Merge pull request #27 from trailofbits/yarden/security-descriptor-view
Add window to view parsed security descriptor
This commit is contained in:
commit
675ee31c82
|
@ -209,6 +209,9 @@
|
||||||
<Compile Include="TabPages\RpcServerList.cs">
|
<Compile Include="TabPages\RpcServerList.cs">
|
||||||
<SubType>Component</SubType>
|
<SubType>Component</SubType>
|
||||||
</Compile>
|
</Compile>
|
||||||
|
<Compile Include="Windows\SecurityDescriptorView.cs">
|
||||||
|
<SubType>Form</SubType>
|
||||||
|
</Compile>
|
||||||
<Compile Include="Windows\Services.cs">
|
<Compile Include="Windows\Services.cs">
|
||||||
<SubType>Form</SubType>
|
<SubType>Form</SubType>
|
||||||
</Compile>
|
</Compile>
|
||||||
|
@ -249,6 +252,9 @@
|
||||||
<DependentUpon>Resources.resx</DependentUpon>
|
<DependentUpon>Resources.resx</DependentUpon>
|
||||||
<DesignTime>True</DesignTime>
|
<DesignTime>True</DesignTime>
|
||||||
</Compile>
|
</Compile>
|
||||||
|
<EmbeddedResource Include="Windows\SecurityDescriptorView.resx">
|
||||||
|
<DependentUpon>SecurityDescriptorView.cs</DependentUpon>
|
||||||
|
</EmbeddedResource>
|
||||||
<EmbeddedResource Include="Windows\Services.resx">
|
<EmbeddedResource Include="Windows\Services.resx">
|
||||||
<DependentUpon>Services.cs</DependentUpon>
|
<DependentUpon>Services.cs</DependentUpon>
|
||||||
</EmbeddedResource>
|
</EmbeddedResource>
|
||||||
|
|
|
@ -6,6 +6,9 @@
|
||||||
// the LICENSE file found in the root directory of this source tree.
|
// the LICENSE file found in the root directory of this source tree.
|
||||||
//
|
//
|
||||||
using BrightIdeasSoftware;
|
using BrightIdeasSoftware;
|
||||||
|
using NtApiDotNet.Win32;
|
||||||
|
using RpcInvestigator.Util;
|
||||||
|
using RpcInvestigator.Windows;
|
||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Text;
|
using System.Text;
|
||||||
|
@ -167,5 +170,27 @@ namespace RpcInvestigator.TabPages
|
||||||
});
|
});
|
||||||
Args.MenuStrip.Items.Add(textbox);
|
Args.MenuStrip.Items.Add(textbox);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public
|
||||||
|
static
|
||||||
|
void
|
||||||
|
ContextMenuViewSecurityDescriptor(
|
||||||
|
object Sender,
|
||||||
|
EventArgs Args
|
||||||
|
)
|
||||||
|
{
|
||||||
|
object tag = ((ToolStripMenuItem)Sender).Tag;
|
||||||
|
if (tag == null)
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
var args = (CellRightClickEventArgs)tag;
|
||||||
|
var model = args.Model as RpcAlpcServer;
|
||||||
|
var sd = model.SecurityDescriptor;
|
||||||
|
|
||||||
|
var sdView = new SecurityDescriptorView();
|
||||||
|
sdView.BuildSdView(sd.ToString());
|
||||||
|
sdView.Show();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,6 +20,8 @@ using System.Security.AccessControl;
|
||||||
using Newtonsoft.Json.Linq;
|
using Newtonsoft.Json.Linq;
|
||||||
using RpcInvestigator.Util;
|
using RpcInvestigator.Util;
|
||||||
using System.ServiceModel.Channels;
|
using System.ServiceModel.Channels;
|
||||||
|
using System.Text;
|
||||||
|
using RpcInvestigator.Windows;
|
||||||
|
|
||||||
namespace RpcInvestigator
|
namespace RpcInvestigator
|
||||||
{
|
{
|
||||||
|
@ -68,14 +70,7 @@ namespace RpcInvestigator
|
||||||
{
|
{
|
||||||
if (col.Name == "SecurityDescriptor")
|
if (col.Name == "SecurityDescriptor")
|
||||||
{
|
{
|
||||||
col.AspectToStringConverter = delegate (object Item)
|
col.IsVisible = false;
|
||||||
{
|
|
||||||
if (Item == null)
|
|
||||||
{
|
|
||||||
return "";
|
|
||||||
}
|
|
||||||
return SddlParser.Parse(Item.ToString());
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -204,6 +199,7 @@ namespace RpcInvestigator
|
||||||
{
|
{
|
||||||
TabPages.ContextMenu.BuildRightClickMenu(Args, new List<ToolStripMenuItem>{
|
TabPages.ContextMenu.BuildRightClickMenu(Args, new List<ToolStripMenuItem>{
|
||||||
new ToolStripMenuItem("Open in Library", null, ContextMenuOpenAlpcServerInLibrary),
|
new ToolStripMenuItem("Open in Library", null, ContextMenuOpenAlpcServerInLibrary),
|
||||||
|
new ToolStripMenuItem("View Security Descriptor", null, TabPages.ContextMenu.ContextMenuViewSecurityDescriptor),
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -15,6 +15,7 @@ using AceType = NtApiDotNet.AceType;
|
||||||
using AceFlags = NtApiDotNet.AceFlags;
|
using AceFlags = NtApiDotNet.AceFlags;
|
||||||
using System.Runtime.InteropServices;
|
using System.Runtime.InteropServices;
|
||||||
using System.Diagnostics;
|
using System.Diagnostics;
|
||||||
|
using RpcInvestigator.Windows;
|
||||||
|
|
||||||
namespace RpcInvestigator.Util
|
namespace RpcInvestigator.Util
|
||||||
{
|
{
|
||||||
|
@ -22,11 +23,11 @@ namespace RpcInvestigator.Util
|
||||||
|
|
||||||
public static class SddlParser
|
public static class SddlParser
|
||||||
{
|
{
|
||||||
private static string SidToString(SecurityIdentifier SidValue)
|
public static string SidToString(SecurityIdentifier SidValue)
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
return SidValue.Translate(typeof(NTAccount)).Value;
|
return SidValue.ToString() + " (" + SidValue.Translate(typeof(NTAccount)).Value + ")";
|
||||||
}
|
}
|
||||||
catch
|
catch
|
||||||
{
|
{
|
||||||
|
@ -34,6 +35,54 @@ namespace RpcInvestigator.Util
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static Ace GetAce(GenericAce ace)
|
||||||
|
{
|
||||||
|
var aceData = new byte[ace.BinaryLength];
|
||||||
|
IntPtr acePointer = Marshal.AllocHGlobal(ace.BinaryLength);
|
||||||
|
IntPtr currentPointer = acePointer;
|
||||||
|
try
|
||||||
|
{
|
||||||
|
ace.GetBinaryForm(aceData, 0);
|
||||||
|
Marshal.Copy(aceData, 0, currentPointer, ace.BinaryLength);
|
||||||
|
var header = (ACE_HEADER)Marshal.PtrToStructure(
|
||||||
|
currentPointer, typeof(ACE_HEADER));
|
||||||
|
//
|
||||||
|
// What follows the header depends on the ACE type, but the
|
||||||
|
// access mask, which is the last part we need, is always
|
||||||
|
// directly after the header.
