示例#1
0
 public static extern bool AllocateAndInitializeSid(
     ref SidIdentifierAuthority pIdentifierAuthority,
     byte nSubAuthorityCount,
     int dwSubAuthority0, int dwSubAuthority1,
     int dwSubAuthority2, int dwSubAuthority3,
     int dwSubAuthority4, int dwSubAuthority5,
     int dwSubAuthority6, int dwSubAuthority7,
     out IntPtr pSid);
示例#2
0
 public static extern bool AllocateAndInitializeSid(
     ref SidIdentifierAuthority pIdentifierAuthority,
     byte nSubAuthorityCount,
     int dwSubAuthority0, int dwSubAuthority1,
     int dwSubAuthority2, int dwSubAuthority3,
     int dwSubAuthority4, int dwSubAuthority5,
     int dwSubAuthority6, int dwSubAuthority7,
     out IntPtr pSid);
示例#3
0
        internal static void ElevateSelf(bool processCreated)
        {
            try {
                var ntAuth = new SidIdentifierAuthority();
                ntAuth.Value = new byte[] { 0, 0, 0, 0, 0, 5 };

                var  psid = IntPtr.Zero;
                bool isAdmin;
                if (AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin)
                {
                    return; // yes, we're an elevated admin
                }
            } catch {
                // :) Seems that we need to elevate?
            }

            if (!processCreated)
            {
                // we're not an admin I guess.
                try {
                    var process = new Process {
                        StartInfo =
                        {
                            UseShellExecute         = true,
                            WorkingDirectory        = Environment.CurrentDirectory,
                            FileName                = Assembly.GetEntryAssembly().Location,
                            Verb                    = "runas",
                            Arguments               = Environment.GetCommandLineArgs().Skip(1).Aggregate(string.Empty, (current, each) => current + " \"" + each + "\"").Trim() + " __EPM1__",
                            ErrorDialog             = true,
                            ErrorDialogParentHandle = GetForegroundWindow(),
                            WindowStyle             = ProcessWindowStyle.Maximized,
                        }
                    };

                    if (!process.Start())
                    {
                        throw new Exception();
                    }

                    // since we want the parent process to be able to wait for this, we'll wait for the child process.
                    while (ParentIsRunning && !process.WaitForExit(100))
                    {
                        Thread.Sleep(100);
                    }
                } catch {
                    // nWindow.Fail(LocalizedMessage.IDS_REQUIRES_ADMIN_RIGHTS, "The installer requires administrator permissions.");
                }
            }

            // we should have elevated, or failed to. either way, GTFO.
            Environment.Exit(0);
        }
 public static extern bool AllocateAndInitializeSid(
     [System.Runtime.InteropServices.InAttribute()]
     ref SidIdentifierAuthority pIdentifierAuthority,
     byte nSubAuthorityCount,
     uint nSubAuthority0,
     uint nSubAuthority1,
     uint nSubAuthority2,
     uint nSubAuthority3,
     uint nSubAuthority4,
     uint nSubAuthority5,
     uint nSubAuthority6,
     uint nSubAuthority7,
     out System.IntPtr pSid);
示例#5
0
        public static void ElevateSelf(bool waitForParentAndChild = false, string replacementCmdLineArguments = null, bool rejoinConsole = false, string replacementExeName = null)
        {
            try {
                var ntAuth = new SidIdentifierAuthority {
                    Value = new byte[] {
                        0, 0, 0, 0, 0, 5
                    }
                };

                var  psid = IntPtr.Zero;
                bool isAdmin;
                if (Advapi32.AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && Advapi32.CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin)
                {
                    return; // yes, we're an elevated admin
                }
            } catch {
                // :) Seems that we need to elevate?
            }

            var process = new System.Diagnostics.Process {
                StartInfo =
                {
                    UseShellExecute         = true,
                    WorkingDirectory        = Environment.CurrentDirectory,
                    FileName                = replacementExeName ?? CorrectedExeName,
                    Verb                    = "runas",
                    Arguments               = replacementCmdLineArguments ?? EnvironmentUtility.CommandLineArguments,
                    ErrorDialog             = true,
                    ErrorDialogParentHandle = User32.GetForegroundWindow(),
                    // WindowStyle = ProcessWindowStyle.Maximized, // TODO: uh, what was this here for?
                }
            };

            if (!process.Start())
            {
                throw new ClrPlusException("Unable to start process for elevation.");
            }

            while ((waitForParentAndChild || rejoinConsole) && ParentIsRunning && !process.WaitForExit(50))
            {
            }

            // we should have elevated, or failed to. either way, we're done here..
            Environment.Exit(0);
        }
        public static void ElevateSelf(bool waitForParentAndChild = false, string replacementCmdLineArguments = null, bool rejoinConsole = false, string replacementExeName = null)
        {
            try {
                var ntAuth = new SidIdentifierAuthority {
                    Value = new byte[] {
                        0, 0, 0, 0, 0, 5
                    }
                };

                var psid = IntPtr.Zero;
                bool isAdmin;
                if (Advapi32.AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && Advapi32.CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin) {
                    return; // yes, we're an elevated admin
                }
            } catch {
                // :) Seems that we need to elevate?
            }

            var process = new System.Diagnostics.Process {
                StartInfo = {
                    UseShellExecute = true,
                    WorkingDirectory = Environment.CurrentDirectory,
                    FileName = replacementExeName ?? CorrectedExeName,
                    Verb = "runas",
                    Arguments = replacementCmdLineArguments ?? EnvironmentUtility.CommandLineArguments,
                    ErrorDialog = true,
                    ErrorDialogParentHandle = User32.GetForegroundWindow(),
                    // WindowStyle = ProcessWindowStyle.Maximized, // TODO: uh, what was this here for?
                }
            };

            if (!process.Start()) {
                throw new ClrPlusException("Unable to start process for elevation.");
            }

            while ((waitForParentAndChild || rejoinConsole) && ParentIsRunning && !process.WaitForExit(50)) {
            }

            // we should have elevated, or failed to. either way, we're done here..
            Environment.Exit(0);
        }
示例#7
0
        internal static void ElevateSelf(string args)
        {
            try {
                var ntAuth = new SidIdentifierAuthority();
                ntAuth.Value = new byte[] { 0, 0, 0, 0, 0, 5 };

                var  psid = IntPtr.Zero;
                bool isAdmin;
                if (AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin)
                {
                    return; // yes, we're an elevated admin
                }
            }
            catch {
                // :)
            }

            // we're not an admin I guess.
            try {
                new Process {
                    StartInfo =
                    {
                        UseShellExecute         = true,
                        WorkingDirectory        = Environment.CurrentDirectory,
                        FileName                = ExeName,
                        Verb                    = "runas",
                        Arguments               = args,
                        ErrorDialog             = true,
                        ErrorDialogParentHandle = GetForegroundWindow(),
                        WindowStyle             = ProcessWindowStyle.Maximized,
                    }
                }.Start();
                Environment.Exit(0); // since this didn't throw, we know the kids got off to school ok. :)
            }
            catch {
                Fail("This tool requires administrator permissions.");
                Environment.Exit(1);
            }
        }
        internal static void ElevateSelf(string args) {
            try {
                var ntAuth = new SidIdentifierAuthority();
                ntAuth.Value = new byte[] { 0, 0, 0, 0, 0, 5 };

                var psid = IntPtr.Zero;
                bool isAdmin;
                if (AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin) {
                    return; // yes, we're an elevated admin
                }
            } catch {
                // :)
            }

