Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // SecurityDescriptorOfProcess.cpp : Defines the entry point for the console application.
- //
- #include <Windows.h>
- #include <iostream>
- #include <string>
- #include <aclapi.h>
- #include <sddl.h>
- #pragma comment(lib, "advapi32.lib")
- #define make_directories 1
- #define add_files 2
- #define write_file 3
- #define delete_dirs_and_file 4
- // converts PSID to string
- std::string SidToString(PSID pSid)
- {
- char *pSidString = NULL;
- if (!ConvertSidToStringSid(pSid, &pSidString))
- {
- DWORD dwResult = GetLastError();
- if (dwResult == ERROR_NOT_ENOUGH_MEMORY)
- std::cout << "Insufficient memory." << std::endl;
- else if (dwResult == ERROR_INVALID_SID)
- std::cout << "The SID is not valid." << std::endl;
- else
- {
- // ERROR_INVALID_PARAMETER
- std::cout << "One of the parameters contains a value that is not valid. " << std::endl;
- }
- return "";
- }
- std::string SidString(pSidString);
- LocalFree(pSidString);
- return SidString;
- }
- void TestSecurityDescriptor()
- {
- PSID pSidOwner = NULL;
- PSID pSidGroup = NULL;
- PSECURITY_DESCRIPTOR pSD = NULL;
- if (GetSecurityInfo(GetCurrentProcess(),
- SE_KERNEL_OBJECT,
- OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION,
- &pSidOwner,
- &pSidGroup,
- NULL, // for Dacl
- NULL, // for Sacl
- &pSD) != ERROR_SUCCESS)
- {
- std::cout << "Failed to retrieve Security Descriptor, error: " << GetLastError() << std::endl;
- return;
- }
- DWORD dwAccountName = 0;
- DWORD dwDomainName = 0;
- SID_NAME_USE SidUse = SidTypeUnknown;
- if (!LookupAccountSid(NULL,
- pSidOwner,
- NULL,
- &dwAccountName,
- NULL,
- &dwDomainName,
- &SidUse) && GetLastError() != ERROR_INSUFFICIENT_BUFFER)
- {
- std::cout << "Failed to retrieve buffer size" << std::endl;
- LocalFree(pSD);
- return;
- }
- std::string AccountName(dwAccountName - 1, '*');
- std::string DomainName(dwDomainName - 1, '*');
- if (!LookupAccountSid(NULL,
- pSidOwner,
- &AccountName[0],
- &dwAccountName,
- &DomainName[0],
- &dwDomainName,
- &SidUse))
- {
- std::cout << "Failed to retrieve Account Name and Domain Name" << std::endl;
- LocalFree(pSD);
- return;
- }
- std::cout << "pSidOwner - " << SidToString(pSidOwner) << std::endl;
- std::cout << "pSidGroup - " << SidToString(pSidGroup) << std::endl;
- std::cout << "Owner Name: [ " << AccountName << " ]" << std::endl;
- std::cout << "Domain Name: [ " << DomainName << " ]" << std::endl;
- /*
- We can use pSD, the Security Descriptor of our process
- You should not do
- FreeSid(pSidOwner)
- FreeSid(pSidGroup)
- */
- LocalFree(pSD);
- return;
- }
- void DisplayError(std::string msg)
- {
- std::cout << msg << ", Error: " << GetLastError() << std::endl;
- }
- void DisplayError(std::wstring msg)
- {
- std::wcout << msg << L", Error: " << GetLastError() << std::endl;
- }
- template<typename T, size_t N>
- constexpr size_t ElementCount(T(&)[N])
- {
- return N;
- }
- void CreateSecurityDescriptorDIR()
- {
- PSID pSidEveryone = NULL;
- PSID pSidAdministrators = NULL;
- PSID pSidTest = NULL;
- PSID pSidDarina = NULL;
- PACL pDacl = NULL;
- // typedef void* PSECURITY_DESCRIPTOR
- PSECURITY_DESCRIPTOR pSDAbsolute = NULL;
- // Should not do SECURIT_DESCRIPTOR* pSDAbsolute
- // SECURITY_DESCRIPTOR, PISECURITY_DESCRIPTOR - https://goo.gl/yKjacY
- // PSECURITY_DESCRIPTOR == typedef void* PSECURITY_DESCRIPTOR;
- HKEY hSubKey = NULL;
- while (1)
- {
- // STEP 1. Create SIDs for group "Everyone" and "Administrators"
- // STEP 1.1. Create a SID for group "Everyone"
- SID_IDENTIFIER_AUTHORITY AuthorityEveryone = SECURITY_WORLD_SID_AUTHORITY;