|
||||||
|
//
|
||||||
|
currentPointer = IntPtr.Add(
|
||||||
|
currentPointer, Marshal.SizeOf(typeof(ACE_HEADER)));
|
||||||
|
var accessMask = Marshal.ReadInt32(currentPointer);
|
||||||
|
currentPointer = IntPtr.Add(currentPointer, 4);
|
||||||
|
var type = (AceType)header.AceType;
|
||||||
|
if (IsObjectAceType(type))
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// Skip 32 bytes (object type and inherited object type)
|
||||||
|
//
|
||||||
|
currentPointer = IntPtr.Add(currentPointer, 32);
|
||||||
|
}
|
||||||
|
|
||||||
|
var sid = new Sid(currentPointer);
|
||||||
|
return new Ace((AceType)header.AceType,
|
||||||
|
(AceFlags)header.AceFlags,
|
||||||
|
accessMask,
|
||||||
|
sid);
|
||||||
|
}
|
||||||
|
catch (Exception ex)
|
||||||
|
{
|
||||||
|
Trace(TraceLoggerType.SddlParser,
|
||||||
|
TraceEventType.Error,
|
||||||
|
"Exception parsing SDDL string: " + ex.Message);
|
||||||
|
}
|
||||||
|
finally
|
||||||
|
{
|
||||||
|
Marshal.FreeHGlobal(acePointer);
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
private static string AclToString(RawAcl Acl)
|
private static string AclToString(RawAcl Acl)
|
||||||
{
|
{
|
||||||
StringBuilder result = new StringBuilder();
|
StringBuilder result = new StringBuilder();
|
||||||
|
@ -44,50 +93,17 @@ namespace RpcInvestigator.Util
|
||||||
}
|
}
|
||||||
foreach (var ace in Acl)
|
foreach (var ace in Acl)
|
||||||
{
|
{
|
||||||
var aceData = new byte[ace.BinaryLength];
|
var ntAce = GetAce(ace);
|
||||||
IntPtr acePointer = Marshal.AllocHGlobal(ace.BinaryLength);
|
if (ntAce != null)
|
||||||
IntPtr currentPointer = acePointer;
|
|
||||||
try
|
|
||||||
{
|
{
|
||||||
ace.GetBinaryForm(aceData, 0);
|
if (ntAce.Type != AceType.Allowed)
|
||||||
Marshal.Copy(aceData, 0, currentPointer, ace.BinaryLength);
|
|
||||||
var header = (ACE_HEADER)Marshal.PtrToStructure(
|
|
||||||
currentPointer, typeof(ACE_HEADER));
|
|
||||||
//
|
|
||||||
// What follows the header depends on the ACE type, but the
|
|
||||||
// access mask, which is the last part we need, is always
|
|
||||||
// directly after the header.
|
|
||||||
//
|
|
||||||
currentPointer = IntPtr.Add(
|
|
||||||
currentPointer, Marshal.SizeOf(typeof(ACE_HEADER)));
|
|
||||||
var accessMask = Marshal.ReadInt32(currentPointer);
|
|
||||||
currentPointer = IntPtr.Add(currentPointer, 4);
|
|
||||||
var type = (AceType)header.AceType;
|
|
||||||
if (IsObjectAceType(type))
|
|
||||||
{
|
{
|
||||||
//
|
result.Append("Type: " + ntAce.Type.ToString() + ", ");
|
||||||
// Skip 32 bytes (object type and inherited object type)
|
|
||||||
//
|
|
||||||
currentPointer = IntPtr.Add(currentPointer, 32);
|
|
||||||
}
|
}
|
||||||
|
result.Append("Sid: " + ntAce.Sid.ToString() +
|
||||||
var sid = new Sid(currentPointer);
|
" (" + ntAce.Sid.Name + ")" +
|
||||||
var ntAce = new Ace((AceType)header.AceType,
|
", Mask: " + String.Format("0x{0:X}", ntAce.Mask));
|
||||||
(AceFlags)header.AceFlags,
|
result.AppendLine();
|
||||||
accessMask,
|
|
||||||
sid);
|
|
||||||
result.Append(ntAce.ToString() + ", ");
|
|
||||||
}
|
|
||||||
catch (Exception ex)
|
|
||||||
{
|
|
||||||
Trace(TraceLoggerType.SddlParser,
|
|
||||||
TraceEventType.Error,
|
|
||||||
