test: uipers.c Source File

00001 /*++ 00002 00003 Copyright (c) 1989 Microsoft Corporation 00004 00005 Module Name: 00006 00007 uipers.c 00008 00009 Abstract: 00010 00011 Temporary security context display command. 00012 00013 00014 Author: 00015 00016 Jim Kelly (JimK) 23-May-1991 00017 00018 Revision History: 00019 00020 --*/ 00021 00022 #include <nt.h> 00023 #include <ntrtl.h> 00024 #include <nturtl.h> 00025 #include <stdio.h> 00026 #include <string.h> 00027 00028 #define _TST_USER_ // User mode test 00029 00030 00031 #include "tsevars.c" // Common test variables 00032 #include "tsecomm.c" // Mode dependent macros and routines. 00033 00034 00035 GUID SystemAuthenticationId = SYSTEM_GUID; 00036 00037 00038 VOID 00039 DisplaySecurityContext( 00040 IN HANDLE TokenHandle 00041 ); 00042 00043 00044 VOID 00045 DisplayAccountSid( 00046 PISID Sid 00047 ); 00048 00049 00050 BOOLEAN 00051 SidTranslation( 00052 PSID Sid, 00053 PSTRING AccountName 00054 ); 00055 00056 00057 00058 00060 // // 00061 // Private Macros // 00062 // // 00064 00065 00066 #define PrintGuid(G) \ 00067 printf( "(0x%lx-%hx-%hx-%hx-%hx-%hx-%hx-%hx-%hx-%hx-%hx)\n", \ 00068 (G)->Data1, (G)->Data2, (G)->Data3, \ 00069 (G)->Data4[0], (G)->Data4[1], (G)->Data4[2], \ 00070 (G)->Data4[3], (G)->Data4[4], (G)->Data4[5], \ 00071 (G)->Data4[6], (G)->Data4[7]); \ 00072 00073 00074 BOOLEAN 00075 SidTranslation( 00076 PSID Sid, 00077 PSTRING AccountName 00078 ) 00079 // AccountName is expected to have a large maximum length 00080 00081 { 00082 if (RtlEqualSid(Sid, WorldSid)) { 00083 RtlInitString( AccountName, "WORLD"); 00084 return(TRUE); 00085 } 00086 00087 if (RtlEqualSid(Sid, LocalSid)) { 00088 RtlInitString( AccountName, "LOCAL"); 00089 00090 return(TRUE); 00091 } 00092 00093 if (RtlEqualSid(Sid, NetworkSid)) { 00094 RtlInitString( AccountName, "NETWORK"); 00095 00096 return(TRUE); 00097 } 00098 00099 if (RtlEqualSid(Sid, BatchSid)) { 00100 RtlInitString( AccountName, "BATCH"); 00101 00102 return(TRUE); 00103 } 00104 00105 if (RtlEqualSid(Sid, InteractiveSid)) { 00106 RtlInitString( AccountName, "INTERACTIVE"); 00107 return(TRUE); 00108 } 00109 00110 if (RtlEqualSid(Sid, LocalSystemSid)) { 00111 RtlInitString( AccountName, "SYSTEM"); 00112 return(TRUE); 00113 } 00114 00115 if (RtlEqualSid(Sid, LocalManagerSid)) { 00116 RtlInitString( AccountName, "LOCAL MANAGER"); 00117 return(TRUE); 00118 } 00119 00120 if (RtlEqualSid(Sid, LocalAdminSid)) { 00121 RtlInitString( AccountName, "LOCAL ADMIN"); 00122 return(TRUE); 00123 } 00124 00125 return(FALSE); 00126 00127 } 00128 00129 00130 VOID 00131 DisplayAccountSid( 00132 PISID Sid 00133 ) 00134 { 00135 UCHAR Buffer[128]; 00136 STRING AccountName; 00137 UCHAR i; 00138 ULONG Tmp; 00139 00140 Buffer[0] = 0; 00141 00142 AccountName.MaximumLength = 127; 00143 AccountName.Length = 0; 00144 AccountName.Buffer = (PVOID)&Buffer[0]; 00145 00146 00147 00148 if (SidTranslation( (PSID)Sid, &AccountName) ) { 00149 00150 printf("%s\n", AccountName.Buffer ); 00151 00152 } else { 00153 printf("S-%lu-", (USHORT)Sid->Revision ); 00154 if ( (Sid->IdentifierAuthority.Value[0] != 0) || 00155 (Sid->IdentifierAuthority.Value[1] != 0) ){ 00156 printf("0x%02hx%02hx%02hx%02hx%02hx%02hx", 00157 (USHORT)Sid->IdentifierAuthority.Value[0], 