- // SID_IDENTIFIER_AUTHORITY - https://goo.gl/eVGZZi
- // SID, PISID - https ://goo.gl/x1fivM
- // AllocateAndInitializeSid function - https://goo.gl/rdwfRR
- if (!ConvertStringSidToSidA("Darina-SID", &pSidDarina)) printf("ConvertSID Darina Error %u\n", GetLastError()); // SID of 'Kostya Zaigraev' user
- if (!ConvertStringSidToSidA("Test-SID", &pSidTest)) printf("ConvertSID Test Error %u\n", GetLastError()); // SID of 'test' user
- if (!AllocateAndInitializeSid(&AuthorityEveryone, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &pSidEveryone))
- { DisplayError("Failed to allocate SID for group \"Everyone\""); break;
- }
- // STEP 1.2. Create a SID for group "Administrators"
- SID_IDENTIFIER_AUTHORITY AuthorityAdministrators = SECURITY_NT_AUTHORITY;
- if (!AllocateAndInitializeSid(&AuthorityAdministrators, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pSidAdministrators))
- { DisplayError("Failed to allocate SID for group \"Administrators\""); break;
- }
- // STEP 2. Create ACEs - Access Control Entry
- // EXPLICIT_ACCESS - https://goo.gl/ZsEdYZ
- EXPLICIT_ACCESS ea[] = { {}, {}, {}, {} };
- // element count of ea
- ULONG ea_count = (ULONG)ElementCount(ea);
- // STEP 2.1. Create ACE for group "Everyone"
- // ACCESS_MODE - https://goo.gl/Twn25z
- // Indicates an ACCESS_ALLOWED_ACE structure that allows the specified rights.
- ea[0].grfAccessMode = SET_ACCESS;
- // Registry Key Security and Access Rights - https://goo.gl/zyCPJo
- // give permission to read registry key
- ea[0].grfAccessPermissions = GENERIC_EXECUTE; //
- //2.4 - zminiti
- //3.4.1 Видаляти директорії і виконувати всі дії, право на які дають дозволи Запис
- // do not allow inheritance for our ACE
- ea[0].grfInheritance = NO_INHERITANCE;
- // TRUSTEE - https://goo.gl/UKyACc
- // TRUSTEE_FORM - https://goo.gl/xathsC
- ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
- // TRUSTEE_TYPE - https://goo.gl/xaScCH
- ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
- ea[0].Trustee.ptstrName = (LPCH)pSidEveryone;
- // STEP 2.2. Create ACE for group "Administrators"
- ea[1].grfAccessMode = SET_ACCESS;
- // Registry Key Security and Access Rights - https://goo.gl/zyCPJo
- // give all access permissions to the registry key
- ea[1].grfAccessPermissions = GENERIC_ALL; //4.4.21 всі користувачі мають можливість Видаляти директорії і виконувати всі дії,
- ea[1].grfInheritance = NO_INHERITANCE;
- ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID;
- ea[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
- ea[1].Trustee.ptstrName = (LPCH)pSidAdministrators;
- //test-user
- ea[2].grfAccessPermissions = GENERIC_EXECUTE; // 6.4.21 один користувач має можливість виконувати всі дії, право на які дають дозволи Запис
- ea[2].grfAccessMode = SET_ACCESS;
- ea[2].grfInheritance = NO_INHERITANCE;
- ea[2].Trustee.TrusteeForm = TRUSTEE_IS_SID;
- ea[2].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
- ea[2].Trustee.ptstrName = (LPTSTR)pSidTest;
- //Darina user
- ea[3].grfAccessPermissions = DELETE; //6.4.21 всі користувачі мають можливість Видаляти директорії
- ea[3].grfAccessMode = SET_ACCESS;
- ea[3].grfInheritance = NO_INHERITANCE;
- ea[3].Trustee.TrusteeForm = TRUSTEE_IS_SID;
- ea[3].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
- ea[3].Trustee.ptstrName = (LPTSTR)pSidDarina;
- // STEP 3. Create a DACL,
- // DACL stands for Discretionary Access Control List
- // SetEntriesInAcl function - https://goo.gl/5rA7W1
- // A pointer to a variable that receives a pointer to the new ACL.
