internal CommonAccessCheckResult CreateResult(AccessMask granted_access, TokenInformation token_info)
{
if (Folder)
{
return(new CommonAccessCheckResult(Path, "Scheduled Task", granted_access, _file_type.GenericMapping,
SecurityDescriptor.Clone(), typeof(FileDirectoryAccessRights), true, token_info));
}
else
{
return(new ScheduledTaskAccessCheckResult(this, granted_access, SecurityDescriptor.Clone(),
_file_type.GenericMapping, token_info));
}
}
public void GetBackupSecurityPin()
{
using (MockContext context = MockContext.Start(this.GetType().FullName))
using (var testHelper = new TestHelper()
{
VaultName = SecurityPinTestVault, ResourceGroup = SecurityPinVaultRg
})
{
testHelper.Initialize(context);
TokenInformation tokenInformation = testHelper.GetBackupSecurityPin();
Assert.NotNull(tokenInformation);
Assert.NotEmpty(tokenInformation.SecurityPIN);
Assert.True(tokenInformation.ExpiryTimeInUtcTicks > 0);
}
}
private long getUserID(System.Security.Claims.ClaimsPrincipal User)
{
long userID = long.MinValue;
try
{
TokenInformation tokenInformation = tokenDecoderService.GetTokenInfo(User);
userID = tokenInformation.UserID;
}
catch
{
}
return(userID);
}
public TokenInformation GetToeknInformation(string token)
{
TokenInformation result = new TokenInformation();
try
{
var tokenHandler = new JwtSecurityTokenHandler();
var decodetoken = tokenHandler.ReadJwtToken(token).Payload.SerializeToJson();
result = JsonConvert.DeserializeObject <TokenInformation>(decodetoken);
}
catch (Exception ex)
{
}
return(result);
}
public async Task <HttpResponseMessage> Request(string url, TokenInformation info = null, HttpMethod method = null, HttpContent content = null)
{
method = method ?? HttpMethod.Post;
var request = new HttpRequestMessage(method, url)
{
Content = content
};
if (info != null)
{
request.Headers.Add("Authorization", $"Bearer {info.Token}");
}
return(await Client.SendAsync(request));
}
internal void InitializeABParser(ABParserConfiguration config)
{
// Set the tokens.
Tokens = config.Tokens;
// Then, initialize the base parser.
InitializeBaseParser(config);
BeforeTokenProcessedArgs = new BeforeTokenProcessedEventArgs(this);
OnTokenProcessedArgs = new OnTokenProcessedEventArgs(this);
OnEndArgs = new OnEndEventArgs();
OFUCPPos = 0;
OnTokenProcessedPreviousTokenInfo = new TokenInformation();
OnTokenProcessedTokenInfo = new TokenInformation();
CurrentEventTokenInfo = new TokenInformation();
}
private void MapData(TokenRequest dto, string token, out byte[] bytes,
out DistributedCacheEntryOptions options)
{
var clientKey = dto.Claims.GetValue(CSharpClaimsIdentity.ClientKeyClaimType);
var userId = dto.Claims.GetValue(CSharpClaimsIdentity.DefaultNameClaimType);
DateTime expirationDate = DateTime.UtcNow.Add(dto.TokenExpiration);
bytes = new TokenInformation(clientKey, userId, token, expirationDate).ToBytes();
options = new DistributedCacheEntryOptions
{
AbsoluteExpiration = expirationDate,
SlidingExpiration = dto.TokenExpiration
};
}
void Start()
{
playerTokensInformation = new Dictionary<string, TokenInformation>();
for (int i = 0; i < GameGlobal.playingGame.players.Count; i++)
{
Player player = GameGlobal.playingGame.players[i];
RectTransform token = Instantiate(tokenPrefab);
token.SetParent(mapPanelUpper);
token.localScale = Vector3.one;
token.localPosition = Vector3.zero;
var information = new TokenInformation()
{
tokenObject = token,
prograss = 0,
position = new Queue<int>()
};
information.position.Enqueue(player.token.position);
playerTokensInformation.Add(player.username, information);
}
}
private void DecodeToken(ClaimsPrincipal User)
{
try
{
_tokenInfo = new TokenInformation();
IEnumerable <Claim> claims = User.Claims;
_tokenInfo.UserID = Convert.ToInt64(extractFieldFromClaims(TokenFields.UserID, claims));
_tokenInfo.Username = extractFieldFromClaims(TokenFields.Username, claims);
_tokenInfo.Firstname = extractFieldFromClaims(TokenFields.Firstname, claims);
_tokenInfo.Lastname = extractFieldFromClaims(TokenFields.Lastname, claims);
_tokenInfo.DeviceID = Convert.ToInt32(extractFieldFromClaims(TokenFields.DeviceID, claims));
_tokenInfo.SessionID = Convert.ToInt32(extractFieldFromClaims(TokenFields.SessionID, claims));
}
catch (System.Exception ex)
{
throw new ArgumentNullException($"{MethodInfo.GetCurrentMethod().Name}-Fehler: Token konnte nicht gelesen werden. {ex.ToString()}");
}
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ActivatedSessionRequirement requirement)
{
long _sessionID = long.MinValue;
SessionItem _sessionItem = null;
bool _success = true;
TokenInformation token = _tokenDecoderService.GetTokenInfo(context.User);
if (tokenIsEmpty(token))
{
context.Fail();
return(Task.CompletedTask);
}
_sessionID = token.SessionID;
_sessionItem = _sessionDB.getSessionByInternalID(_sessionID);
if (_sessionItem == null)
{
context.Fail();
return(Task.CompletedTask);
}
_success &= _sessionItem != null;
_success &= (_sessionItem.ExpirationTime >= DateTime.Now && _sessionItem.StartTime <= DateTime.Now);
_success &= _sessionItem.isActivied;
// TODO krelou should we compare userIDs...?
// _success = _sessionItem.UserID == context.User.Claims.
if (_success)
{
context.Succeed(requirement);
}
else
{
context.Fail();
}
return(Task.CompletedTask);
}
private unsafe static void TokenInformationInvoke(
AccessToken token,
TokenInformation info,
Action <IntPtr> action)
{
BufferHelper.BufferInvoke <HeapBuffer>(buffer =>
{
while (!Imports.GetTokenInformation(
token,
info,
buffer.VoidPointer,
(uint)buffer.ByteCapacity,
out uint bytesNeeded))
{
Errors.ThrowIfLastErrorNot(WindowsError.ERROR_INSUFFICIENT_BUFFER);
buffer.EnsureByteCapacity(bytesNeeded);
}
action(buffer.DangerousGetHandle());
});
}
////////////////////////////////////////////////////////////////////////////////
// Impersonates a SYSTEM token or creates a new process with the cloned token
////////////////////////////////////////////////////////////////////////////////
private static void _GetSystem(CommandLineParsing cLP, IntPtr hToken)
{
bool exists, enabled;
TokenInformation.CheckTokenPrivilege(hToken, "SeDebugPrivilege", out exists, out enabled);
if (exists)
{
using (TokenManipulation t = new TokenManipulation(hToken))
{
t.SetWorkingTokenToSelf();
if (!enabled)
{
t.SetTokenPrivilege(Winnt.SE_DEBUG_NAME, Winnt.TokenPrivileges.SE_PRIVILEGE_ENABLED);
}
if (string.IsNullOrEmpty(cLP.Command))
{
t.GetSystem();
}
else
{
t.GetSystem(cLP.CommandAndArgs);
}
}
}
else
{
if (string.IsNullOrEmpty(cLP.Command))
{
NamedPipes.GetSystem();
}
else
{
NamedPipes.GetSystem(cLP.Command, cLP.Arguments);
}
}
}
private bool tokenIsEmpty(TokenInformation token)
{
return(token == new TokenInformation());
}
public static void Menu()
{
Console.ForegroundColor = ConsoleColor.DarkCyan;
Console.Clear();
Console.WriteLine("\n\n ██╗░░░██╗███╗░░██╗██╗██╗░░██╗ ░█████╗░░█████╗░██████╗░██╗███╗░░██╗░██████╗░");
Console.WriteLine(" ██║░░░██║████╗░██║██║╚██╗██╔╝ ██╔══██╗██╔══██╗██╔══██╗██║████╗░██║██╔════╝░");
Console.WriteLine(" ██║░░░██║██╔██╗██║██║░╚███╔╝░ ██║░░╚═╝██║░░██║██║░░██║██║██╔██╗██║██║░░██╗░");
