Advertisement
Guest User

Untitled

a guest
Jul 23rd, 2019
95
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.83 KB | None | 0 0
  1. using System.Security.Principal;
  2. .
  3. .
  4. .
  5. WindowsPrincipal wp = new WindowsPrincipal(WindowsIdentity.GetCurrent());
  6. String username = wp.Identity.Name;
  7.  
  8. private string GetUserName(int SessionId)
  9. {
  10. try
  11. {
  12. Runspace runspace = RunspaceFactory.CreateRunspace();
  13. runspace.Open();
  14.  
  15. Pipeline pipeline = runspace.CreatePipeline();
  16. pipeline.Commands.AddScript("Quser");
  17. pipeline.Commands.Add("Out-String");
  18.  
  19. Collection<PSObject> results = pipeline.Invoke();
  20.  
  21. runspace.Close();
  22.  
  23. StringBuilder stringBuilder = new StringBuilder();
  24. foreach (PSObject obj in results)
  25. {
  26. stringBuilder.AppendLine(obj.ToString());
  27. }
  28.  
  29. foreach (string User in stringBuilder.ToString().Split(new string[] { Environment.NewLine }, StringSplitOptions.RemoveEmptyEntries).Skip(1))
  30. {
  31. string[] UserAttributes = User.Split(new string[]{" "},StringSplitOptions.RemoveEmptyEntries);
  32. if (int.Parse(UserAttributes[2].Trim()) == SessionId)
  33. {
  34. return UserAttributes[0].Replace(">", string.Empty).Trim();
  35. }
  36. }
  37.  
  38. return stringBuilder.ToString();
  39. }
  40. catch (Exception ex)
  41. {
  42. }
  43.  
  44. return string.Empty;
  45. }
  46.  
  47. string CurrentUser = GetUserName(Process.GetCurrentProcess().SessionId);
  48.  
  49. [DllImport("Wtsapi32.dll")]
  50. private static extern bool WTSQuerySessionInformation(IntPtr hServer, int sessionId, WtsInfoClass wtsInfoClass, out IntPtr ppBuffer, out int pBytesReturned);
  51. [DllImport("Wtsapi32.dll")]
  52. private static extern void WTSFreeMemory(IntPtr pointer);
  53.  
  54. private enum WtsInfoClass
  55. {
  56. WTSUserName = 5,
  57. WTSDomainName = 7,
  58. }
  59.  
  60. private static string GetUsername(int sessionId, bool prependDomain = true)
  61. {
  62. IntPtr buffer;
  63. int strLen;
  64. string username = "SYSTEM";
  65. if (WTSQuerySessionInformation(IntPtr.Zero, sessionId, WtsInfoClass.WTSUserName, out buffer, out strLen) && strLen > 1)
  66. {
  67. username = Marshal.PtrToStringAnsi(buffer);
  68. WTSFreeMemory(buffer);
  69. if (prependDomain)
  70. {
  71. if (WTSQuerySessionInformation(IntPtr.Zero, sessionId, WtsInfoClass.WTSDomainName, out buffer, out strLen) && strLen > 1)
  72. {
  73. username = Marshal.PtrToStringAnsi(buffer) + "\" + username;
  74. WTSFreeMemory(buffer);
  75. }
  76. }
  77. }
  78. return username;
  79. }
  80.  
  81. ManagementScope ms = new ManagementScope("\\.\root\cimv2");
  82. ObjectQuery query = new ObjectQuery("SELECT * FROM Win32_ComputerSystem");
  83. ManagementObjectSearcher searcher = new ManagementObjectSearcher(ms, query);
  84. foreach(ManagementObject mo in searcher.Get())
  85. {
  86. Console.WriteLine(mo["UserName"].ToString());
  87. }
  88.  
  89. public string GetProcessOwner(string processName)
  90. {
  91. string query = "Select * from Win32_Process Where Name = "" + processName + """;
  92. ManagementObjectSearcher searcher = new ManagementObjectSearcher(query);
  93. ManagementObjectCollection processList = searcher.Get();
  94.  
  95. foreach (ManagementObject obj in processList)
  96. {
  97. string[] argList = new string[] { string.Empty, string.Empty };
  98. int returnVal = Convert.ToInt32(obj.InvokeMethod("GetOwner", argList));
  99. if (returnVal == 0)
  100. {
  101. // return DOMAINuser
  102. string owner = argList[1] + "\" + argList[0];
  103. return owner;
  104. }
  105. }
  106.  
  107. return "NO OWNER";
  108. }
  109.  
  110. string username = "SYSTEM";
  111. var explorer = Process.GetProcessesByName("explorer").FirstOrDefault();
  112. if (explorer != null)
  113. {
  114. username = GetUsername(explorer.SessionId);
  115. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement