/// <summary> /// Resolve the binding string for this service from the the Endpoint Mapper. /// </summary> /// <param name="protocol_seq">The protocol sequence to lookup.</param> /// <param name="network_address">The network address to lookup the endpoint.</param> /// <param name="interface_id">Interface UUID to lookup.</param> /// <param name="interface_version">Interface version lookup.</param> /// <remarks>This only will return a valid value if the service is running and registered with the Endpoint Mapper. It can also hang.</remarks> /// <returns>The RPC binding string. Empty string if it doesn't exist or the lookup failed.</returns> public static string MapServerToBindingString(string protocol_seq, string network_address, Guid interface_id, Version interface_version) { using (var binding = SafeRpcBindingHandle.Create(null, protocol_seq, network_address, null, null, false)) { return(MapBindingToBindingString(binding, interface_id, interface_version)); } }
internal static extern int RpcMgmtEpEltInqNext( SafeRpcInquiryHandle InquiryContext, [Out] RPC_IF_ID IfId, out SafeRpcBindingHandle Binding, [Out] UUID ObjectUuid, out SafeRpcStringHandle Annotation );
/// <summary> /// Resolve the binding string for this service from the Endpoint Mapper. /// </summary> /// <param name="string_binding">The binding string to map.</param> /// <param name="interface_id">Interface UUID to lookup.</param> /// <param name="interface_version">Interface version lookup.</param> /// <remarks>This only will return a valid value if the service is running and registered with the Endpoint Mapper. It can also hang.</remarks> /// <returns>The RPC binding string. Empty string if it doesn't exist or the lookup failed.</returns> public static string MapBindingToBindingString(string string_binding, Guid interface_id, Version interface_version) { using (var binding = SafeRpcBindingHandle.Create(string_binding, false)) { return(MapBindingToBindingString(binding, interface_id, interface_version)); } }
/// <summary> /// Finds ALPC endpoints which allows for the server binding. This brute forces all ALPC ports to try and find /// something which will accept the bind. /// </summary> /// <remarks>This could hang if the ALPC port is owned by a suspended process.</remarks> /// <param name="interface_id">Interface UUID to lookup.</param> /// <param name="interface_version">Interface version lookup.</param> /// <returns>A list of RPC endpoints which can bind the interface.</returns> /// <exception cref="NtException">Throws on error.</exception> public static IEnumerable <RpcEndpoint> FindAlpcEndpointForInterface(Guid interface_id, Version interface_version) { using (var dir = NtDirectory.Open(@"\RPC Control")) { var nt_type = NtType.GetTypeByType <NtAlpc>().Name; foreach (var port in dir.Query().Where(e => e.NtTypeName == nt_type)) { bool success = false; try { using (var server = new RpcClient(interface_id, interface_version)) { server.Connect(port.Name); success = true; } } catch { } if (success) { yield return(new RpcEndpoint(interface_id, interface_version, SafeRpcBindingHandle.Compose(null, "ncalrpc", null, port.Name, null), false)); } } } }
private static RpcEndpoint CreateEndpoint(SafeRpcBindingHandle binding_handle, RPC_IF_ID if_id) { var endpoints = QueryEndpoints(binding_handle, RpcEndpointInquiryFlag.Interface, if_id, RpcEndPointVersionOption.Exact, null, false).ToArray(); RpcEndpoint ret = endpoints.Where(ep => ep.BindingString.Equals(binding_handle.ToString(), StringComparison.OrdinalIgnoreCase)).FirstOrDefault(); return(ret ?? new RpcEndpoint(if_id, new UUID(), null, binding_handle, false)); }
internal static extern int RpcMgmtEpEltInqBegin( SafeRpcBindingHandle EpBinding, RpcEndpointInquiryFlag InquiryType, RPC_IF_ID IfId, RpcEndPointVersionOption VersOption, UUID ObjectUuid, out SafeRpcInquiryHandle InquiryContext );
private static Win32Error ResolveBinding(SafeRpcBindingHandle binding, Guid interface_id, Version interface_version) { RPC_SERVER_INTERFACE ifspec = new RPC_SERVER_INTERFACE(); ifspec.Length = Marshal.SizeOf(ifspec); ifspec.InterfaceId.SyntaxGUID = interface_id; ifspec.InterfaceId.SyntaxVersion = interface_version.ToRpcVersion(); return(Win32NativeMethods.RpcEpResolveBinding(binding, ref ifspec)); }
/// <summary> /// Query for endpoints for a RPC binding. /// </summary> /// <param name="alpc_port">The ALPC port to query. Can be a full path as long as it contains \RPC Control\ somewhere.</param> /// <returns>The list of endpoints on the RPC binding.</returns> public static IEnumerable <RpcEndpoint> QueryEndpointsForAlpcPort(string alpc_port) { int index = alpc_port.IndexOf(@"\RPC Control\", StringComparison.OrdinalIgnoreCase); if (index >= 0) { alpc_port = alpc_port.Substring(0, index) + RPC_CONTROL_PATH + alpc_port.Substring(index + RPC_CONTROL_PATH.Length); } return(QueryEndpointsForBinding(SafeRpcBindingHandle.Create(null, "ncalrpc", null, alpc_port, null))); }
private static IEnumerable <RpcEndpoint> QueryEndpoints(string search_binding, RpcEndpointInquiryFlag inquiry_flag, RPC_IF_ID if_id_search, RpcEndPointVersionOption version, UUID uuid_search, bool throw_on_error = true) { using (SafeRpcBindingHandle search_handle = string.IsNullOrEmpty(search_binding) ? SafeRpcBindingHandle.Null : SafeRpcBindingHandle.Create(search_binding)) { int status = Win32NativeMethods.RpcMgmtEpEltInqBegin(search_handle, inquiry_flag, if_id_search, version, uuid_search, out SafeRpcInquiryHandle inquiry); if (status != 0) { if (throw_on_error) { throw new SafeWin32Exception(status); } yield break; } using (inquiry) { while (true) { RPC_IF_ID if_id = new RPC_IF_ID(); UUID uuid = new UUID(); status = Win32NativeMethods.RpcMgmtEpEltInqNext(inquiry, if_id, out SafeRpcBindingHandle binding, uuid, out SafeRpcStringHandle annotation); if (status != 0) { if (status != 1772 && throw_on_error) { throw new SafeWin32Exception(status); } break; } try { yield return(new RpcEndpoint(if_id, uuid, annotation, binding, true)); } finally { binding.Dispose(); annotation.Dispose(); } } } } }
private static IEnumerable <RpcEndpoint> QueryEndpointsForBinding(SafeRpcBindingHandle binding_handle) { using (binding_handle) { int status = Win32NativeMethods.RpcMgmtInqIfIds(binding_handle, out SafeRpcIfIdVectorHandle if_id_vector); // If the RPC server doesn't exist return an empty list. if (status == 1722) { return(new RpcEndpoint[0]); } if (status != 0) { throw new SafeWin32Exception(status); } using (if_id_vector) { return(if_id_vector.GetIfIds().Select(if_id => CreateEndpoint(binding_handle, if_id)).ToArray()); } } }
private static IEnumerable <RpcEndpoint> QueryEndpoints(SafeRpcBindingHandle search_binding, RpcEndpointInquiryFlag inquiry_flag, RPC_IF_ID if_id_search, RpcEndPointVersionOption version, UUID uuid_search) { using (search_binding) { int status = Win32NativeMethods.RpcMgmtEpEltInqBegin(search_binding, inquiry_flag, if_id_search, version, uuid_search, out SafeRpcInquiryHandle inquiry); if (status != 0) { throw new SafeWin32Exception(status); } using (inquiry) { while (true) { RPC_IF_ID if_id = new RPC_IF_ID(); UUID uuid = new UUID(); status = Win32NativeMethods.RpcMgmtEpEltInqNext(inquiry, if_id, out SafeRpcBindingHandle binding, uuid, out SafeRpcStringHandle annotation); if (status != 0) { if (status == 1772) { break; } throw new SafeWin32Exception(status); } try { yield return(new RpcEndpoint(if_id, uuid, annotation, binding)); } finally { binding.Dispose(); annotation.Dispose(); } } } } }
