Fix for Zen on Vista, scope score as elevated user

This commit is contained in:
Jim Norman 2007-05-31 18:27:05 +00:00
parent 375e8d801a
commit ed5fe836fe
2 changed files with 112 additions and 8 deletions

View File

@ -69,13 +69,42 @@ namespace AppModule.NamedPipes {
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId,
TokenGroupsAndPrivileges,
TokenSessionReference,
TokenSandBoxInert,
TokenAuditPolicy,
TokenOrigin,
TokenElevationType,
TokenLinkedToken,
TokenElevation,
TokenHasRestrictions,
TokenAccessInformation,
TokenVirtualizationAllowed,
TokenVirtualizationEnabled,
TokenIntegrityLevel,
TokenUIAccess,
TokenMandatoryPolicy,
TokenLogonSid,
MaxTokenInfoClass
}
[StructLayout(LayoutKind.Sequential)]
public enum TOKEN_ELEVATION_TYPE
{
TokenElevationTypeDefault = 1,
TokenElevationTypeFull,
TokenElevationTypeLimited
}
public struct TOKEN_LINKED_TOKEN
{
public IntPtr LinkedToken;
}
[StructLayout(LayoutKind.Sequential)]
public struct TOKEN_USER
{
public _SID_AND_ATTRIBUTES User;

View File

@ -104,8 +104,10 @@ namespace AppModule.NamedPipes
{
Console.WriteLine("failed");
}
Marshal.FreeHGlobal(tu);
return (int)pUserID;
return (int)pUserID;
}
@ -154,6 +156,47 @@ namespace AppModule.NamedPipes
return sb.ToString();
}
public static bool GetLinkedToken(IntPtr token, out ImpersonateNative.TOKEN_LINKED_TOKEN linkedToken)
{
int TokenInfLength = 0;
bool TokenInfoSuccess = false;
IntPtr ptrLinkedToken = IntPtr.Zero;
linkedToken = new ImpersonateNative.TOKEN_LINKED_TOKEN();
if (token != IntPtr.Zero)
{
// first call gets length of TokenInformation
ImpersonateNative.GetTokenInformation(token, ImpersonateNative.TOKEN_INFORMATION_CLASS.TokenLinkedToken, IntPtr.Zero, TokenInfLength, ref TokenInfLength);
try
{
ptrLinkedToken = Marshal.AllocHGlobal(TokenInfLength);
TokenInfoSuccess = ImpersonateNative.GetTokenInformation(token, ImpersonateNative.TOKEN_INFORMATION_CLASS.TokenLinkedToken, ptrLinkedToken, TokenInfLength, ref TokenInfLength);
if (TokenInfoSuccess)
{
linkedToken = (ImpersonateNative.TOKEN_LINKED_TOKEN)Marshal.PtrToStructure(ptrLinkedToken, typeof(ImpersonateNative.TOKEN_LINKED_TOKEN));
}
}
catch (OutOfMemoryException e)
{
System.Diagnostics.Trace.WriteLine(e.ToString());
}
finally
{
if (ptrLinkedToken != IntPtr.Zero)
{
Marshal.FreeHGlobal(ptrLinkedToken);
}
}
}
return TokenInfoSuccess;
}
public static int GetLocalUserID(PipeHandle handle, ref int lowPart, ref int highPart, ref string SidString)
{
int rcode = -1;
@ -174,13 +217,41 @@ namespace AppModule.NamedPipes
if (ImpersonateNative.OpenThreadToken(hThread, iDesiredInfo, true, out userToken))
{
StringBuilder sb = new StringBuilder();
ImpersonateNative.TOKEN_USER tokUser;
const int bufLength = 256;
IntPtr tu = Marshal.AllocHGlobal( bufLength );
int cb = bufLength;
if (ImpersonateNative.GetTokenInformation( userToken, ImpersonateNative.TOKEN_INFORMATION_CLASS.TokenUser, tu, cb, ref cb ))
// on Vista use the elevated token if there is one.
System.OperatingSystem os = System.Environment.OSVersion;
System.Diagnostics.Trace.WriteLine("OS Version: {0}", os.Version.ToString());
if (os.Version.Major > 5)
{
if (ImpersonateNative.GetTokenInformation(userToken, ImpersonateNative.TOKEN_INFORMATION_CLASS.TokenElevationType, tu, cb, ref cb))
{
int iTokenType;
iTokenType = (int)Marshal.PtrToStructure(tu, typeof(int));
System.Diagnostics.Trace.WriteLine("Token Type : {0}", iTokenType.ToString());
if (iTokenType == 3) //.ToString().Equals(ImpersonateNative.TOKEN_ELEVATION_TYPE.TokenElevationTypeLimited))
{
ImpersonateNative.TOKEN_LINKED_TOKEN newLinkedToken;
if (GetLinkedToken(userToken, out newLinkedToken))
{
userToken = newLinkedToken.LinkedToken;
}
}
}
else
{
uint error = ImpersonateNative.GetLastError();
System.Diagnostics.Trace.WriteLine("linked token error: {0}", error.ToString());
}
}
cb = bufLength;
if (ImpersonateNative.GetTokenInformation( userToken, ImpersonateNative.TOKEN_INFORMATION_CLASS.TokenUser, tu, cb, ref cb ))
{
tokUser = (ImpersonateNative.TOKEN_USER) Marshal.PtrToStructure(tu, typeof(ImpersonateNative.TOKEN_USER) );
IntPtr pUserID = tokUser.User.Sid;
@ -210,6 +281,8 @@ namespace AppModule.NamedPipes
Console.WriteLine("error" + error.ToString());
}
Marshal.FreeHGlobal(tu);
// close handle
ImpersonateNative.CloseHandle(hThread);
ImpersonateNative.RevertToSelf();
@ -220,6 +293,8 @@ namespace AppModule.NamedPipes
uint errorcode = NamedPipeNative.GetLastError();
Console.WriteLine("OpenThreadToken Error: "+ errorcode.ToString() + " code2: "+rcode.ToString());
}
Marshal.FreeHGlobal(userToken);
}
catch (Exception ex)
{