"Exception parsing SDDL string: " + ex.Message);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
finally
|
|
||||||
{
|
|
||||||
Marshal.FreeHGlobal(acePointer);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return result.ToString();
|
return result.ToString();
|
||||||
|
@ -110,6 +126,7 @@ namespace RpcInvestigator.Util
|
||||||
result.AppendLine("Owner: " + SidToString(descriptor.Owner));
|
result.AppendLine("Owner: " + SidToString(descriptor.Owner));
|
||||||
result.AppendLine("Group: " + SidToString(descriptor.Group));
|
result.AppendLine("Group: " + SidToString(descriptor.Group));
|
||||||
result.Append("Discretionary ACL: ");
|
result.Append("Discretionary ACL: ");
|
||||||
|
result.AppendLine();
|
||||||
result.Append(AclToString(descriptor.DiscretionaryAcl));
|
result.Append(AclToString(descriptor.DiscretionaryAcl));
|
||||||
result.AppendLine();
|
result.AppendLine();
|
||||||
result.Append("System ACL: ");
|
result.Append("System ACL: ");
|
||||||
|
|
|
@ -0,0 +1,256 @@
|
||||||
|
using BrightIdeasSoftware;
|
||||||
|
using RpcInvestigator.Util;
|
||||||
|
using System;
|
||||||
|
using System.Security.AccessControl;
|
||||||
|
using System.Windows.Forms;
|
||||||
|
using NtApiDotNet;
|
||||||
|
|
||||||
|
namespace RpcInvestigator.Windows
|
||||||
|
{
|
||||||
|
public partial class SecurityDescriptorView : Form
|
||||||
|
{
|
||||||
|
private RichTextBox richTextBox1;
|
||||||
|
private CheckedListBox checkedListBox1;
|
||||||
|
private FastObjectListView fastObjectListView1;
|
||||||
|
private OLVColumn olvColumn1;
|
||||||
|
private OLVColumn olvColumn2;
|
||||||
|
private OLVColumn olvColumn3;
|
||||||
|
private OLVColumn olvColumn4;
|
||||||
|
private Button button1;
|
||||||
|
|
||||||
|
public SecurityDescriptorView(
|
||||||
|
|
||||||
|
)
|
||||||
|
{
|
||||||
|
InitializeComponent();
|
||||||
|
}
|
||||||
|
|
||||||
|
public void AddRow(
|
||||||
|
Ace ace
|
||||||
|
)
|
||||||
|
{
|
||||||
|
AceView aceView = new AceView();
|
||||||
|
aceView.Flags = ace.Flags;
|
||||||
|
aceView.Type = ace.Type;
|
||||||
|
aceView.Mask = ace.Mask;
|
||||||
|
aceView.Sid = ace.Sid.ToString() + " (" + ace.Sid.Name + ")";
|
||||||
|
|
||||||
|
fastObjectListView1.AddObject(aceView);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void AddOwner(
|
||||||
|
string Owner
|
||||||
|
)
|
||||||
|
{
|
||||||
|
this.richTextBox1.Text += "Owner: " + Owner + "\n";
|
||||||
|
}
|
||||||
|
public void AddGroup(
|
||||||
|
string Group
|
||||||
|
)
|
||||||
|
{
|
||||||
|
this.richTextBox1.Text += "Group: " + Group + "\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
private void InitializeComponent()
|
||||||
|
{
|
||||||
|
this.button1 = new System.Windows.Forms.Button();
|
||||||
|
this.richTextBox1 = new System.Windows.Forms.RichTextBox();
|
||||||
|
this.checkedListBox1 = new System.Windows.Forms.CheckedListBox();
|
||||||
|
this.fastObjectListView1 = new BrightIdeasSoftware.FastObjectListView();
|
||||||
|
this.olvColumn1 = ((BrightIdeasSoftware.OLVColumn)(new BrightIdeasSoftware.OLVColumn()));
|
||||||
|
this.olvColumn2 = ((BrightIdeasSoftware.OLVColumn)(new BrightIdeasSoftware.OLVColumn()));
|
||||||
|
this.olvColumn3 = ((BrightIdeasSoftware.OLVColumn)(new BrightIdeasSoftware.OLVColumn()));
|
||||||
|