- // If the function succeeds,
- // you must call the LocalFree function to free the returned buffer.
- if (SetEntriesInAcl(ea_count, ea, NULL, &pDacl) != ERROR_SUCCESS)
- {
- DisplayError("Failed to create a DACL with ACEs");
- break;
- }
- // STEP 4. Allocate and Initialize a Security Descriptor
- // STEP 4.1. Allocate memory for a Security Descriptor
- // GlobalAlloc function - https://goo.gl/gT29aM
- pSDAbsolute = (PSECURITY_DESCRIPTOR)GlobalAlloc(GMEM_FIXED, SECURITY_DESCRIPTOR_MIN_LENGTH);
- if (!pSDAbsolute)
- {
- DisplayError("Failed to allocate memory for a Security Descriptor");
- break;
- }
- // STEP 4.2. Initialize the Security Descriptor
- // InitializeSecurityDescriptor function - https://goo.gl/TV69HX
- if (!InitializeSecurityDescriptor(pSDAbsolute, SECURITY_DESCRIPTOR_REVISION))
- {
- DisplayError("Failed to initialize the Security Descriptor");
- break;
- }
- // STEP 5. Add DACL to the security descriptor
- // SetSecurityDescriptorDacl - https://goo.gl/MfbbYp
- if (!SetSecurityDescriptorDacl(pSDAbsolute, TRUE, pDacl, FALSE))
- {
- DisplayError("Failed to add DACL to the Security Descriptor");
- break;
- }
- // STEP 6. Create a Security Attribute
- // SECURITY_ATTRIBUTES - https://goo.gl/BZ2sB3
- SECURITY_ATTRIBUTES sa{ sizeof(SECURITY_ATTRIBUTES), pSDAbsolute, FALSE };
- CreateDirectory("C:\\1", &sa);
- CreateDirectory("C:\\1\\kek", &sa);
- // STEP 7. Use the security descriptor we created so far
- // RegCreateKeyEx - https://goo.gl/dGxxrY
- // Registry Key Security and Access Rights - https ://goo.gl/zyCPJo
- DWORD dwDisposition;
- //if (RegCreateKeyEx(HKEY_CURRENT_USER, "MyFirstRegKey", 0, (LPSTR)"", 0,
- // KEY_READ | KEY_WRITE, &sa, &hSubKey, &dwDisposition) != ERROR_SUCCESS)
- //{
- // DisplayError("Failed to create registry subkey");
- // break;
- //}
- //else
- {
- std::cout << "Successfully created registry subkey" << std::endl;
- std::cout << "Thank you for watching!" << std::endl;
- break;
- }
- }
- // STEP 8. Release the allocated resources
- if (pSidEveryone)
- FreeSid(pSidEveryone);
- if (pSidAdministrators)
- FreeSid(pSidAdministrators);
- if (pDacl)
- LocalFree(pDacl);
- if (pSDAbsolute)
- GlobalFree(pSDAbsolute);
- if (hSubKey)
- RegCloseKey(hSubKey);
- }
- int CreateSecurityDescriptorFile_341()
- {
- PSID pSidEveryone = NULL;
- PSID pSidAdministrators = NULL;
- PSID pSidTest = NULL;
- PSID pSidDarina = NULL;
- PACL pDacl = NULL;
- // typedef void* PSECURITY_DESCRIPTOR
- PSECURITY_DESCRIPTOR pSDAbsolute = NULL;
- // Should not do SECURIT_DESCRIPTOR* pSDAbsolute
- // SECURITY_DESCRIPTOR, PISECURITY_DESCRIPTOR - https://goo.gl/yKjacY
- // PSECURITY_DESCRIPTOR == typedef void* PSECURITY_DESCRIPTOR;
- HKEY hSubKey = NULL;
- while (1)
- {
- // STEP 1. Create SIDs for group "Everyone" and "Administrators"
