Subversion Repositories Aucun

Rev

Rev 40 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
5 ixe013 1
// test.cpp : Defines the entry point for the console application.
2
//
3
 
4
#include <windows.h>
40 ixe013 5
#include <wincred.h>
5 ixe013 6
#include <tchar.h>
7
#include <stdio.h>
40 ixe013 8
#include <security.h>
9
#include <lm.h>
5 ixe013 10
#include "settings.h"
11
#include "unlockpolicy.h"
91 ixe013 12
#include "trace.h"
40 ixe013 13
#include "debug.h"
91 ixe013 14
#include "SecurityHelper.h"
5 ixe013 15
 
16
 
91 ixe013 17
//BEGIN - Found on Google Code search, now 404 http://www.cybertech.net/~sh0ksh0k/projects_new/TRET-1.0-PUBSRC/Shared/utils/security.c
18
BOOL EnablePrivilegeInToken(HANDLE hToken, const wchar_t *PrivilegeName)
19
{
20
    LUID Privilege;
21
    TOKEN_PRIVILEGES TokenPrivileges;
15 ixe013 22
 
91 ixe013 23
    if (!LookupPrivilegeValue(NULL, PrivilegeName, &Privilege)) return FALSE;
24
    TokenPrivileges.PrivilegeCount = 1;
25
    TokenPrivileges.Privileges[0].Luid = Privilege;
26
    TokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
27
    if (!AdjustTokenPrivileges(hToken, FALSE, &TokenPrivileges, sizeof(TokenPrivileges), NULL, NULL)) return FALSE;
28
    else if (GetLastError() == ERROR_NOT_ALL_ASSIGNED) return FALSE;
29
    return TRUE;
30
}
40 ixe013 31
 
32
 
91 ixe013 33
 
34
BOOL EnablePrivilege(const wchar_t *PrivilegeName)
35
{
36
    BOOL Result;
37
    HANDLE hToken;
38
    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) return FALSE;
39
    Result = EnablePrivilegeInToken(hToken, PrivilegeName);
40
    CloseHandle(hToken);
41
    return Result;
40 ixe013 42
}
43
 
91 ixe013 44
BOOL DisablePrivilegeInToken(HANDLE hToken, const wchar_t *PrivilegeName)
45
{
46
    LUID Privilege;
47
    TOKEN_PRIVILEGES TokenPrivileges;
40 ixe013 48
 
91 ixe013 49
    if (!LookupPrivilegeValue(NULL, PrivilegeName, &Privilege)) return FALSE;
50
    TokenPrivileges.PrivilegeCount = 1;
51
    TokenPrivileges.Privileges[0].Luid = Privilege;
52
    TokenPrivileges.Privileges[0].Attributes = 0;
53
    if (!AdjustTokenPrivileges(hToken, FALSE, &TokenPrivileges, sizeof(TokenPrivileges), NULL, NULL)) return FALSE;
54
    else if (GetLastError() == ERROR_NOT_ALL_ASSIGNED) return FALSE;
55
    return TRUE;
56
}
57
 
58
BOOL DisablePrivilege(const wchar_t *PrivilegeName)
59
{
60
    BOOL Result;
61
    HANDLE hToken;
62
    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) return FALSE;
63
    Result = DisablePrivilegeInToken(hToken, PrivilegeName);
64
    CloseHandle(hToken);
65
    return Result;
66
}
67
 
68
 
69
//END - Found on Google Code search, now 404 http://www.cybertech.net/~sh0ksh0k/projects_new/TRET-1.0-PUBSRC/Shared/utils/security.c
70
 
71
 
72
 
73
BOOL IsWindowsServer()
74
{
75
    OSVERSIONINFOEX osvi;
76
    DWORDLONG dwlConditionMask = 0;
77
 
78
    // Initialize the OSVERSIONINFOEX structure.
79
    ZeroMemory(&osvi, sizeof(OSVERSIONINFOEX));
80
    osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);
81
    osvi.dwMajorVersion = 5;
82
    osvi.wProductType = VER_NT_SERVER;
83
 
84
    // Initialize the condition mask.
85
    VER_SET_CONDITION(dwlConditionMask, VER_MAJORVERSION, VER_GREATER_EQUAL);
86
    VER_SET_CONDITION(dwlConditionMask, VER_PRODUCT_TYPE, VER_EQUAL);
87
 
88
    // Perform the test.
89
    return VerifyVersionInfo(&osvi, VER_MAJORVERSION | VER_PRODUCT_TYPE, dwlConditionMask);
90
}
91
 
92
 
93
 
5 ixe013 94
int _tmain(int argc, _TCHAR* argv[])
95
{
91 ixe013 96
    int result = -1;
40 ixe013 97
 
