197 lines
4.7 KiB
C
197 lines
4.7 KiB
C
|
#include "pch.h"
|
||
|
#pragma hdrstop
|
||
|
|
||
|
#include "bmcommon.h"
|
||
|
|
||
|
static GENERIC_MAPPING FileGenericMapping =
|
||
|
{
|
||
|
FILE_GENERIC_READ,
|
||
|
FILE_GENERIC_WRITE,
|
||
|
FILE_GENERIC_EXECUTE,
|
||
|
FILE_ALL_ACCESS
|
||
|
};
|
||
|
|
||
|
static PSECURITY_DESCRIPTOR pSD;
|
||
|
static HANDLE hToken;
|
||
|
|
||
|
|
||
|
EXTERN_C
|
||
|
DWORD
|
||
|
InitNtAccessChecks()
|
||
|
{
|
||
|
DWORD dwError=NO_ERROR;
|
||
|
BOOL b;
|
||
|
PWCHAR szMsg=NULL;
|
||
|
HANDLE hProcessToken=NULL;
|
||
|
|
||
|
b = ConvertStringSecurityDescriptorToSecurityDescriptorW(g_szSd,
|
||
|
SDDL_REVISION_1,
|
||
|
&pSD, NULL);
|
||
|
|
||
|
if (!b)
|
||
|
{
|
||
|
szMsg = L"SDDL";
|
||
|
goto GetError;
|
||
|
}
|
||
|
|
||
|
if ( !OpenProcessToken( GetCurrentProcess(), TOKEN_DUPLICATE,
|
||
|
&hProcessToken ) )
|
||
|
{
|
||
|
szMsg = L"OpenProcessToken";
|
||
|
goto GetError;
|
||
|
}
|
||
|
|
||
|
|
||
|
if ( !DuplicateToken( hProcessToken, SecurityImpersonation, &hToken ) )
|
||
|
{
|
||
|
szMsg = L"DuplicateToken";
|
||
|
goto GetError;
|
||
|
}
|
||
|
|
||
|
|
||
|
if ( !SetThreadToken( NULL, hToken ) )
|
||
|
{
|
||
|
szMsg = L"SetThreadToken";
|
||
|
goto GetError;
|
||
|
}
|
||
|
|
||
|
Cleanup:
|
||
|
|
||
|
if ( hProcessToken )
|
||
|
{
|
||
|
CloseHandle( hProcessToken );
|
||
|
}
|
||
|
|
||
|
if ( szMsg )
|
||
|
{
|
||
|
wprintf (L"InitNtAccessChecks: %s: %x\n", szMsg, dwError);
|
||
|
}
|
||
|
|
||
|
return dwError;
|
||
|
|
||
|
GetError:
|
||
|
dwError = GetLastError();
|
||
|
goto Cleanup;
|
||
|
|
||
|
}
|
||
|
|
||
|
EXTERN_C
|
||
|
DWORD
|
||
|
DoNtAccessChecks(
|
||
|
IN ULONG NumChecks,
|
||
|
IN DWORD Flags
|
||
|
)
|
||
|
{
|
||
|
DWORD dwError=NO_ERROR;
|
||
|
PWCHAR StringSD = L"O:BAG:BAD:(OA;;GA;;;WD)S:(AU;FASA;GA;;;WD)";
|
||
|
BOOL b;
|
||
|
ULONG i;
|
||
|
PRIVILEGE_SET Privs = { 0 };
|
||
|
DWORD dwPrivLength=20*sizeof(LUID_AND_ATTRIBUTES);
|
||
|
BOOL fGenOnClose[100];
|
||
|
PWCHAR szMsg=NULL;
|
||
|
HANDLE hObj= (HANDLE) 333444;
|
||
|
|
||
|
if ( Flags & BMF_GenerateAudit )
|
||
|
{
|
||
|
if ( Flags & BMF_UseObjTypeList )
|
||
|
{
|
||
|
for (i=0; i < NumChecks; i++)
|
||
|
{
|
||
|
if (!AccessCheckByTypeResultListAndAuditAlarm(
|
||
|
L"supersystemwithaudit",
|
||
|
hObj,
|
||
|
L"Kernel speed test",
|
||
|
L"sample operation",
|
||
|
pSD,
|
||
|
g_Sid1,
|
||
|
DESIRED_ACCESS,
|
||
|
AuditEventObjectAccess,
|
||
|
0,
|
||
|
ObjectTypeList,
|
||
|
ObjectTypeListLength,
|
||
|
&FileGenericMapping,
|
||
|
FALSE,
|
||
|
dwNtGrantedAccess,
|
||
|
fNtAccessCheckResult,
|
||
|
fGenOnClose ))
|
||
|
{
|
||
|
szMsg = L"AccessCheck";
|
||
|
goto GetError;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
for (i=0; i < NumChecks; i++)
|
||
|
{
|
||
|
if (!AccessCheckAndAuditAlarm(
|
||
|
L"mysystem",
|
||
|
hObj,
|
||
|
L"File",
|
||
|
L"file-object",
|
||
|
pSD, DESIRED_ACCESS,
|
||
|
&FileGenericMapping,
|
||
|
FALSE,
|
||
|
&dwNtGrantedAccess[0],
|
||
|
&fNtAccessCheckResult[0],
|
||
|
&fGenOnClose[0] ))
|
||
|
{
|
||
|
szMsg = L"AccessCheck";
|
||
|
goto GetError;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
if ( Flags & BMF_UseObjTypeList )
|
||
|
{
|
||
|
for (i=0; i < NumChecks; i++)
|
||
|
{
|
||
|
if (!AccessCheckByTypeResultList(
|
||
|
pSD,
|
||
|
g_Sid1,
|
||
|
hToken, DESIRED_ACCESS,
|
||
|
ObjectTypeList,
|
||
|
ObjectTypeListLength,
|
||
|
&FileGenericMapping,
|
||
|
&Privs, &dwPrivLength,
|
||
|
dwNtGrantedAccess,
|
||
|
fNtAccessCheckResult ))
|
||
|
{
|
||
|
szMsg = L"AccessCheck";
|
||
|
goto GetError;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
for (i=0; i < NumChecks; i++)
|
||
|
{
|
||
|
if (!AccessCheck( pSD, hToken, DESIRED_ACCESS,
|
||
|
&FileGenericMapping,
|
||
|
&Privs, &dwPrivLength,
|
||
|
&dwNtGrantedAccess[0],
|
||
|
&fNtAccessCheckResult[0] ))
|
||
|
{
|
||
|
szMsg = L"AccessCheck";
|
||
|
goto GetError;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
Cleanup:
|
||
|
if ( szMsg )
|
||
|
{
|
||
|
wprintf (L"%s: %x\n", szMsg, dwError);
|
||
|
}
|
||
|
|
||
|
return dwError;
|
||
|
|
||
|
GetError:
|
||
|
dwError = GetLastError();
|
||
|
goto Cleanup;
|
||
|
}
|