this.olvColumn4 = ((BrightIdeasSoftware.OLVColumn)(new BrightIdeasSoftware.OLVColumn()));
|
||||||
|
((System.ComponentModel.ISupportInitialize)(this.fastObjectListView1)).BeginInit();
|
||||||
|
this.SuspendLayout();
|
||||||
|
//
|
||||||
|
// button1
|
||||||
|
//
|
||||||
|
this.button1.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Bottom | System.Windows.Forms.AnchorStyles.Right)));
|
||||||
|
this.button1.Location = new System.Drawing.Point(543, 262);
|
||||||
|
this.button1.Name = "button1";
|
||||||
|
this.button1.Size = new System.Drawing.Size(71, 26);
|
||||||
|
this.button1.TabIndex = 0;
|
||||||
|
this.button1.Text = "OK";
|
||||||
|
this.button1.UseVisualStyleBackColor = true;
|
||||||
|
this.button1.Click += new System.EventHandler(this.button1_Click);
|
||||||
|
//
|
||||||
|
// richTextBox1
|
||||||
|
//
|
||||||
|
this.richTextBox1.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Bottom | System.Windows.Forms.AnchorStyles.Left)
|
||||||
|
| System.Windows.Forms.AnchorStyles.Right)));
|
||||||
|
this.richTextBox1.Location = new System.Drawing.Point(12, 158);
|
||||||
|
this.richTextBox1.Name = "richTextBox1";
|
||||||
|
this.richTextBox1.ReadOnly = true;
|
||||||
|
this.richTextBox1.Size = new System.Drawing.Size(304, 100);
|
||||||
|
this.richTextBox1.TabIndex = 2;
|
||||||
|
this.richTextBox1.Text = "";
|
||||||
|
//
|
||||||
|
// checkedListBox1
|
||||||
|
//
|
||||||
|
this.checkedListBox1.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Bottom | System.Windows.Forms.AnchorStyles.Right)));
|
||||||
|
this.checkedListBox1.FormattingEnabled = true;
|
||||||
|
this.checkedListBox1.Items.AddRange(new object[] {
|
||||||
|
"Connect",
|
||||||
|
"Delete",
|
||||||
|
"Read Control",
|
||||||
|
"Write DAC",
|
||||||
|
"Write Owner",
|
||||||
|
"Synchronize"});
|
||||||
|
this.checkedListBox1.Location = new System.Drawing.Point(322, 158);
|
||||||
|
this.checkedListBox1.Name = "checkedListBox1";
|
||||||
|
this.checkedListBox1.SelectionMode = System.Windows.Forms.SelectionMode.None;
|
||||||
|
this.checkedListBox1.Size = new System.Drawing.Size(292, 89);
|
||||||
|
this.checkedListBox1.TabIndex = 3;
|
||||||
|
//
|
||||||
|
// fastObjectListView1
|
||||||
|
//
|
||||||
|
this.fastObjectListView1.AllColumns.Add(this.olvColumn1);
|
||||||
|
this.fastObjectListView1.AllColumns.Add(this.olvColumn2);
|
||||||
|
this.fastObjectListView1.AllColumns.Add(this.olvColumn3);
|
||||||
|
this.fastObjectListView1.AllColumns.Add(this.olvColumn4);
|
||||||
|
this.fastObjectListView1.Anchor = ((System.Windows.Forms.AnchorStyles)((((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
|
||||||
|
| System.Windows.Forms.AnchorStyles.Left)
|
||||||
|
| System.Windows.Forms.AnchorStyles.Right)));
|
||||||
|
this.fastObjectListView1.Columns.AddRange(new System.Windows.Forms.ColumnHeader[] {
|
||||||
|
this.olvColumn1,
|
||||||
|
this.olvColumn2,
|
||||||
|
this.olvColumn3,
|
||||||
|
this.olvColumn4});
|
||||||
|
this.fastObjectListView1.HideSelection = false;
|
||||||
|
this.fastObjectListView1.Location = new System.Drawing.Point(12, 12);
|
||||||
|
this.fastObjectListView1.Name = "fastObjectListView1";
|
||||||
|
this.fastObjectListView1.ShowGroups = false;
|
||||||
|