Console.WriteLine(" ██║░░░██║██║╚████║██║░██╔██╗░ ██║░░██╗██║░░██║██║░░██║██║██║╚████║██║░░╚██╗");
Console.WriteLine(" ╚██████╔╝██║░╚███║██║██╔╝╚██╗ ╚█████╔╝╚█████╔╝██████╔╝██║██║░╚███║╚██████╔╝");
Console.WriteLine(" ░╚═════╝░╚═╝░░╚══╝╚═╝╚═╝░░╚═╝ ░╚════╝░░╚════╝░╚═════╝░╚═╝╚═╝░░╚══╝░╚═════╝░");
Console.WriteLine("\n ==============================================");
Console.WriteLine(" [1] Token Information [2] Message Spammer");
Console.WriteLine(" [3] Server Joiner [4] Server Leaver");
Console.WriteLine(" [5] Spam Joiner [6] Destroy Account");
Console.WriteLine(" [7] Settings [8] Token Checker");
Console.WriteLine(" [9] Generate Tokens [10] Webhook Spammer");
Console.WriteLine(" [11] Generate Nitro [12] Nitro Checker");
Console.WriteLine(" [13] Exit");
Console.WriteLine(" ==============================================\n");
Console.Write(">");
var input = Console.ReadLine();
switch (input)
{
case "1":
Console.Clear();
TokenInformation.GetInformation();
break;
case "2":
Console.Clear();
MessageSpammer.Spam();
break;
case "3":
Console.Clear();
ServerJoiner.Join();
break;
case "4":
Console.Clear();
ServerLeaver.Leave();
break;
case "5":
Console.Clear();
SpamJoiner.Join();
break;
case "6":
Console.Clear();
DestroyAccount.Start();
break;
case "7":
Settings.Menu();
break;
case "8":
TokenChecker.Check();
break;
case "9":
GenerateTokens.Generate();
break;
case "10":
WebhookSpammer.Spam();
break;
case "11":
GenerateNitro.Generate();
break;
case "12":
NitroChecker.Check();
break;
case "13":
Environment.Exit(0);
break;
case "69":
StatusChanger.ChangeStatus();
break;
}
}
public unsafe static extern BOOL GetTokenInformation(
AccessToken TokenHandle,
TokenInformation TokenInformationClass,
void *TokenInformation,
uint TokenInformationLength,
out uint ReturnLength);
public static void Main(string[] args)
{
// Define db connections
DBClient dbcli = new DBClient("facebook", "adam", "sutdigsevl");
IMongoCollection <object> coll = dbcli.ConnectToCollection("facebook", "posts_test2");
IMongoCollection <object> commentColl = dbcli.ConnectToCollection("facebook", "comments_test2");
IMongoCollection <object> feedColl = dbcli.ConnectToCollection("facebook", "feeds_test2");
// Retrieve Token
TokenInformation tokenmodule = new TokenInformation();
tokenmodule.SetValue();
var token = tokenmodule.GetOAuthToken;
// Retrieve Proxy Credentials
ProxyInformation proxymodule = new ProxyInformation();
proxymodule.SetValue();
var proxyCredentials = proxymodule.GetProxyCredentials;
// Setup API arguments
APIArgs _apiArgs = new APIArgs();
var defaultPost = _apiArgs.GetArgs("DefaultPost");
var defaultComment = _apiArgs.GetArgs("DefaultComment");
var defaultFeed = _apiArgs.GetArgs("DefaultFeed");
// Setup clients
var facebookClient = new FacebookClient(proxyCredentials);
var clientOperator = new ClientGetOperations(facebookClient);
var dbOperator = new ClientStoreOperations(dbcli);
// Run Retrieval of posts //
//string next = "";
//string arg = defaultPost;
//do
//{
// var getPostTask = clientOperator.GetPostsAsync(token, "youseedanmark", arg);
// Task.WaitAll(getPostTask);
// var posts = getPostTask.Result;
// next = clientOperator.GetNextPostId;
// arg = _apiArgs.AddNextKey("DefaultPost", next);
// var storeTask = dbOperator.WritePostsAsync(coll, posts);
// Task.WaitAll(storeTask);
// Console.WriteLine(next);
//} while (next != "");
// Run retrieval of feed //
//string next = "";
//string arg2 = defaultFeed;
//do
//{
// var getFeedTask = clientOperator.GetFeedAsync(token, "youseedanmark", arg2);