00158 (USHORT)Sid->IdentifierAuthority.Value[1], 00159 (USHORT)Sid->IdentifierAuthority.Value[2], 00160 (USHORT)Sid->IdentifierAuthority.Value[3], 00161 (USHORT)Sid->IdentifierAuthority.Value[4], 00162 (USHORT)Sid->IdentifierAuthority.Value[5] ); 00163 } else { 00164 Tmp = (ULONG)Sid->IdentifierAuthority.Value[5] + 00165 (ULONG)(Sid->IdentifierAuthority.Value[4] << 8) + 00166 (ULONG)(Sid->IdentifierAuthority.Value[3] << 16) + 00167 (ULONG)(Sid->IdentifierAuthority.Value[2] << 24); 00168 printf("%lu", Tmp); 00169 } 00170 00171 00172 for (i=0;i<Sid->SubAuthorityCount ;i++ ) { 00173 printf("-%lu", Sid->SubAuthority[i]); 00174 } 00175 printf("\n"); 00176 00177 } 00178 00179 } 00180 00181 00182 00183 BOOLEAN 00184 DisplayPrivilegeName( 00185 PLUID Privilege 00186 ) 00187 { 00188 00189 // 00190 // This should be rewritten to use RtlLookupPrivilegeName. 00191 // 00192 // First we should probably spec and write RtlLookupPrivilegeName. 00193 // 00194 00195 if ( ((*Privilege)QuadPart == CreateTokenPrivilege.QuadPart)) { 00196 printf("SeCreateTokenPrivilege "); 00197 return(TRUE); 00198 } 00199 00200 if ( ((*Privilege).QuadPart == AssignPrimaryTokenPrivilege.QuadPart)) { 00201 printf("SeAssignPrimaryTokenPrivilege "); 00202 return(TRUE); 00203 } 00204 00205 if ( ((*Privilege).QuadPart == LockMemoryPrivilege.QuadPart)) { 00206 printf("SeLockMemoryPrivilege "); 00207 return(TRUE); 00208 } 00209 00210 if ( ((*Privilege).QuadPart == IncreaseQuotaPrivilege.QuadPart)) { 00211 printf("SeIncreaseQuotaPrivilege "); 00212 return(TRUE); 00213 } 00214 00215 if ( ((*Privilege).QuadPart == UnsolicitedInputPrivilege.QuadPart)) { 00216 printf("SeUnsolicitedInputPrivilege "); 00217 return(TRUE); 00218 } 00219 00220 if ( ((*Privilege).QuadPart == TcbPrivilege.QuadPart)) { 00221 printf("SeTcbPrivilege "); 00222 return(TRUE); 00223 } 00224 00225 if ( ((*Privilege).QuadPart == SecurityPrivilege.QuadPart)) { 00226 printf("SeSecurityPrivilege (Security Operator) "); 00227 return(TRUE); 00228 } 00229 00230 00231 if ( ((*Privilege).QuadPart == TakeOwnershipPrivilege.QuadPart)) { 00232 printf("SeTakeOwnershipPrivilege "); 00233 return(TRUE); 00234 } 00235 00236 if ( ((*Privilege).QuadPart == LpcReplyBoostPrivilege.QuadPart)) { 00237 printf("SeLpcReplyBoostPrivilege "); 00238 return(TRUE); 00239 } 00240 00241 if ( ((*Privilege).QuadPart == CreatePagefilePrivilege.QuadPart)) { 00242 printf("SeCreatePagefilePrivilege "); 00243 return(TRUE); 00244 } 00245 00246 if ( ((*Privilege).QuadPart == IncreaseBasePriorityPrivilege.QuadPart)) { 00247 printf("SeIncreaseBasePriorityPrivilege "); 00248 return(TRUE); 00249 } 00250 00251 if ( ((*Privilege).QuadPart == SystemProfilePrivilege.QuadPart)) { 00252 printf("SeSystemProfilePrivilege "); 00253 return(TRUE); 00254 } 00255 00256 if ( ((*Privilege).QuadPart == SystemtimePrivilege.QuadPart)) { 00257 printf("SeSystemtimePrivilege "); 00258 return(TRUE); 00259 } 00260 00261 if ( ((*Privilege).QuadPart == ProfileSingleProcessPrivilege.QuadPart)) { 00262 printf("SeProfileSingleProcessPrivilege "); 00263 return(TRUE); 00264 } 00265 00266 if ( ((*Privilege).QuadPart == CreatePermanentPrivilege.QuadPart)) { 00267 printf("SeCreatePermanentPrivilege "); 00268 return(TRUE); 00269 } 00270 00271 if ( ((*Privilege).QuadPart == BackupPrivilege.QuadPart)) { 00272 printf("SeBackupPrivilege "); 00273 return(TRUE); 00274 } 00275 00276 if ( ((*Privilege).QuadPart == RestorePrivilege.QuadPart)) { 00277 printf("SeRestorePrivilege "); 00278 return(TRUE); 00279 } 00280 00281 if ( ((*Privilege).QuadPart == ShutdownPrivilege.QuadPart)) { 00282 printf("SeShutdownPrivilege "); 00283 return(TRUE); 00284 } 00285 00286 if ( ((*Privilege).QuadPart == DebugPrivilege.QuadPart)) { 00287 printf("SeDebugPrivilege "); 00288 return(TRUE); 00289 } 00290 00291 if ( ((*Privilege).QuadPart == SystemEnvironmentPrivilege.QuadPart)) { 00292 printf("SeSystemEnvironmentPrivilege "); 00293 return(TRUE); 00294 } 00295 00296 return(FALSE); 00297 00298 } 00299 00300 00301 00302 VOID 00303 DisplayPrivilege( 00304 PLUID_AND_ATTRIBUTES Privilege 00305 ) 00306 { 00307 00308 00309 if (!DisplayPrivilegeName(&Privilege->Luid)) { 00310 printf("(Unknown Privilege. Value is: (0x%lx,0x%lx))", 00311 Privilege->Luid.HighPart, 00312 Privilege->Luid.LowPart 00313 ); 00314 } 00315 00316 00317 00318 // 00319 // Display the attributes assigned to the privilege. 00320 // 00321 00322 printf("\n ["); 00323 if (!(Privilege->Attributes & SE_PRIVILEGE_ENABLED)) { 00324 printf("Not "); 00325 } 00326 printf("Enabled"); 00327 00328 //printf(" / "); 00329 //if (!(Privilege->Attributes & SE_PRIVILEGE_ENABLED_BY_DEFAULT)) { 00330 // printf("Not "); 00331 //} 00332 //printf("Enabled By Default"); 00333 00334 00335 printf("]\n"); 00336 printf(" "); 00337 00338 00339 return; 00340 00341 } 00342 00343 00344 VOID 00345 DisplaySecurityContext( 00346 IN HANDLE TokenHandle 00347 ) 00348 { 00349 00350 #define BUFFER_SIZE (2048) 00351 00352 NTSTATUS Status; 00353 ULONG i; 00354 ULONG ReturnLength; 00355 TOKEN_STATISTICS ProcessTokenStatistics; 00356 GUID AuthenticationId; 00357 UCHAR Buffer[BUFFER_SIZE]; 00358 00359 00360 PTOKEN_USER UserId; 00361 PTOKEN_OWNER DefaultOwner; 00362 PTOKEN_PRIMARY_GROUP PrimaryGroup; 00363 PTOKEN_GROUPS GroupIds; 00364 PTOKEN_PRIVILEGES Privileges; 00365 00366 00367 00368 00370 // // 00371 // Logon ID // 00372 // // 00374 00375 Status = NtQueryInformationToken( 00376 TokenHandle, // Handle 00377 TokenStatistics, // TokenInformationClass 00378 &ProcessTokenStatistics, // TokenInformation 00379 sizeof(TOKEN_STATISTICS), // TokenInformationLength 00380 &ReturnLength // ReturnLength 00381 ); 00382 ASSERT(NT_SUCCESS(Status)); 00383 AuthenticationId = ProcessTokenStatistics.AuthenticationId; 00384 00385 printf(" Logon Session: "); 00386 if (RtlEqualGuid(&AuthenticationId, &SystemAuthenticationId )) { 00387 printf("(System Logon Session)\n"); 00388 } else { 00389 PrintGuid( &AuthenticationId ); 00390 } 00391 00392 00393 00394 00396 // // 00397 // User Id // 00398 // // 00400 00401 UserId = (PTOKEN_USER)&Buffer[0]; 00402 Status = NtQueryInformationToken( 00403 TokenHandle, // Handle 00404 TokenUser, // TokenInformationClass 00405 UserId, // TokenInformation 00406 BUFFER_SIZE, // TokenInformationLength 00407 &ReturnLength // ReturnLength 00408 ); 00409 00410 00411 ASSERT(NT_SUCCESS(Status)); 00412 00413 printf(" User id: "); 00414 DisplayAccountSid( (PISID)UserId->User.Sid ); 00415 00416 00417 00418 00419 00421 // // 00422 // Default Owner // 00423 // // 00425 00426 