this.fastObjectListView1.Size = new System.Drawing.Size(602, 140);
|
||||||
|
this.fastObjectListView1.TabIndex = 4;
|
||||||
|
this.fastObjectListView1.UseCompatibleStateImageBehavior = false;
|
||||||
|
this.fastObjectListView1.View = System.Windows.Forms.View.Details;
|
||||||
|
this.fastObjectListView1.VirtualMode = true;
|
||||||
|
this.fastObjectListView1.SelectedIndexChanged += FastObjectListView1_SelectedIndexChanged;
|
||||||
|
//
|
||||||
|
// olvColumn1
|
||||||
|
//
|
||||||
|
this.olvColumn1.AspectName = "Sid";
|
||||||
|
this.olvColumn1.IsEditable = false;
|
||||||
|
this.olvColumn1.Text = "Sid";
|
||||||
|
this.olvColumn1.Width = 250;
|
||||||
|
//
|
||||||
|
// olvColumn2
|
||||||
|
//
|
||||||
|
this.olvColumn2.AspectName = "Mask";
|
||||||
|
this.olvColumn2.IsEditable = false;
|
||||||
|
this.olvColumn2.Text = "Mask";
|
||||||
|
this.olvColumn2.Width = 50;
|
||||||
|
//
|
||||||
|
// olvColumn3
|
||||||
|
//
|
||||||
|
this.olvColumn3.AspectName = "Type";
|
||||||
|
this.olvColumn3.IsEditable = false;
|
||||||
|
this.olvColumn3.Text = "Type";
|
||||||
|
this.olvColumn3.Width = 70;
|
||||||
|
//
|
||||||
|
// olvColumn4
|
||||||
|
//
|
||||||
|
this.olvColumn4.AspectName = "Flags";
|
||||||
|
this.olvColumn4.IsEditable = false;
|
||||||
|
this.olvColumn4.Text = "Flags";
|
||||||
|
this.olvColumn4.Width = 50;
|
||||||
|
//
|
||||||
|
// SecurityDescriptorView
|
||||||
|
//
|
||||||
|
this.ClientSize = new System.Drawing.Size(626, 300);
|
||||||
|
this.Controls.Add(this.fastObjectListView1);
|
||||||
|
this.Controls.Add(this.checkedListBox1);
|
||||||
|
this.Controls.Add(this.richTextBox1);
|
||||||
|
this.Controls.Add(this.button1);
|
||||||
|
this.Name = "SecurityDescriptorView";
|
||||||
|
this.Text = "Security Descriptor";
|
||||||
|
((System.ComponentModel.ISupportInitialize)(this.fastObjectListView1)).EndInit();
|
||||||
|
this.ResumeLayout(false);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
private void FastObjectListView1_SelectedIndexChanged(object sender, EventArgs e)
|
||||||
|
{
|
||||||
|
FastObjectListView view = (FastObjectListView)sender;
|
||||||
|
if (view.SelectedIndex < 0)
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
var row = this.fastObjectListView1.Items[view.SelectedIndex];
|
||||||
|
var mask = Convert.ToInt32(row.SubItems[1].Text.ToString(), 16);
|
||||||
|
|
||||||
|
foreach (int i in this.checkedListBox1.CheckedIndices)
|
||||||
|
{
|
||||||
|
this.checkedListBox1.SetItemCheckState(i, CheckState.Unchecked);
|
||||||
|
}
|
||||||
|
if ((mask & 1) == 1)
|
||||||
|
{
|
||||||
|
this.checkedListBox1.SetItemCheckState(0, CheckState.Checked);
|
||||||
|
}
|
||||||
|
if ((mask & 0x10000) == 0x10000)
|
||||||
|
{
|
||||||
|
this.checkedListBox1.SetItemCheckState(1, CheckState.Checked);
|
||||||
|
}
|
||||||
|
if ((mask & 0x20000) == 0x20000)
|
||||||
|
{
|
||||||
|
this.checkedListBox1.SetItemCheckState(2, CheckState.Checked);
|
||||||
|
}
|
||||||
|
if ((mask & 0x40000) == 0x40000)
|
||||||
|
{
|
||||||
|
this.checkedListBox1.SetItemCheckState(3, CheckState.Checked);
|
||||||
|
}
|
||||||
|
if ((mask & 0x80000) == 0x80000)
|
||||||
|
{
|
||||||
|
this.checkedListBox1.SetItemCheckState(4, CheckState.Checked);
|
||||||
|
}
|
||||||
|
if ((mask & 0x100000) == 0x100000)