// Task.WaitAll(getFeedTask);
// var feed = getFeedTask.Result;
// next = clientOperator.GetNextFeedId;
// arg2 = _apiArgs.AddNextKey("DefaultFeed", next);
// var storeTask = dbOperator.WriteFeedAsync(feedColl, feed);
// Task.WaitAll(storeTask);
//} while (next != "");
// Run Retrieval of comments //
// Setup postids
var postIds = dbOperator.ReadDistinctAsync(coll, "post_id").Result;
var next = "";
foreach (var idd in postIds)
{
try
{
Console.WriteLine("primo");
var id = idd.ToString();
var getCommentTask = clientOperator.GetCommentsAsync(token, id, defaultComment);
Task.WaitAll(getCommentTask);
var comments = getCommentTask.Result;
next = clientOperator.GetNextCommentId;
var storeTask = dbOperator.WriteCommentsAsync(commentColl, comments);
Task.WaitAll(storeTask);
List <string> checklist = new List <string>();
while (next != "")
{
var subargs = _apiArgs.AddNextKey("DefaultComment", next);
var getSubCommentTask = clientOperator.GetCommentsAsync(token, id, subargs);
Task.WaitAll(getSubCommentTask);
next = clientOperator.GetNextCommentId;
checklist.Add(next);
if (checklist.Contains(next))
{
break;
}
else
{
var subcomments = getSubCommentTask.Result;
var storeSubTask = dbOperator.WriteCommentsAsync(commentColl, comments);
Task.WaitAll(storeSubTask);
}
}
}
catch (System.AggregateException)
{
Console.WriteLine("Bad response");
continue;
}
}
}
////////////////////////////////////////////////////////////////////////////////
// Find processes for a user via Tokens
////////////////////////////////////////////////////////////////////////////////
public static Dictionary <uint, string> EnumerateUserProcesses(bool findElevation, string targetAccount)
{
Dictionary <uint, string> users = new Dictionary <uint, string>();
Process[] pids = Process.GetProcesses();
Console.WriteLine("[*] Examining {0} processes", pids.Length);
foreach (Process p in pids)
{
IntPtr hProcess = kernel32.OpenProcess(ProcessThreadsApi.ProcessSecurityRights.PROCESS_QUERY_LIMITED_INFORMATION, true, (uint)p.Id);
if (IntPtr.Zero == hProcess)
{
continue;
}
IntPtr hToken;
if (!kernel32.OpenProcessToken(hProcess, (uint)Winnt.ACCESS_MASK.MAXIMUM_ALLOWED, out hToken))
{
continue;
}
kernel32.CloseHandle(hProcess);
if (findElevation && !TokenInformation.CheckElevation(hToken))
{
continue;
}
uint dwLength = 0;
Winnt._TOKEN_STATISTICS tokenStatistics = new Winnt._TOKEN_STATISTICS();
if (!advapi32.GetTokenInformation(hToken, Winnt._TOKEN_INFORMATION_CLASS.TokenStatistics, ref tokenStatistics, dwLength, out dwLength))
{
if (!advapi32.GetTokenInformation(hToken, Winnt._TOKEN_INFORMATION_CLASS.TokenStatistics, ref tokenStatistics, dwLength, out dwLength))
{
continue;
}
}
kernel32.CloseHandle(hToken);
if (Winnt._TOKEN_TYPE.TokenImpersonation == tokenStatistics.TokenType)
{
continue;
}
string userName = string.Empty;
if (!ConvertTokenStatisticsToUsername(tokenStatistics, ref userName))
{
continue;
}
if (userName.Contains(targetAccount, StringComparison.OrdinalIgnoreCase))
{
users.Add((uint)p.Id, p.ProcessName);
if (findElevation)
{
return(users);
}
}
}
Console.WriteLine("[*] Discovered {0} processes", users.Count);
Dictionary <uint, string> sorted = new Dictionary <uint, string>();
foreach (var user in users.OrderBy(u => u.Value))
{
sorted.Add(user.Key, user.Value);
}
return(sorted);
}
internal void UpdateSecurityDacl(IntPtr hToken)
{
TokenInformation tokenInformation = new TokenInformation(hToken);
tokenInformation.GetTokenUser();
#region Windows Station
IntPtr hWindowStation = user32.GetProcessWindowStation();
if (IntPtr.Zero == hWindowStation)
{
Misc.GetWin32Error("GetProcessWindowStation");
return;
}
Winnt.SECURITY_INFORMATION pSIRequested = Winnt.SECURITY_INFORMATION.DACL_SECURITY_INFORMATION;
//Winnt._SECURITY_DESCRIPTOR pSID = new Winnt._SECURITY_DESCRIPTOR();
uint nLength = 0;
user32.GetUserObjectSecurity(hWindowStation, ref pSIRequested, IntPtr.Zero, nLength, ref nLength);
IntPtr pSID = Marshal.AllocHGlobal((int)nLength);
if (!user32.GetUserObjectSecurity(hWindowStation, ref pSIRequested, pSID, nLength, ref nLength))
{
Misc.GetWin32Error("GetUserObjectSecurity");
return;
}
bool bDaclPresent = false;
Winnt._ACL oldACL = new Winnt._ACL();
bool bDaclDefaulted = false;
if (!advapi32.GetSecurityDescriptorDacl(pSID, ref bDaclPresent, ref oldACL, ref bDaclDefaulted))
{
Misc.GetWin32Error("GetSecurityDescriptorDacl");
return;
}
if (!bDaclPresent)
{
Console.WriteLine("[-] DACL not present, attempt a different method");
return;
}
Accctrl.TRUSTEE_W trustee = new Accctrl.TRUSTEE_W()
{
pMultipleTrustee = IntPtr.Zero,
MultipleTrusteeOperation = Accctrl.MULTIPLE_TRUSTEE_OPERATION.NO_MULTIPLE_TRUSTEE,
TrusteeForm = Accctrl.TRUSTEE_FORM.TRUSTEE_IS_SID,
TrusteeType = Accctrl.TRUSTEE_TYPE.TRUSTEE_IS_USER,
ptstrName = tokenInformation.tokenUser.User.Sid
};
Accctrl._EXPLICIT_ACCESS_W explicitAccess = new Accctrl._EXPLICIT_ACCESS_W()
{
grfAccessMode = Accctrl._ACCESS_MODE.SET_ACCESS,
grfAccessPermissions = Winuser.WindowStationSecurity.WINSTA_ALL_ACCESS | Winuser.WindowStationSecurity.READ_CONTROL,
grfInheritance = Accctrl.Inheritance.NO_INHERITANCE,
Trustee = trustee
};
Winnt._ACL newACL = new Winnt._ACL();
uint retVal = advapi32.SetEntriesInAclW(1, ref explicitAccess, oldACL, ref newACL);
if (0 != retVal)
{
Misc.GetWin32Error("SetEntriesInAclW");
return;
}
Winnt._SECURITY_DESCRIPTOR securityDescriptor = new Winnt._SECURITY_DESCRIPTOR();
if (!advapi32.InitializeSecurityDescriptor(securityDescriptor, 1))
{
Misc.GetWin32Error("InitializeSecurityDescriptor");
return;
}
if (!advapi32.SetSecurityDescriptorDacl(ref securityDescriptor, true, ref newACL, false))
{
Misc.GetWin32Error("SetSecurityDescriptorDacl");
return;
}
if (!user32.SetUserObjectSecurity(hWindowStation, pSIRequested, securityDescriptor))
{
Misc.GetWin32Error("SetUserObjectSecurity");
return;
}
#endregion
}
////////////////////////////////////////////////////////////////////////////////
// Displays various token information
////////////////////////////////////////////////////////////////////////////////
private static void _Info(CommandLineParsing cLP, IntPtr hToken)
{
using (TokenInformation t = new TokenInformation(hToken))
{
if (cLP.Remote)
{
if (!t.OpenProcessToken(cLP.ProcessID))
{
return;
}
t.SetWorkingTokenToRemote();
}
else
{
t.SetWorkingTokenToSelf();
}
hToken = t.GetWorkingToken();
Console.WriteLine("[*] Primary Token");
t.GetTokenUser();
Console.WriteLine();
Console.WriteLine("[*] Impersonation Tokens");
object obj;
bool all = cLP.GetData("all", out obj);
if (all)
{
t.ListThreads(cLP.ProcessID);
t.GetThreadUsers();
Console.WriteLine();
}
Console.WriteLine("[*] Primary Token Groups");
t.GetTokenGroups();
Console.WriteLine();
if (all)
{
t.GetTokenSource();
Console.WriteLine();
t.GetTokenPrivileges();
Console.WriteLine();
t.GetTokenOwner();
Console.WriteLine();
t.GetTokenPrimaryGroup();
Console.WriteLine();
t.GetTokenDefaultDacl();
Console.WriteLine();
Winnt._TOKEN_TYPE tokenType;
TokenInformation.GetElevationType(hToken, out tokenType);
TokenInformation.PrintElevation(hToken);
}
}
}