DefaultOwner = (PTOKEN_OWNER)&Buffer[0]; 00427 00428 Status = NtQueryInformationToken( 00429 TokenHandle, // Handle 00430 TokenOwner, // TokenInformationClass 00431 DefaultOwner, // TokenInformation 00432 BUFFER_SIZE, // TokenInformationLength 00433 &ReturnLength // ReturnLength 00434 ); 00435 00436 00437 ASSERT(NT_SUCCESS(Status)); 00438 00439 printf(" Default Owner: "); 00440 DisplayAccountSid( (PISID)DefaultOwner->Owner ); 00441 00442 00443 00444 00445 00446 00448 // // 00449 // Primary Group // 00450 // // 00452 00453 PrimaryGroup = (PTOKEN_PRIMARY_GROUP)&Buffer[0]; 00454 00455 Status = NtQueryInformationToken( 00456 TokenHandle, // Handle 00457 TokenPrimaryGroup, // TokenInformationClass 00458 PrimaryGroup, // TokenInformation 00459 BUFFER_SIZE, // TokenInformationLength 00460 &ReturnLength // ReturnLength 00461 ); 00462 00463 00464 ASSERT(NT_SUCCESS(Status)); 00465 00466 printf(" Primary Group: "); 00467 DisplayAccountSid( (PISID)PrimaryGroup->PrimaryGroup ); 00468 00469 00470 00471 00472 00473 00475 // // 00476 // Group Ids // 00477 // // 00479 00480 printf("\n"); 00481 GroupIds = (PTOKEN_GROUPS)&Buffer[0]; 00482 Status = NtQueryInformationToken( 00483 TokenHandle, // Handle 00484 TokenGroups, // TokenInformationClass 00485 GroupIds, // TokenInformation 00486 BUFFER_SIZE, // TokenInformationLength 00487 &ReturnLength // ReturnLength 00488 ); 00489 00490 00491 ASSERT(NT_SUCCESS(Status)); 00492 00493 //printf(" Number of groups: %ld\n", GroupIds->GroupCount); 00494 printf(" Groups: "); 00495 00496 for (i=0; i < GroupIds->GroupCount; i++ ) { 00497 //printf(" Group %ld: ", i); 00498 DisplayAccountSid( (PISID)GroupIds->Groups[i].Sid ); 00499 printf(" "); 00500 } 00501 00502 00503 00504 00505 00507 // // 00508 // Privileges // 00509 // // 00511 00512 printf("\n"); 00513 Privileges = (PTOKEN_PRIVILEGES)&Buffer[0]; 00514 Status = NtQueryInformationToken( 00515 TokenHandle, // Handle 00516 TokenPrivileges, // TokenInformationClass 00517 Privileges, // TokenInformation 00518 BUFFER_SIZE, // TokenInformationLength 00519 &ReturnLength // ReturnLength 00520 ); 00521 00522 00523 ASSERT(NT_SUCCESS(Status)); 00524 00525 printf(" Privileges: "); 00526 if (Privileges->PrivilegeCount > 0) { 00527 00528 for (i=0; i < Privileges->PrivilegeCount; i++ ) { 00529 DisplayPrivilege( &(Privileges->Privileges[i]) ); 00530 } 00531 } else { 00532 printf("(none assigned)\n"); 00533 } 00534 00535 00536 00537 return; 00538 00539 } 00540 00541 00542 BOOLEAN 00543 main() 00544 { 00545 00546 NTSTATUS Status; 00547 HANDLE ProcessToken; 00548 00549 00550 TSeVariableInitialization(); // Initialize global variables 00551 00552 printf("\n"); 00553 00554 00555 // 00556 // Open our process token 00557 // 00558 00559 Status = NtOpenProcessToken( 00560 NtCurrentProcess(), 00561 TOKEN_QUERY, 00562 &ProcessToken 00563 ); 00564 if (!NT_SUCCESS(Status)) { 00565 printf("I'm terribly sorry, but you don't seem to have access to\n"); 00566 printf("open your own process's token.\n"); 00567 printf("\n"); 00568 return(FALSE); 00569 } 00570 00571 printf("Your process level security context is:\n"); 00572 printf("\n"); 00573 DisplaySecurityContext( ProcessToken ); 00574 00575 00576 Status = NtClose( ProcessToken ); 00577 00578 return(TRUE); 00579 } 00580