|
||||||
|
{
|
||||||
|
this.checkedListBox1.SetItemCheckState(5, CheckState.Checked);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void BuildSdView(
|
||||||
|
string SddlString
|
||||||
|
)
|
||||||
|
{
|
||||||
|
RawSecurityDescriptor descriptor;
|
||||||
|
try
|
||||||
|
{
|
||||||
|
descriptor = new RawSecurityDescriptor(SddlString);
|
||||||
|
}
|
||||||
|
catch (Exception ex)
|
||||||
|
{
|
||||||
|
throw new Exception("Unable to create RawSecurityDescriptor from " +
|
||||||
|
"the provided SDDL string '" + SddlString + "': " + ex.Message);
|
||||||
|
}
|
||||||
|
|
||||||
|
AddOwner(SddlParser.SidToString(descriptor.Owner));
|
||||||
|
AddGroup(SddlParser.SidToString(descriptor.Group));
|
||||||
|
if (descriptor.DiscretionaryAcl == null)
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
foreach (var ace in descriptor.DiscretionaryAcl)
|
||||||
|
{
|
||||||
|
var ntAce = SddlParser.GetAce(ace);
|
||||||
|
if (ntAce != null)
|
||||||
|
{
|
||||||
|
AddRow(ntAce);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void button1_Click(object sender, EventArgs e)
|
||||||
|
{
|
||||||
|
this.Close();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
class AceView
|
||||||
|
{
|
||||||
|
public NtApiDotNet.AceType Type { get; set; }
|
||||||
|
public NtApiDotNet.AceFlags Flags { get; set; }
|
||||||
|
public AccessMask Mask { get; set; }
|
||||||
|
public string Sid { get; set; }
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,120 @@
|
||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<root>
|
||||||
|
<!--
|
||||||
|
Microsoft ResX Schema
|
||||||
|
|
||||||
|
Version 2.0
|
||||||
|
|
||||||
|
The primary goals of this format is to allow a simple XML format
|
||||||
|
that is mostly human readable. The generation and parsing of the
|
||||||
|
various data types are done through the TypeConverter classes
|
||||||
|
associated with the data types.
|
||||||
|
|
||||||
|
Example:
|
||||||
|
|
||||||
|
... ado.net/XML headers & schema ...
|
||||||
|
<resheader name="resmimetype">text/microsoft-resx</resheader>
|
||||||
|
<resheader name="version">2.0</resheader>
|
||||||
|
<resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
|
||||||
|
<resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
|
||||||
|
<data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
|
||||||
|
<data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
|
||||||
|
<data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
|
||||||
|
<value>[base64 mime encoded serialized .NET Framework object]</value>
|
||||||
|
</data>
|
||||||
|
<data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
|
||||||
|
<value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
|
||||||
|
<comment>This is a comment</comment>
|
||||||
|
</data>
|
||||||
|
|
||||||
|
There are any number of "resheader" rows that contain simple
|
||||||
|
name/value pairs.
|
||||||
|
|
||||||
|
Each data row contains a name, and value. The row also contains a
|
||||||
|
type or mimetype. Type corresponds to a .NET class that support
|
||||||
|
text/value conversion through the TypeConverter architecture.
|
||||||
|
Classes that don't support this are serialized and stored with the
|
||||||
|
mimetype set.