- if (!ConvertStringSidToSidA("Darina-SID", &pSidDarina)) printf("ConvertSID Darina Error %u\n", GetLastError()); // SID of 'Kostya Zaigraev' user
- if (!ConvertStringSidToSidA("Test-SID", &pSidTest)) printf("ConvertSID Test Error %u\n", GetLastError()); // SID of 'test' user
- // STEP 1.1. Create a SID for group "Everyone"
- SID_IDENTIFIER_AUTHORITY AuthorityEveryone =
- SECURITY_WORLD_SID_AUTHORITY;
- // SID_IDENTIFIER_AUTHORITY - https://goo.gl/eVGZZi
- // SID, PISID - https ://goo.gl/x1fivM
- // AllocateAndInitializeSid function - https://goo.gl/rdwfRR
- if (!AllocateAndInitializeSid(&AuthorityEveryone, 1,
- SECURITY_WORLD_RID,
- 0, 0, 0, 0, 0, 0, 0, &pSidEveryone))
- {
- DisplayError("Failed to allocate SID for group \"Everyone\"");
- break;
- }
- // STEP 1.2. Create a SID for group "Administrators"
- SID_IDENTIFIER_AUTHORITY AuthorityAdministrators
- = SECURITY_NT_AUTHORITY;
- if (!AllocateAndInitializeSid(&AuthorityAdministrators, 2,
- SECURITY_BUILTIN_DOMAIN_RID,
- DOMAIN_ALIAS_RID_ADMINS,
- 0, 0, 0, 0, 0, 0, &pSidAdministrators))
- {
- DisplayError("Failed to allocate SID for group \"Administrators\"");
- break;
- }
- // STEP 2. Create ACEs - Access Control Entry
- // EXPLICIT_ACCESS - https://goo.gl/ZsEdYZ
- EXPLICIT_ACCESS ea[] = { {}, {}, {}, {} };
- // element count of ea
- ULONG ea_count = (ULONG)ElementCount(ea);
- // STEP 2.1. Create ACE for group "Everyone"
- // ACCESS_MODE - https://goo.gl/Twn25z
- // Indicates an ACCESS_ALLOWED_ACE structure that allows the specified rights.
- ea[0].grfAccessMode = SET_ACCESS;
- // Registry Key Security and Access Rights - https://goo.gl/zyCPJo
- // give permission to read registry key
- ea[0].grfAccessPermissions = FILE_GENERIC_WRITE; //3.4.1 всі користувачі мають можливість Перезаписувати файл, змінювати атрибути файлів і переглядати власників та дозволи -
- // do not allow inheritance for our ACE
- ea[0].grfInheritance = NO_INHERITANCE;
- // TRUSTEE - https://goo.gl/UKyACc
- // TRUSTEE_FORM - https://goo.gl/xathsC
- ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
- // TRUSTEE_TYPE - https://goo.gl/xaScCH
- ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
- ea[0].Trustee.ptstrName = (LPCH)pSidEveryone;
- // STEP 2.2. Create ACE for group "Administrators"
- ea[1].grfAccessMode = SET_ACCESS;
- // Registry Key Security and Access Rights - https://goo.gl/zyCPJo
- // give all access permissions to the registry key
- ea[1].grfAccessPermissions = GENERIC_WRITE; //4.4.11 всі користувачі мають можливість Перезаписувати файл
- ea[1].grfInheritance = NO_INHERITANCE;
- ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID;
- ea[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
- ea[1].Trustee.ptstrName = (LPCH)pSidAdministrators;
- //test-user
- ea[2].grfAccessPermissions = FILE_WRITE_ATTRIBUTES | STANDARD_RIGHTS_READ; // 6.4.11 один користувач має можливість змінювати атрибути файлів і переглядати власників