91 ixe013 98
    HANDLE lsa = 0;
99
    //wchar_t unlock[MAX_GROUPNAME] = L"";
100
 
101
    TRACE(L"-------------------------\n");
102
 
103
    //EnablePrivilege(L"SeTcbPrivilege");
104
    if(!RegisterLogonProcess(LOGON_PROCESS_NAME, &lsa))
105
        TRACEMSG(GetLastError());
106
 
107
    if(IsWindowsServer())
108
    {
109
        TRACE(L"Windows Server\n");
110
    }
111
    else
112
    {
113
        TRACE(L"Windows pas Server\n");
114
    }
115
 
116
    /*
40 ixe013 117
    if(GetGroupName(gUnlockGroupName, unlock, sizeof unlock / sizeof *unlock) == S_OK)
118
    {
91 ixe013 119
    wchar_t caption[512];
120
    wchar_t text[2048];
40 ixe013 121
 
91 ixe013 122
    OutputDebugString(L"Group name ");
123
    OutputDebugString(unlock);
124
    OutputDebugString(L"\n");
40 ixe013 125
 
91 ixe013 126
    if((GetNoticeText(L"Caption", caption, sizeof caption / sizeof *caption) == S_OK)
127
    && (GetNoticeText(L"Text", text, sizeof text / sizeof *text) == S_OK))
128
    {
129
    wchar_t message[MAX_USERNAME + sizeof text / sizeof *text];
130
    wchar_t *read = text;
131
    wchar_t *write = text;
40 ixe013 132
 
91 ixe013 133
    while(*read)
134
    {
135
    if((*read == '\\') && (*(read+1) == 'n'))
136
    {
137
    *write++ = '\n';
138
    read += 2;
139
    }
140
    else
141
    {
142
    *write++ = *read++;
143
    }
144
    }
40 ixe013 145
 
91 ixe013 146
    *write = 0;
40 ixe013 147
 
91 ixe013 148
    wsprintf(message, text, unlock); //Will insert group name if there is a %s in the message
149
    MessageBox(0, message, caption, MB_YESNOCANCEL|MB_ICONEXCLAMATION);
40 ixe013 150
    }
91 ixe013 151
    }
152
    */
22 ixe013 153
    if(argc > 1) for(int i=1; i<argc; ++i)
154
    {
91 ixe013 155
        //      wchar_t user[MAX_USERNAME];
156
        //      wchar_t domain[MAX_DOMAIN];
40 ixe013 157
        wchar_t passwd[MAX_PASSWORD];
91 ixe013 158
        wchar_t username[512];
159
        wchar_t domain[512];
40 ixe013 160
 
91 ixe013 161
        HANDLE current_user = 0;
5 ixe013 162
 
91 ixe013 163
        OpenProcessToken(GetCurrentProcess(), TOKEN_READ, &current_user);
164
 
165
        GetUsernameAndDomainFromToken(current_user, username, sizeof username / sizeof *username, domain, sizeof domain / sizeof *domain);
166
 
167
        if(ShouldHookUnlockPasswordDialog(current_user))
168
        {
169
            TRACE(L"Should hook.\n");
170
        }
171
 
40 ixe013 172
        if (_getws_s(passwd, MAX_PASSWORD) == passwd)
22 ixe013 173
        {
91 ixe013 174
            result = ShouldUnlockForUser(lsa, current_user, L".", argv[i], passwd);
175
 
176
            switch(result)
22 ixe013 177
            {
91 ixe013 178
            case eLetMSGINAHandleIt:
179
                TRACE(L"TEST result is eLetMSGINAHandleIt\n");
180
                wprintf(L"Actual result   : eLetMSGINAHandleIt\n");
181
                break;
182
            case eUnlock:
183
                TRACE(L"TEST result is eUnlock\n");
184
                wprintf(L"Actual result   : eUnlock\n");
185
                break;
186
            case eForceLogoff:
187
                TRACE(L"TEST result is eForceLogoff\n");
188
                wprintf(L"Actual result   : eForceLogoff\n");
189
                break;
22 ixe013 190
            }
191
        }
40 ixe013 192
        else
193
        {
91 ixe013 194
            TRACE(L"Unable to read password\n");
40 ixe013 195
            break;
196
        }
91 ixe013 197
 
198
        CloseHandle(current_user);
22 ixe013 199
    }
15 ixe013 200
 
91 ixe013 201
    LsaDeregisterLogonProcess(lsa);
202
    //DisablePrivilege(L"SeTcbPrivilege");
40 ixe013 203
 
91 ixe013 204
    return result;
5 ixe013 205
}
206