Privilege.Backup).Should().BeFalse(); } }
public void EnumerateAccountRights_UserGroup() { LsaHandle handle = AuthenticationMethods.LsaOpenLocalPolicy(PolicyAccessRights.POLICY_EXECUTE); SID sid = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinBuiltinUsersSid); var rights = SecurityMethods.LsaEnumerateAccountRights(handle, ref sid); rights.Should().NotBeEmpty(); rights.Should().Contain("SeChangeNotifyPrivilege"); }
public void IsElevated() { // NOTE: This check may not always be true. Haven't tried actually running this // while logged in as the actual Administrator account. (Also, would the Domain admin // make any difference?) The Authorization method we're calling here isn't // terribly well documented. bool runningAsAdmin = new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator); AuthorizationMethods.IsProcessElevated().Should().Be(runningAsAdmin); }
public void GetTokenGroupSids_ForCurrentProcess() { List <GroupSidInformation> groupSids; using (var token = AuthorizationMethods.OpenProcessToken(AccessTokenRights.Read)) { token.IsInvalid.Should().BeFalse(); groupSids = AuthorizationMethods.GetTokenGroupSids(token).ToList(); } groupSids.Should().NotBeEmpty(); groupSids.Should().Contain((sid) => AuthorizationMethods.LookupAccountSidLocal(sid.Sid).Name.Equals("Everyone")); }
public void GetTokenPrivileges_ForCurrentProcess() { using (var token = AuthorizationMethods.OpenProcessToken(AccessTokenRights.Read)) { token.IsInvalid.Should().BeFalse(); var privileges = AuthorizationMethods.GetTokenPrivileges(token); privileges.Should().NotBeEmpty(); // This Privilege should always exist privileges.Should().Contain(s => s.Privilege == Privilege.ChangeNotify); // Check the helper AuthorizationMethods.HasPrivilege(token, Privilege.ChangeNotify).Should().BeTrue(); } }
public void GetSidForCreatedFile() { using (var cleaner = new TestFileCleaner()) { using (var handle = FileMethods.CreateFile(cleaner.GetTestPath(), CreationDisposition.CreateNew)) { handle.IsInvalid.Should().BeFalse(); FileMethods.QueryOwner(handle, out SID sid); sid.IdentifierAuthority.Should().Be(SID_IDENTIFIER_AUTHORITY.NT); AccountSidInformation info = AuthorizationMethods.LookupAccountSidLocal(sid); info.Usage.Should().Be(SidNameUse.User); info.Name.Should().Be(SystemInformationMethods.GetUserName()); } } }
public void GetTokenPrimaryGroupSid_ForCurrentProcess() { SID sid; using (var token = AuthorizationMethods.OpenProcessToken(AccessTokenRights.Read)) { token.IsInvalid.Should().BeFalse(); sid = AuthorizationMethods.GetTokenPrimaryGroupSid(token); } AuthorizationMethods.IsValidSid(ref sid).Should().BeTrue(); AccountSidInformation info = AuthorizationMethods.LookupAccountSidLocal(sid); info.Name.Should().Be(SystemInformationMethods.GetUserName()); }
// [Fact] private void DumpAllWellKnownSids() { foreach (WELL_KNOWN_SID_TYPE type in Enum.GetValues(typeof(WELL_KNOWN_SID_TYPE))) { Debug.WriteLine(@"/// <summary>"); try { SID sid = AuthorizationMethods.CreateWellKnownSid(type); AccountSidInformation info = AuthorizationMethods.LookupAccountSidLocal(sid); Debug.WriteLine($"/// {info.Name} ({AuthorizationMethods.ConvertSidToString(ref sid)}) [{info.Usage}]"); } catch { Debug.WriteLine($"/// Unable to retrieve"); } Debug.WriteLine(@"/// </summary>"); Debug.WriteLine($"{type} = {(int)type},"); Debug.WriteLine(""); } }
