private void DumpFile(IEnumerable <TokenEntry> tokens, AccessMask access_rights, AccessMask dir_access_rights, SecurityDescriptor parent_sd, NtFile file)
{
bool directory = IsDirectoryNoThrow(file);
if (CheckMode != FileCheckMode.All)
{
if ((CheckMode == FileCheckMode.FilesOnly && directory) ||
(CheckMode == FileCheckMode.DirectoriesOnly && !directory))
{
return;
}
}
AccessMask desired_access = directory ? dir_access_rights : access_rights;
var result = file.GetSecurityDescriptor(SecurityInformation.AllBasic, false);
if (result.IsSuccess)
{
foreach (var token in tokens)
{
CheckAccess(token, file, desired_access, result.Result, parent_sd);
}
}
else
{
// If we can't read security descriptor then try opening the key.
foreach (var token in tokens)
{
CheckAccessUnderImpersonation(token, desired_access, file);
}
}
}
private void DumpDirectory(IEnumerable <TokenEntry> tokens, AccessMask access_rights,
AccessMask dir_access_rights, NtFile file, FileOpenOptions options, int current_depth)
{
if (Stopping || current_depth <= 0)
{
return;
}
var parent_sd = file.GetSecurityDescriptor(SecurityInformation.AllBasic, false);
if (Recurse)
{
using (var result = file.ReOpen(FileAccessRights.Synchronize | FileAccessRights.ReadData | FileAccessRights.ReadAttributes,
FileShareMode.Read | FileShareMode.Delete, options | FileOpenOptions.DirectoryFile | FileOpenOptions.SynchronousIoNonAlert, false))
{
if (result.Status.IsSuccess())
{
foreach (var entry in result.Result.QueryDirectoryInfo())
{
if (CheckMode == FileCheckMode.DirectoriesOnly && !entry.IsDirectory)
{
continue;
}
NtFile base_file = result.Result;
string filename = entry.FileName;
if (filename.Contains(@"\"))
{
filename = base_file.FullPath + filename;
base_file = null;
}
using (var new_file = OpenFile(filename, base_file, options))
{
if (new_file.IsSuccess)
{
DumpFile(tokens, access_rights, dir_access_rights,
parent_sd.IsSuccess ? parent_sd.Result : null, new_file.Result);
if (IsDirectoryNoThrow(new_file.Result))
{
DumpDirectory(tokens, access_rights, dir_access_rights,
new_file.Result, options, current_depth - 1);
}
}
}
}
}
}
}
}
static void CheckAccess(string full_path, NtFile entry)
{
try
{
SecurityDescriptor sd = entry.GetSecurityDescriptor(SecurityInformation.AllBasic);
if (sd != null)
{
bool is_dir = entry.IsDirectory;
uint granted_access;
if (is_dir && _dir_filter != 0)
{
granted_access = NtSecurity.GetAllowedAccess(_token, _type, _dir_filter, sd.ToByteArray());
}
else if (!is_dir && _file_filter != 0)
{
granted_access = NtSecurity.GetAllowedAccess(_token, _type, _file_filter, sd.ToByteArray());
}
else
{
granted_access = NtSecurity.GetMaximumAccess(_token, _type, sd.ToByteArray());
}
if (granted_access != 0)
{
// Now reget maximum access rights
if (_dir_filter != 0 || _file_filter != 0)
{
granted_access = NtSecurity.GetMaximumAccess(_token, _type, sd.ToByteArray());
}
if (!_show_write_only || _type.HasWritePermission(granted_access))
{
Console.WriteLine("{0}{1} : {2:X08} {3}", full_path.TrimEnd('\\'),
is_dir ? "\\" : "", granted_access, AccessMaskToString(granted_access, is_dir));
if (_print_sddl)
{
Console.WriteLine("{0}", sd.ToSddl());
}
}
}
}
}
catch { }
}
private void CheckAccess(TokenEntry token, AccessMask access_rights, string path, NtFile file)
{
var sd = file.GetSecurityDescriptor(SecurityInformation.AllBasic, false);
if (!sd.IsSuccess)
{
return;
}
AccessMask granted_access = NtSecurity.GetMaximumAccess(sd.Result,
token.Token, _file_type.GenericMapping);
if (IsAccessGranted(granted_access, access_rights))
{
WriteAccessCheckResult(FormatPath(path, FormatWin32Path), "NamedPipe",
granted_access, _file_type.GenericMapping,
sd.Result, typeof(FileAccessRights), false, token.Information);
}
}