            // we're not an admin I guess.
            try {
                new Process {
                    StartInfo = {
                        UseShellExecute = true,
                        WorkingDirectory = Environment.CurrentDirectory,
                        FileName = ExeName,
                        Verb = "runas",
                        Arguments = args,
                        ErrorDialog = true,
                        ErrorDialogParentHandle = GetForegroundWindow(),
                        WindowStyle = ProcessWindowStyle.Maximized,
                    }
                }.Start();
                Environment.Exit(0); // since this didn't throw, we know the kids got off to school ok. :)
            } catch {
                MainWindow.Fail(LocalizedMessage.IDS_REQUIRES_ADMIN_RIGHTS, "The installer requires administrator permissions.");
            }
        }
示例#9
0
        public static bool SDHasAC(string sddl)
        {
            SidIdentifierAuthority authority = new SidIdentifierAuthority(SecurityAuthority.Package);

            return(SDHasAllowedAce(sddl, false, ace => ace.Sid.Authority.Equals(authority)));
        }
        public void _createSecuritydesc()
        {
            byte[] SECURITY_WORLD_SID_AUTHORITY = new byte[6] {
                0, 0, 0, 0, 0, 1
            };
            SidIdentifierAuthority NtAuthority = new SidIdentifierAuthority();

            NtAuthority.Value = SECURITY_WORLD_SID_AUTHORITY;

            IntPtr AuthenticatedUsersSid = IntPtr.Zero;
            //const int AuthenticatedUser = 11;
            const int SECURITY_WORLD_RID = 0;

            // Get the SID for the Authenticated Uses group
            if (!NativeMethods.AllocateAndInitializeSid(ref NtAuthority,
                                                        1,
                                                        SECURITY_WORLD_RID,
                                                        0, 0, 0, 0, 0, 0, 0,
                                                        out AuthenticatedUsersSid))
            {
                NativeMethods.FreeSid(AuthenticatedUsersSid);
                throw new Win32Exception("Failed to AllocateAndInitializeSid");
            }
            // Remember to free the SID when you are done
            //NativeMethods.FreeSid(AuthenticatedUsersSid);

            IntPtr          SPECIFIC_RIGHTS_ALL            = (IntPtr)0x0000FFFF;
            IntPtr          STANDARD_RIGHTS_ALL            = (IntPtr)0x001F0000;
            IntPtr          SPECIFIC_N_STANDARD_RIGHTS_ALL = (IntPtr)0x001FFFFF;
            uint            SET_ACCESS = 2;
            EXPLICIT_ACCESS ea         = new EXPLICIT_ACCESS();

            ea.grfAccessPermissions = (uint)RightFlags.SPECIFIC_N_STANDARD_RIGHTS_ALL;
            //(uint)SPECIFIC_N_STANDARD_RIGHTS_ALL;
            ea.grfAccessMode       = SET_ACCESS;
            ea.grfInheritance      = 0;                                        //NO_INHERITANCE
            ea.Trustee.TrusteeForm = TRUSTEE_FORM.TRUSTEE_IS_SID;              //TRUSTEE_IS_SID
            ea.Trustee.TrusteeType = TRUSTEE_TYPE.TRUSTEE_IS_WELL_KNOWN_GROUP; //TRUSTEE_IS_WELL_KNOWN_GROUP
            ea.Trustee.ptstrName   = AuthenticatedUsersSid;

            IntPtr NewAclPointer = IntPtr.Zero;
            _ACL   NewAcl        = new _ACL();
            // Marshal.StructureToPtr(NewAcl, NewAclPointer, true);
            int dwRes = NativeMethods.SetEntriesInAcl(1, ref ea, IntPtr.Zero, out NewAclPointer);

            if (dwRes != 0)
            {
                throw new Win32Exception("Failed to SetEntriesInAcl");
            }

            SECURITY_DESCRIPTOR sec = new SECURITY_DESCRIPTOR();

            Marshal.SizeOf(sec);
            IntPtr pSDlocalAlloc = NativeMethods.LocalAlloc((uint)LMEMFlags.LMEM_FIXED_N_ZEROINIT, (UIntPtr)Marshal.SizeOf(sec));