public void CreateWellKnownSid_Everyone() { SID sid = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinWorldSid); AuthorizationMethods.IsValidSid(ref sid).Should().BeTrue(); sid.Revision.Should().Be(1); sid.IdentifierAuthority.Should().Be(SID_IDENTIFIER_AUTHORITY.WORLD); AuthorizationMethods.GetSidSubAuthorityCount(ref sid).Should().Be(1); AuthorizationMethods.GetSidSubAuthority(ref sid, 0).Should().Be(0); AuthorizationMethods.IsWellKnownSid(ref sid, WELL_KNOWN_SID_TYPE.WinWorldSid).Should().BeTrue(); AuthorizationMethods.ConvertSidToString(ref sid).Should().Be("S-1-1-0"); AccountSidInformation info = AuthorizationMethods.LookupAccountSidLocal(sid); info.Name.Should().Be("Everyone"); info.DomainName.Should().Be(""); info.Usage.Should().Be(SidNameUse.WellKnownGroup); }
protected override void OnCreate(Bundle savedInstanceState) { base.OnCreate(savedInstanceState); try { SetContentView(Resource.Layout.RegEmail); InputMethodManager imm = (InputMethodManager)GetSystemService(Context.InputMethodService); AuthorizationMethods authorizationMethods = new AuthorizationMethods(); headerTV = FindViewById <TextView>(Resource.Id.headerTV); infoTV = FindViewById <TextView>(Resource.Id.infoTV); mainImageIV = FindViewById <ImageView>(Resource.Id.mainImageIV); backRelativeLayout = FindViewById <RelativeLayout>(Resource.Id.backRelativeLayout); back_button = FindViewById <ImageButton>(Resource.Id.back_button); activityIndicator = FindViewById <ProgressBar>(Resource.Id.activityIndicator); activityIndicator.IndeterminateDrawable.SetColorFilter(Resources.GetColor(Resource.Color.buttonBackgroundColor), Android.Graphics.PorterDuff.Mode.Multiply); ISharedPreferences pref = Application.Context.GetSharedPreferences("auth_data", FileCreationMode.Private); ISharedPreferencesEditor edit = pref.Edit(); sendBn = FindViewById <Button>(Resource.Id.sendBn); emailET = FindViewById <EditText>(Resource.Id.emailET); mainImageIV.SetBackgroundResource(Resource.Drawable.mail_small2); infoTV.Text = GetString(Resource.String.link_for_enter); sendBn.Text = GetString(Resource.String.send_link); headerTV.Text = GetString(Resource.String.login); Typeface tf = Typeface.CreateFromAsset(Assets, "Roboto-Regular.ttf"); headerTV.SetTypeface(tf, TypefaceStyle.Bold); sendBn.SetTypeface(tf, TypefaceStyle.Normal); infoTV.SetTypeface(tf, TypefaceStyle.Normal); emailET.SetTypeface(tf, TypefaceStyle.Normal); Intent intent = new Intent(this, typeof(AuthAfterActivity)); intent.PutExtra("bottom_value", "profile"); backRelativeLayout.Click += (s, e) => { OnBackPressed(); }; back_button.Click += (s, e) => { OnBackPressed(); }; sendBn.Click += async(s, e) => { edit.PutString("email", emailET.Text); edit.Apply(); sendBn.Visibility = ViewStates.Gone; activityIndicator.Visibility = ViewStates.Visible; var auth_result = await authorizationMethods.Authorize(emailET.Text); if (auth_result.Contains("с таким email нет в нашей базе")) { infoTV.Text = GetString(Resource.String.email_not_exists); } else { StartActivity(intent); } sendBn.Visibility = ViewStates.Visible; activityIndicator.Visibility = ViewStates.Gone; }; emailET.EditorAction += (object sender, EditText.EditorActionEventArgs e) => { imm.HideSoftInputFromWindow(emailET.WindowToken, 0); }; } catch { StartActivity(typeof(MainActivity)); } }
protected override void OnCreate(Bundle savedInstanceState) { base.OnCreate(savedInstanceState); try { SetContentView(Resource.Layout.AuthAfter); AuthorizationMethods authorizationMethods = new AuthorizationMethods(); profileLL = FindViewById <LinearLayout>(Resource.Id.profileLL); dialogsLL = FindViewById <LinearLayout>(Resource.Id.dialogsLL); specialistsLL = FindViewById <LinearLayout>(Resource.Id.specialistsLL); dialogsLL.Click += (s, e) => { edit_dialog = dialog_data.Edit(); edit_dialog.PutString("come_from", "Came directly from bottom"); edit_dialog.Apply(); StartActivity(typeof(ChatListActivity)); }; specialistsLL.Click += (s, e) => { StartActivity(typeof(SpecialistsCategoryActivity)); }; Typeface tf = Typeface.CreateFromAsset(Assets, "Roboto-Regular.ttf"); emailTV = FindViewById <TextView>(Resource.Id.emailTV); emailTV.Text = pref.GetString("email", String.Empty); resendBn = FindViewById <Button>(Resource.Id.resendBn); completeLoginBn = FindViewById <Button>(Resource.Id.completeLoginBn); textviewwe = FindViewById <TextView>(Resource.Id.textviewwe); textView1 = FindViewById <TextView>(Resource.Id.textView1); activityIndicator = FindViewById <ProgressBar>(Resource.Id.activityIndicator); activityIndicator.IndeterminateDrawable.SetColorFilter(Resources.GetColor(Resource.Color.buttonBackgroundColor), Android.Graphics.PorterDuff.Mode.Multiply); resendBn.SetTypeface(tf, TypefaceStyle.Normal); completeLoginBn.SetTypeface(tf, TypefaceStyle.Normal); FindViewById <TextView>(Resource.Id.specialistsTV).SetTypeface(tf, TypefaceStyle.Normal); FindViewById <TextView>(Resource.Id.dialogsTV).SetTypeface(tf, TypefaceStyle.Normal); FindViewById <TextView>(Resource.Id.profileTV).SetTypeface(tf, TypefaceStyle.Normal); textviewwe.SetTypeface(tf, TypefaceStyle.Normal); textView1.SetTypeface(tf, TypefaceStyle.Normal); emailTV.SetTypeface(tf, TypefaceStyle.Normal); completeLoginBn.Click += async(s, e) => { completeLoginBn.Visibility = ViewStates.Gone; resendBn.Visibility = ViewStates.Gone; activityIndicator.Visibility = ViewStates.Visible; var activate = await authorizationMethods.AuthActivate(pref.GetString("email", String.Empty), true); completeLoginBn.Visibility = ViewStates.Visible; resendBn.Visibility = ViewStates.Visible; activityIndicator.Visibility = ViewStates.Gone; if (activate.Contains("authToken")) { if (activate != "null" && activate != null && activate != "false") { var deserialized_value = JsonConvert.DeserializeObject <RegAfter>(activate.ToString()); if (deserialized_value.confirmed != false) { userMethods.InsertUser(deserialized_value.authToken, pref.GetString("email", String.Empty)); StartActivity(typeof(UserProfileActivity)); } else { Toast.MakeText(this, GetString(Resource.String.no_confirmation_by_mail), ToastLength.Short).Show(); } } } }; resendBn.Click += async(s, e) => { resendBn.Visibility = ViewStates.Gone; completeLoginBn.Visibility = ViewStates.Gone; activityIndicator.Visibility = ViewStates.Visible; var reg_result = await authorizationMethods.Authorize(pref.GetString("email", String.Empty)); resendBn.Visibility = ViewStates.Visible; completeLoginBn.Visibility = ViewStates.Visible; activityIndicator.Visibility = ViewStates.Gone; StartActivity(typeof(AuthAfterActivity)); }; } catch { StartActivity(typeof(MainActivity)); } }
public void IsValidSid_BadSid() { SID sid = new SID(); AuthorizationMethods.IsValidSid(ref sid).Should().BeFalse(); }
public void IsValidSid_GoodSid() { SID sid = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinBuiltinIUsersSid); AuthorizationMethods.IsValidSid(ref sid).Should().BeTrue(); }