|
||||||
|
|
||||||
|
The mimetype is used for serialized objects, and tells the
|
||||||
|
ResXResourceReader how to depersist the object. This is currently not
|
||||||
|
extensible. For a given mimetype the value must be set accordingly:
|
||||||
|
|
||||||
|
Note - application/x-microsoft.net.object.binary.base64 is the format
|
||||||
|
that the ResXResourceWriter will generate, however the reader can
|
||||||
|
read any of the formats listed below.
|
||||||
|
|
||||||
|
mimetype: application/x-microsoft.net.object.binary.base64
|
||||||
|
value : The object must be serialized with
|
||||||
|
: System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
|
||||||
|
: and then encoded with base64 encoding.
|
||||||
|
|
||||||
|
mimetype: application/x-microsoft.net.object.soap.base64
|
||||||
|
value : The object must be serialized with
|
||||||
|
: System.Runtime.Serialization.Formatters.Soap.SoapFormatter
|
||||||
|
: and then encoded with base64 encoding.
|
||||||
|
|
||||||
|
mimetype: application/x-microsoft.net.object.bytearray.base64
|
||||||
|
value : The object must be serialized into a byte array
|
||||||
|
: using a System.ComponentModel.TypeConverter
|
||||||
|
: and then encoded with base64 encoding.
|
||||||
|
-->
|
||||||
|
<xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
|
||||||
|
<xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
|
||||||
|
<xsd:element name="root" msdata:IsDataSet="true">
|
||||||
|
<xsd:complexType>
|
||||||
|
<xsd:choice maxOccurs="unbounded">
|
||||||
|
<xsd:element name="metadata">
|
||||||
|
<xsd:complexType>
|
||||||
|
<xsd:sequence>
|
||||||
|
<xsd:element name="value" type="xsd:string" minOccurs="0" />
|
||||||
|
</xsd:sequence>
|
||||||
|
<xsd:attribute name="name" use="required" type="xsd:string" />
|
||||||
|
<xsd:attribute name="type" type="xsd:string" />
|
||||||
|
<xsd:attribute name="mimetype" type="xsd:string" />
|
||||||
|
<xsd:attribute ref="xml:space" />
|
||||||
|
</xsd:complexType>
|
||||||
|
</xsd:element>
|
||||||
|
<xsd:element name="assembly">
|
||||||
|
<xsd:complexType>
|
||||||
|
<xsd:attribute name="alias" type="xsd:string" />
|
||||||
|
<xsd:attribute name="name" type="xsd:string" />
|
||||||
|
</xsd:complexType>
|
||||||
|
</xsd:element>
|
||||||
|
<xsd:element name="data">
|
||||||
|
<xsd:complexType>
|
||||||
|
<xsd:sequence>
|
||||||
|
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
|
||||||
|
<xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
|
||||||
|
</xsd:sequence>
|
||||||
|
<xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
|
||||||
|
<xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
|
||||||
|
<xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
|
||||||
|
<xsd:attribute ref="xml:space" />
|
||||||
|
</xsd:complexType>
|
||||||
|
</xsd:element>
|
||||||
|
<xsd:element name="resheader">
|
||||||
|
<xsd:complexType>
|
||||||
|
<xsd:sequence>
|
||||||
|
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
|
||||||
|
</xsd:sequence>
|
||||||
|
<xsd:attribute name="name" type="xsd:string" use="required" />
|
||||||
|
</xsd:complexType>
|
||||||
|
</xsd:element>
|
||||||
|
</xsd:choice>
|
||||||
|
</xsd:complexType>
|
||||||
|
</xsd:element>
|
||||||
|
</xsd:schema>
|
||||||
|
<resheader name="resmimetype">
|
||||||
|
<value>text/microsoft-resx</value>
|
||||||
|
</resheader>
|
||||||
|
<resheader name="version">
|
||||||
|
<value>2.0</value>
|
||||||
|
</resheader>
|
||||||
|
<resheader name="reader">
|
||||||
|
<value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
|
||||||
|
</resheader>
|
||||||
|
<resheader name="writer">
|
||||||
|
<value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
|
||||||
|
</resheader>
|
||||||
|
</root>
|
Loading…
Reference in New Issue