            //Marshal.PtrToStructure(pSDlocalAlloc, sec);
            if (pSDlocalAlloc == IntPtr.Zero || pSDlocalAlloc == null)
            {
                throw new Win32Exception("Failed to localAlloc");
            }
            if (!NativeMethods.InitializeSecurityDescriptor(out sec, 1))
            {
                throw new Win32Exception("Failed to InitializeSecurityDescriptor");
            }
            if (!NativeMethods.SetSecurityDescriptorDacl(ref sec, true, NewAclPointer, false))
            {
                throw new Win32Exception("Failed to SetSecurityDescriptorDacl");
            }



            //byte[] src = getBytes(sec);
            //IntPtr dest = Marshal.AllocHGlobal(src.Length);
            //Marshal.Copy(src, 0, dest, src.Length);
            //sa.bInheritHandle = 0;
            //sa.nLength = Marshal.SizeOf(sa);
            //sa.lpSecurityDescriptor = dest;
            //Marshal.FreeHGlobal(dest);
            //--------------------

            //byte[] src = getBytes(sec);
            //IntPtr dest = Marshal.AllocHGlobal(src.Length);
            //Marshal.Copy(src, 0, dest, src.Length);
            //gay1
            Marshal.StructureToPtr(sec, pSDlocalAlloc, true);
            sa.bInheritHandle       = 0;
            sa.nLength              = (uint)Marshal.SizeOf(sa); // its 24 or 816 (8x100 +8(int) +8(int))
            sa.lpSecurityDescriptor = pSDlocalAlloc;            // dest;//0x00000193dc8f7420
                                                                //gay1 end

            //Marshal.FreeHGlobal(dest);


            //sa.lpSecurityDescriptor = getBytes(sa);

            //Serialize();
            // Marshal.by(gay, SECURITY_ATTRIBUTES);

            NativeMethods.FreeSid(AuthenticatedUsersSid);
            NativeMethods.LocalFree(pSDlocalAlloc);
        }
示例#11
0
        internal static void ElevateSelf(bool processCreated)
        {
            try {
                var ntAuth = new SidIdentifierAuthority();
                ntAuth.Value = new byte[] {0, 0, 0, 0, 0, 5};

                var psid = IntPtr.Zero;
                bool isAdmin;
                if (AllocateAndInitializeSid(ref ntAuth, 2, 0x00000020, 0x00000220, 0, 0, 0, 0, 0, 0, out psid) && CheckTokenMembership(IntPtr.Zero, psid, out isAdmin) && isAdmin) {
                    return; // yes, we're an elevated admin
                }
            } catch {
                // :) Seems that we need to elevate?
            }

            if (!processCreated) {
            // we're not an admin I guess.
            try {
                var process = new Process {
                    StartInfo = {
                        UseShellExecute = true,
                        WorkingDirectory = Environment.CurrentDirectory,
                        FileName = Assembly.GetEntryAssembly().Location,
                        Verb = "runas",
                    Arguments = Environment.GetCommandLineArgs().Skip(1).Aggregate(string.Empty, (current, each) => current + " \"" + each + "\"").Trim() + " __EPM1__",
                        ErrorDialog = true,
                        ErrorDialogParentHandle = GetForegroundWindow(),
                        WindowStyle = ProcessWindowStyle.Maximized,
                    }
                };

                if (!process.Start()) {
                    throw new Exception();
                }

                // since we want the parent process to be able to wait for this, we'll wait for the child process.
                while( ParentIsRunning && !process.WaitForExit(100) ) {
                    Thread.Sleep(100);
                }
            } catch {
                // nWindow.Fail(LocalizedMessage.IDS_REQUIRES_ADMIN_RIGHTS, "The installer requires administrator permissions.");
            }
            }

            // we should have elevated, or failed to. either way, GTFO.
            Environment.Exit(0);
        }