/// <summary> /// Resolve the binding string for this service from the the Endpoint Mapper. /// </summary> /// <param name="protocol_seq">The protocol sequence to lookup.</param> /// <param name="network_address">The network address to lookup the endpoint.</param> /// <param name="interface_id">Interface UUID to lookup.</param> /// <param name="interface_version">Interface version lookup.</param> /// <remarks>This only will return a valid value if the service is running and registered with the Endpoint Mapper. It can also hang.</remarks> /// <returns>The RPC binding string. Empty string if it doesn't exist or the lookup failed.</returns> public static string MapServerToBindingString(string protocol_seq, string network_address, Guid interface_id, Version interface_version) { using (var binding = SafeRpcBindingHandle.Create(null, protocol_seq, network_address, null, null, false)) { if (!binding.IsSuccess) { return(string.Empty); } RPC_SERVER_INTERFACE ifspec = new RPC_SERVER_INTERFACE(); ifspec.Length = Marshal.SizeOf(ifspec); ifspec.InterfaceId.SyntaxGUID = interface_id; ifspec.InterfaceId.SyntaxVersion = interface_version.ToRpcVersion(); var result = Win32NativeMethods.RpcEpResolveBinding(binding.Result, ref ifspec); if (result != Win32Error.SUCCESS) { return(string.Empty); } return(binding.Result.ToString()); } }
/// <summary> /// Query for endpoints for a RPC binding. /// </summary> /// <param name="string_binding">The RPC binding to query, e.g. ncalrpc:[PORT]</param> /// <returns>The list of endpoints on the RPC binding.</returns> public static IEnumerable <RpcEndpoint> QueryEndpointsForBinding(string string_binding) { return(QueryEndpointsForBinding(SafeRpcBindingHandle.Create(string_binding))); }
internal static extern int RpcEpResolveBinding(SafeRpcBindingHandle Binding, ref RPC_SERVER_INTERFACE IfSpec);
internal static extern int RpcBindingFromStringBinding([MarshalAs(UnmanagedType.LPTStr)] string StringBinding, out SafeRpcBindingHandle Binding);
internal RpcEndpoint(RPC_IF_ID if_id, UUID uuid, SafeRpcStringHandle annotation, SafeRpcBindingHandle binding, bool registered) : this(if_id.Uuid, new Version(if_id.VersMajor, if_id.VersMinor), annotation?.ToString(), binding.ToString(), registered) { }
internal RpcEndpoint(RPC_IF_ID if_id, UUID uuid, SafeRpcStringHandle annotation, SafeRpcBindingHandle binding) { InterfaceId = if_id.Uuid; InterfaceVersion = new Version(if_id.VersMajor, if_id.VersMinor); ObjectUuid = uuid.Uuid; Annotation = annotation.ToString(); BindingString = binding.ToString(); var cracked = new CrackedBindingString(BindingString); Protseq = cracked.Protseq; NetworkAddr = cracked.NetworkAddr; Endpoint = cracked.Endpoint; NetworkOptions = cracked.NetworkOptions; if (Protseq.Equals("ncalrpc", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrEmpty(Endpoint)) { EndpointPath = $@"\RPC Control\{Endpoint}"; } else if (Protseq.Equals("ncacn_np", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrEmpty(Endpoint)) { EndpointPath = $@"\??{Endpoint}"; } else { EndpointPath = string.Empty; } }
internal static extern int RpcMgmtInqIfIds( SafeRpcBindingHandle Binding, out SafeRpcIfIdVectorHandle IfIdVector );
internal RpcEndpoint(RPC_IF_ID if_id, UUID uuid, SafeRpcStringHandle annotation, SafeRpcBindingHandle binding, bool registered) { InterfaceId = if_id.Uuid; InterfaceVersion = new Version(if_id.VersMajor, if_id.VersMinor); ObjectUuid = uuid.Uuid; Annotation = annotation?.ToString() ?? string.Empty; BindingString = binding.ToString(); ProtocolSequence = binding.Protseq; NetworkAddress = binding.NetworkAddr; Endpoint = binding.Endpoint; NetworkOptions = binding.NetworkOptions; if (ProtocolSequence.Equals("ncalrpc", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrEmpty(Endpoint)) { if (Endpoint.Contains(@"\")) { EndpointPath = Endpoint; } else { EndpointPath = $@"\RPC Control\{Endpoint}"; } } else if (ProtocolSequence.Equals("ncacn_np", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrEmpty(Endpoint)) { EndpointPath = $@"\??{Endpoint}"; } else { EndpointPath = string.Empty; } Registered = registered; }