- ea[2].grfAccessMode = SET_ACCESS;
- ea[2].grfInheritance = NO_INHERITANCE;
- ea[2].Trustee.TrusteeForm = TRUSTEE_IS_SID;
- ea[2].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
- ea[2].Trustee.ptstrName = (LPTSTR)pSidTest;
- //Darina user
- ea[3].grfAccessPermissions = GENERIC_ALL;
- ea[3].grfAccessMode = SET_ACCESS;
- ea[3].grfInheritance = NO_INHERITANCE;
- ea[3].Trustee.TrusteeForm = TRUSTEE_IS_SID;
- ea[3].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
- ea[3].Trustee.ptstrName = (LPTSTR)pSidDarina;
- // STEP 3. Create a DACL,
- // DACL stands for Discretionary Access Control List
- // SetEntriesInAcl function - https://goo.gl/5rA7W1
- // A pointer to a variable that receives a pointer to the new ACL.
- // If the function succeeds,
- // you must call the LocalFree function to free the returned buffer.
- if (SetEntriesInAcl(ea_count, ea, NULL, &pDacl)
- != ERROR_SUCCESS)
- {
- DisplayError("Failed to create a DACL with ACEs");
- break;
- }
- // STEP 4. Allocate and Initialize a Security Descriptor
- // STEP 4.1. Allocate memory for a Security Descriptor
- // GlobalAlloc function - https://goo.gl/gT29aM
- pSDAbsolute =
- (PSECURITY_DESCRIPTOR)GlobalAlloc(GMEM_FIXED, SECURITY_DESCRIPTOR_MIN_LENGTH);
- if (!pSDAbsolute)
- {
- DisplayError("Failed to allocate memory for a Security Descriptor");
- break;
- }
- // STEP 4.2. Initialize the Security Descriptor
- // InitializeSecurityDescriptor function - https://goo.gl/TV69HX
- if (!InitializeSecurityDescriptor(pSDAbsolute, SECURITY_DESCRIPTOR_REVISION))
- {
- DisplayError("Failed to initialize the Security Descriptor");
- break;
- }
- // STEP 5. Add DACL to the security descriptor
- // SetSecurityDescriptorDacl - https://goo.gl/MfbbYp
- if (!SetSecurityDescriptorDacl(pSDAbsolute, TRUE, pDacl, FALSE))
- {
- DisplayError("Failed to add DACL to the Security Descriptor");
- break;
- }
- // STEP 6. Create a Security Attribute
- // SECURITY_ATTRIBUTES - https://goo.gl/BZ2sB3
- SECURITY_ATTRIBUTES sa{ sizeof(SECURITY_ATTRIBUTES), pSDAbsolute, FALSE };
- if (CreateFile("C:\\DisrPolitic\\test.txt", GENERIC_WRITE | GENERIC_READ, 0, &sa, CREATE_NEW, FILE_ATTRIBUTE_NORMAL, 0)) return MessageBox(NULL, "File was created!", "Message", MB_OK);
- else return MessageBox(NULL, "Error in creating of the file.", NULL, MB_OK);
- }
- // STEP 8. Release the allocated resources
- if (pSidEveryone)
- FreeSid(pSidEveryone);
- if (pSidAdministrators)
- FreeSid(pSidAdministrators);
- if (pDacl)
- LocalFree(pDacl);
- if (pSDAbsolute)
- GlobalFree(pSDAbsolute);
- if (hSubKey)
- RegCloseKey(hSubKey);
- }
- int main()
- {
- //TestSecurityDescriptor();
- CreateSecurityDescriptorDIR(); // punkt 2.4 up
- CreateSecurityDescriptorFile_341();
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement