|
|
/*++
Copyright (c) 1991 Microsoft Corporation
Module Name:
tse.c
Abstract:
This module tests windows security api.
Author:
Robert Reichel (RobertRe) 01-Jan-92
Revision History:
--*/
#include <nt.h>
#include <ntrtl.h>
#include <nturtl.h>
#include <windows.h>
#include <string.h>
#include <stdarg.h>
#include <assert.h>
#include <stdio.h>
#define _TST_USER_ // User mode test
#define BUFFER_SIZE 256
�////////////////////////////////////////////////////////////////////////
// //
// Global Variables //
// //
////////////////////////////////////////////////////////////////////////
LUID SystemAuthenticationId = SYSTEM_LUID;
//
// Universal well known SIDs
//
PSID NullSid;PSID WorldSid;PSID LocalSid;PSID CreatorOwnerSid;
//
// Sids defined by NT
//
PSID NtAuthoritySid;
PSID DialupSid;PSID NetworkSid;PSID BatchSid;PSID InteractiveSid;PSID LocalSystemSid;
//
// Well known privilege values
//
LUID SeCreateTokenPrivilege;LUID SeAssignPrimaryTokenPrivilege;LUID SeLockMemoryPrivilege;LUID SeIncreaseQuotaPrivilege;LUID SeUnsolicitedInputPrivilege;LUID SeTcbPrivilege;LUID SeSecurityPrivilege;LUID SeTakeOwnershipPrivilege;LUID SeLoadDriverPrivilege;LUID SeCreatePagefilePrivilege;LUID SeIncreaseBasePriorityPrivilege;LUID SeSystemProfilePrivilege;LUID SeSystemtimePrivilege;LUID SeProfileSingleProcessPrivilege;LUID SeCreatePermanentPrivilege;LUID SeBackupPrivilege;LUID SeRestorePrivilege;LUID SeShutdownPrivilege;LUID SeDebugPrivilege;LUID SeAuditPrivilege;LUID SeSystemEnvironmentPrivilege;LUID SeChangeNotifyPrivilege;LUID SeRemoteShutdownPrivilege;
�////////////////////////////////////////////////////////////////////////
// //
// Internal Prototypes //
// //
////////////////////////////////////////////////////////////////////////
VOIDTestLookupSid();
VOIDTestLookupName();
voidTestGetPrivNameW( LPWSTR *PrivName, PLUID lpLuid );voidTestGetPrivNameA( LPSTR *PrivName, PLUID lpLuid );
VOIDTestLookupPrivilegeValue();
voidTestLookupPrivilegeValueW( PLUID lpLuid );
voidTestLookupPrivilegeValueA( PLUID lpLuid );
VOIDTestLookupPrivilegeName();
voidTestLookupPrivilegeNameW( PLUID lpLuid );
voidTestLookupPrivilegeNameA( PLUID lpLuid );
VOIDTestLookupPrivilegeDisplayName();
voidTestLookupPrivilegeDisplayNameW( PLUID lpLuid );
voidTestLookupPrivilegeDisplayNameA( PLUID lpLuid );
voidinitialize (void);
voidTestLookupSidW( IN PSID Sid );
voidTestLookupSidA( IN PSID Sid );
voidTestLookupNameW( LPWSTR Name );
voidDumpWCharString( PWSTR String );
VOIDDisplayAccountSid( PSID Sid );
VOIDDisplayUse( IN SID_NAME_USE Use );
voidinitialize (void){
ULONG SidWithZeroSubAuthorities; ULONG SidWithOneSubAuthority; ULONG SidWithThreeSubAuthorities; ULONG SidWithFourSubAuthorities;
SID_IDENTIFIER_AUTHORITY NullSidAuthority = SECURITY_NULL_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY WorldSidAuthority = SECURITY_WORLD_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY LocalSidAuthority = SECURITY_LOCAL_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = SECURITY_CREATOR_SID_AUTHORITY;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
//
// The following SID sizes need to be allocated
//
SidWithZeroSubAuthorities = GetSidLengthRequired( 0 ); SidWithOneSubAuthority = GetSidLengthRequired( 1 ); SidWithThreeSubAuthorities = GetSidLengthRequired( 3 ); SidWithFourSubAuthorities = GetSidLengthRequired( 4 );
//
// Allocate and initialize the universal SIDs
//
NullSid = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority); WorldSid = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority); LocalSid = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority); CreatorOwnerSid = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority);
InitializeSid( NullSid, &NullSidAuthority, 1 ); InitializeSid( WorldSid, &WorldSidAuthority, 1 ); InitializeSid( LocalSid, &LocalSidAuthority, 1 ); InitializeSid( CreatorOwnerSid, &CreatorSidAuthority, 1 );
*(GetSidSubAuthority( NullSid, 0 )) = SECURITY_NULL_RID; *(GetSidSubAuthority( WorldSid, 0 )) = SECURITY_WORLD_RID; *(GetSidSubAuthority( LocalSid, 0 )) = SECURITY_LOCAL_RID; *(GetSidSubAuthority( CreatorOwnerSid, 0 )) = SECURITY_CREATOR_OWNER_RID;
//
// Allocate and initialize the NT defined SIDs
//
NtAuthoritySid = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithZeroSubAuthorities); DialupSid = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority); NetworkSid = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority); BatchSid = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority); InteractiveSid = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority); LocalSystemSid = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority);
InitializeSid( NtAuthoritySid, &NtAuthority, 0 ); InitializeSid( DialupSid, &NtAuthority, 1 ); InitializeSid( NetworkSid, &NtAuthority, 1 ); InitializeSid( BatchSid, &NtAuthority, 1 ); InitializeSid( InteractiveSid, &NtAuthority, 1 ); InitializeSid( LocalSystemSid, &NtAuthority, 1 );
*(GetSidSubAuthority( DialupSid, 0 )) = SECURITY_DIALUP_RID; *(GetSidSubAuthority( NetworkSid, 0 )) = SECURITY_NETWORK_RID; *(GetSidSubAuthority( BatchSid, 0 )) = SECURITY_BATCH_RID; *(GetSidSubAuthority( InteractiveSid, 0 )) = SECURITY_INTERACTIVE_RID; *(GetSidSubAuthority( LocalSystemSid, 0 )) = SECURITY_LOCAL_SYSTEM_RID;
//
// Initialize the well known privilege values
//
SeCreateTokenPrivilege = RtlConvertLongToLargeInteger(SE_CREATE_TOKEN_PRIVILEGE); SeAssignPrimaryTokenPrivilege = RtlConvertLongToLargeInteger(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE); SeLockMemoryPrivilege = RtlConvertLongToLargeInteger(SE_LOCK_MEMORY_PRIVILEGE); SeIncreaseQuotaPrivilege = RtlConvertLongToLargeInteger(SE_INCREASE_QUOTA_PRIVILEGE); SeUnsolicitedInputPrivilege = RtlConvertLongToLargeInteger(SE_UNSOLICITED_INPUT_PRIVILEGE); SeTcbPrivilege = RtlConvertLongToLargeInteger(SE_TCB_PRIVILEGE); SeSecurityPrivilege = RtlConvertLongToLargeInteger(SE_SECURITY_PRIVILEGE); SeTakeOwnershipPrivilege = RtlConvertLongToLargeInteger(SE_TAKE_OWNERSHIP_PRIVILEGE); SeLoadDriverPrivilege = RtlConvertLongToLargeInteger(SE_LOAD_DRIVER_PRIVILEGE); SeCreatePagefilePrivilege = RtlConvertLongToLargeInteger(SE_CREATE_PAGEFILE_PRIVILEGE); SeIncreaseBasePriorityPrivilege = RtlConvertLongToLargeInteger(SE_INC_BASE_PRIORITY_PRIVILEGE); SeSystemProfilePrivilege = RtlConvertLongToLargeInteger(SE_SYSTEM_PROFILE_PRIVILEGE); SeSystemtimePrivilege = RtlConvertLongToLargeInteger(SE_SYSTEMTIME_PRIVILEGE); SeProfileSingleProcessPrivilege = RtlConvertLongToLargeInteger(SE_PROF_SINGLE_PROCESS_PRIVILEGE); SeCreatePermanentPrivilege = RtlConvertLongToLargeInteger(SE_CREATE_PERMANENT_PRIVILEGE); SeBackupPrivilege = RtlConvertLongToLargeInteger(SE_BACKUP_PRIVILEGE); SeRestorePrivilege = RtlConvertLongToLargeInteger(SE_RESTORE_PRIVILEGE); SeShutdownPrivilege = RtlConvertLongToLargeInteger(SE_SHUTDOWN_PRIVILEGE); SeDebugPrivilege = RtlConvertLongToLargeInteger(SE_DEBUG_PRIVILEGE); SeAuditPrivilege = RtlConvertLongToLargeInteger(SE_AUDIT_PRIVILEGE); SeSystemEnvironmentPrivilege = RtlConvertLongToLargeInteger(SE_SYSTEM_ENVIRONMENT_PRIVILEGE); SeChangeNotifyPrivilege = RtlConvertLongToLargeInteger(SE_CHANGE_NOTIFY_PRIVILEGE); SeRemoteShutdownPrivilege = RtlConvertLongToLargeInteger(SE_REMOTE_SHUTDOWN_PRIVILEGE);
}
voidTestLookupSidW( IN PSID Sid )
{ //
// LookupAccountSidW test
//
BOOL Bool; DWORD cbName = 0; DWORD cbReferencedDomainName = 0; DWORD cbSid = 0; WCHAR Name[BUFFER_SIZE]; SID_NAME_USE peUse = SidTypeUser; WCHAR ReferencedDomainName[BUFFER_SIZE];
printf(" LookupW call . . . . . . . . . . . . . . . . . ");
cbName = 0; cbReferencedDomainName = 0;
Bool = LookupAccountSidW( NULL, Sid, Name, &cbName, ReferencedDomainName, &cbReferencedDomainName, &peUse ); //
// Expect failure here
//
if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) { printf("** FAILED **\n"); printf(" First call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); printf(" Domain Name Length: %d\n", cbReferencedDomainName); } else {
Bool = LookupAccountSidW( NULL, Sid, Name, &cbName, ReferencedDomainName, &cbReferencedDomainName, &peUse );
if ( !Bool ) { printf("** FAILED **\n"); printf(" Second call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); printf(" Domain Name Length: %d\n", cbReferencedDomainName); } else { printf("Succeeded\n"); printf(" Name Length: %d\n", cbName); printf(" Name: *"); DumpWCharString( Name ); printf("*\n"); printf(" Domain Name Length: %d\n", cbReferencedDomainName); printf(" Domain Name: *"); DumpWCharString( ReferencedDomainName ); printf("*\n"); printf(" Use: "); DisplayUse( peUse ); printf("\n\n"); } }}
�voidTestLookupSidA( IN PSID Sid ){ UCHAR Name[BUFFER_SIZE]; UCHAR ReferencedDomainName[BUFFER_SIZE]; BOOL Bool; DWORD cbName = 0; DWORD cbReferencedDomainName = 0; SID_NAME_USE peUse;
printf(" LookupA call . . . . . . . . . . . . . . . . . ");
Bool = LookupAccountSidA( NULL, Sid, Name, &cbName, ReferencedDomainName, &cbReferencedDomainName, &peUse );
//
// Expect failure here
//
if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) { printf("** FAILED **\n"); printf(" First call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); printf(" Domain Name Length: %d\n", cbReferencedDomainName); } else {
Bool = LookupAccountSidA( NULL, Sid, Name, &cbName, ReferencedDomainName, &cbReferencedDomainName, &peUse );
if ( !Bool ) { printf("** FAILED **\n"); printf(" Second call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); printf(" Domain Name Length: %d\n", cbReferencedDomainName); } else { printf("Succeeded\n"); printf(" Name Length: %d\n", cbName); printf(" Name: *%s*\n",Name); printf(" Domain Name Length: %d\n", cbReferencedDomainName); printf(" Domain Name: *%s*\n", ReferencedDomainName ); printf(" Use: "); DisplayUse( peUse ); printf("\n\n"); } }
}
�voidTestLookupNameW( LPWSTR Name )
{
//
// LookupAccountNameW test
//
BOOL Bool; DWORD cbSid = 0; UCHAR Sid[BUFFER_SIZE]; SID_NAME_USE peUse = SidTypeUser; DWORD cbReferencedDomainName = 0; WCHAR ReferencedDomainName[BUFFER_SIZE];
printf(" LookupW call . . . . . . . . . . . . . . . . . ");
Bool = LookupAccountNameW( NULL, Name, Sid, &cbSid, ReferencedDomainName, &cbReferencedDomainName, &peUse );
//
// Expect failure here
//
if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) { printf("** FAILED **\n"); printf(" First call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Sid Length: %d\n", cbSid); printf(" Domain Name Length: %d\n", cbReferencedDomainName); } else {
Bool = LookupAccountNameW( NULL, Name, Sid, &cbSid, ReferencedDomainName, &cbReferencedDomainName, &peUse );
if ( !Bool ) { printf("** FAILED **\n"); printf(" Second call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Sid Length: %d\n", cbSid); printf(" Domain Name Length: %d\n", cbReferencedDomainName); } else { printf("Succeeded\n"); printf(" Sid Length: %d\n", cbSid); printf(" Sid: "); DisplayAccountSid( Sid ); printf("\n"); printf(" Domain Name Length: %d\n", cbReferencedDomainName); printf(" Domain Name: *"); DumpWCharString( ReferencedDomainName ); printf("*\n"); printf(" Use: "); DisplayUse( peUse ); printf("\n\n"); } }
}
�voidTestLookupNameA( LPSTR Name )
{
//
// LookupAccountNameA test
//
BOOL Bool; DWORD cbSid = 0; UCHAR Sid[BUFFER_SIZE]; SID_NAME_USE peUse = SidTypeUser; DWORD cbReferencedDomainName = 0; UCHAR ReferencedDomainName[BUFFER_SIZE];
printf(" LookupA call . . . . . . . . . . . . . . . . . ");
Bool = LookupAccountNameA( NULL, Name, Sid, &cbSid, ReferencedDomainName, &cbReferencedDomainName, &peUse );
//
// Expect failure here
//
if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) { printf("** FAILED **\n"); printf(" First call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Sid Length: %d\n", cbSid); printf(" Domain Name Length: %d\n", cbReferencedDomainName); } else {
Bool = LookupAccountNameA( NULL, Name, Sid, &cbSid, ReferencedDomainName, &cbReferencedDomainName, &peUse );
if ( !Bool ) { printf("** FAILED **\n"); printf(" Second call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Sid Length: %d\n", cbSid); printf(" Domain Name Length: %d\n", cbReferencedDomainName); } else { printf("Succeeded\n"); printf(" Sid Length: %d\n", cbSid); printf(" Sid: "); DisplayAccountSid( Sid ); printf("\n"); printf(" Domain Name Length: %d\n", cbReferencedDomainName); printf(" Domain Name: *%s*\n", ReferencedDomainName); printf(" Use: "); DisplayUse( peUse ); printf("\n\n"); } }
}
�voidTestLookupPrivilegeDisplayNameW( PLUID lpLuid )
{
//
// LookupPrivilegeDisplayNameW test
//
BOOL Bool; DWORD cbName = 0; WCHAR Name[BUFFER_SIZE]; DWORD LanguageId; LPWSTR PrivName;
printf(" LookupW call . . . . . . . . . . . . . . . . . ");
TestGetPrivNameW( &PrivName, lpLuid ); Bool = LookupPrivilegeDisplayNameW( NULL, PrivName, Name, &cbName, &LanguageId );
//
// Expect failure here
//
if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) { printf("** FAILED **\n"); printf(" First call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); } else {
Bool = LookupPrivilegeDisplayNameW( NULL, PrivName, Name, &cbName, &LanguageId );
if ( !Bool ) { printf("** FAILED **\n"); printf(" Second call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); } else { printf("Succeeded\n"); printf(" Name Length: %d\n", cbName); printf(" Name: *"); DumpWCharString( Name ); printf("*\n"); printf(" LanguageID: %d\n", LanguageId); printf("\n\n"); } }
RtlFreeHeap( RtlProcessHeap(), 0, PrivName ); return;}
�voidTestLookupPrivilegeDisplayNameA( PLUID lpLuid )
{
//
// LookupPrivilegeDisplayNameA test
//
BOOL Bool; DWORD cbName = 0; UCHAR Name[BUFFER_SIZE]; DWORD LanguageId; LPSTR PrivName;
printf(" LookupA call . . . . . . . . . . . . . . . . . ");
TestGetPrivNameA( &PrivName, lpLuid ); Bool = LookupPrivilegeDisplayNameA( NULL, PrivName, Name, &cbName, &LanguageId );
//
// Expect failure here
//
if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) { printf("** FAILED **\n"); printf(" First call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); } else {
Bool = LookupPrivilegeDisplayNameA( NULL, PrivName, Name, &cbName, &LanguageId );
if ( !Bool ) { printf("** FAILED **\n"); printf(" Second call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); } else { printf("Succeeded\n"); printf(" Name Length: %d\n", cbName); printf(" Name: *%s*\n", Name); printf(" LanguageID: %d\n", LanguageId); printf("\n\n"); } }
RtlFreeHeap( RtlProcessHeap(), 0, PrivName ); return;}
�voidTestLookupPrivilegeValueA( PLUID lpLuid )
{
//
// LookupPrivilegeValueA test
//
BOOL Bool; LPSTR PrivName; LUID ReturnedValue;
TestGetPrivNameA( &PrivName, lpLuid );
printf(" LookupA call . . . . . . . . . . . . . . . . . ");
Bool = LookupPrivilegeValueA( NULL, PrivName, &ReturnedValue );
if ( !Bool ) { printf("** FAILED **\n"); printf(" Status: %d\n", GetLastError()); } else {
if (ReturnedValue.LowPart != lpLuid->LowPart || ReturnedValue.HighPart != lpLuid->HighPart) { printf("** FAILED **\n"); printf(" Value mismatch.\n"); printf(" Passed Value: {0x%lx, 0x%lx}\n", lpLuid->HighPart,lpLuid->LowPart); printf(" Retrieved Value: {0x%lx, 0x%lx}\n", ReturnedValue.HighPart,ReturnedValue.LowPart);
} else { printf("Succeeded\n"); } } printf("\n\n");
RtlFreeHeap( RtlProcessHeap(), 0, PrivName ); return;}�voidTestLookupPrivilegeValueW( PLUID lpLuid )
{
//
// LookupPrivilegeValueW test
//
BOOL Bool; LPWSTR PrivName; LUID ReturnedValue;
TestGetPrivNameW( &PrivName, lpLuid );
printf(" LookupW call . . . . . . . . . . . . . . . . . ");
Bool = LookupPrivilegeValueW( NULL, PrivName, &ReturnedValue );
if ( !Bool ) { printf("** FAILED **\n"); printf(" Status: %d\n", GetLastError()); } else {
if (ReturnedValue.LowPart != lpLuid->LowPart || ReturnedValue.HighPart != lpLuid->HighPart) { printf("** FAILED **\n"); printf(" Value mismatch.\n"); printf(" Passed Value: {0x%lx, 0x%lx}\n", lpLuid->HighPart,lpLuid->LowPart); printf(" Retrieved Value: {0x%lx, 0x%lx}\n", ReturnedValue.HighPart,ReturnedValue.LowPart);
} else { printf("Succeeded\n"); } }
RtlFreeHeap( RtlProcessHeap(), 0, PrivName ); return;}
�voidTestGetPrivNameW( LPWSTR *PrivName, PLUID lpLuid ){
BOOL Bool; DWORD cbName = 0; PWCHAR Name = NULL;
Bool = LookupPrivilegeNameW( NULL, lpLuid, Name, &cbName ); ASSERT( !Bool && GetLastError() == ERROR_INSUFFICIENT_BUFFER );
Name = RtlAllocateHeap( RtlProcessHeap(), 0, (cbName+1)*sizeof(WCHAR) );
Bool = LookupPrivilegeNameW( NULL, lpLuid, Name, &cbName ); ASSERT(Bool);
(*PrivName) = (LPWSTR)Name;
return;}
�voidTestGetPrivNameA( LPSTR *PrivName, PLUID lpLuid ){
BOOL Bool; DWORD cbName = 0; PCHAR Name = NULL;
Bool = LookupPrivilegeNameA( NULL, lpLuid, Name, &cbName ); ASSERT( !Bool && GetLastError() == ERROR_INSUFFICIENT_BUFFER );
Name = RtlAllocateHeap( RtlProcessHeap(), 0, (cbName+1)*sizeof(CHAR) );
Bool = LookupPrivilegeNameA( NULL, lpLuid, Name, &cbName ); ASSERT(Bool);
(*PrivName) = (LPSTR)Name;
return;}
�voidTestLookupPrivilegeNameW( PLUID lpLuid )
{
//
// LookupPrivilegeNameW test
//
BOOL Bool; DWORD cbName = 0; WCHAR Name[BUFFER_SIZE];
printf(" LookupW call . . . . . . . . . . . . . . . . . ");
Bool = LookupPrivilegeNameW( NULL, lpLuid, Name, &cbName );
//
// Expect failure here
//
if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) { printf("** FAILED **\n"); printf(" First call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); } else {
Bool = LookupPrivilegeNameW( NULL, lpLuid, Name, &cbName );
if ( !Bool ) { printf("** FAILED **\n"); printf(" Second call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); } else { printf("Succeeded\n"); printf(" Name Length: %d\n", cbName); printf(" Name: *"); DumpWCharString( Name ); printf("*\n"); printf("\n\n"); } }
return;}
�voidTestLookupPrivilegeNameA( PLUID lpLuid )
{
//
// LookupPrivilegeNameA test
//
BOOL Bool; DWORD cbName = 0; UCHAR Name[BUFFER_SIZE];
printf(" LookupA call . . . . . . . . . . . . . . . . . ");
Bool = LookupPrivilegeNameA( NULL, lpLuid, Name, &cbName );
//
// Expect failure here
//
if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) { printf("** FAILED **\n"); printf(" First call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); } else {
Bool = LookupPrivilegeNameA( NULL, lpLuid, Name, &cbName );
if ( !Bool ) { printf("** FAILED **\n"); printf(" Second call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Name Length: %d\n", cbName); } else { printf("Succeeded\n"); printf(" Name Length: %d\n", cbName); printf(" Name: *%s*\n", Name); printf("\n\n"); } }
}
�VOIDDisplayUse( IN SID_NAME_USE Use ){
switch (Use) { case SidTypeUser: printf("user"); break;
case SidTypeGroup: printf("group"); break;
case SidTypeDomain: printf("domain"); break;
case SidTypeAlias: printf("alias"); break;
case SidTypeWellKnownGroup: printf("well known group"); break;
case SidTypeDeletedAccount: printf("deleted account"); break;
case SidTypeInvalid: printf("invalid to lsa"); break;
case SidTypeUnknown: printf("unknown to lsa"); break;
default: printf("** invalid use value returned **");
}
}
voidDumpWCharString( PWSTR String ){ UNICODE_STRING Unicode; ANSI_STRING AnsiString;
RtlInitUnicodeString( &Unicode, String );// DbgPrint("*%Z*\n",&Unicode);
// DbgPrint(" Length: %d\n", Unicode.Length);
// DbgPrint(" Max: %d\n", Unicode.MaximumLength);
RtlUnicodeStringToAnsiString( &AnsiString, &Unicode, TRUE ); AnsiString.Buffer[AnsiString.Length]=0; // null terminate it
printf("%s", AnsiString.Buffer ); RtlFreeAnsiString( &AnsiString ); return;}
VOIDDisplayAccountSid( PSID Sid ){ UCHAR i; ULONG Tmp; PSID_IDENTIFIER_AUTHORITY IdentifierAuthority; UCHAR SubAuthorityCount;
IdentifierAuthority = RtlIdentifierAuthoritySid(Sid);
//
// HACK! HACK!
// The next line prints the revision of the SID. Since there is no
// rtl routine which gives us the SID revision, we must make due.
// luckily, the revision field is the first field in the SID, so we
// can just cast the pointer.
//
printf("S-%u-", (USHORT) *((PUCHAR) Sid) );
if ( (IdentifierAuthority->Value[0] != 0) || (IdentifierAuthority->Value[1] != 0) ){ printf("0x%02hx%02hx%02hx%02hx%02hx%02hx", IdentifierAuthority->Value[0], IdentifierAuthority->Value[1], IdentifierAuthority->Value[2], IdentifierAuthority->Value[3], IdentifierAuthority->Value[4], IdentifierAuthority->Value[5] ); } else { Tmp = IdentifierAuthority->Value[5] + (IdentifierAuthority->Value[4] << 8) + (IdentifierAuthority->Value[3] << 16) + (IdentifierAuthority->Value[2] << 24); printf("%lu", Tmp); }
SubAuthorityCount = *RtlSubAuthorityCountSid(Sid); for (i=0;i<SubAuthorityCount ;i++ ) { printf("-%lu", (*RtlSubAuthoritySid(Sid, i))); } printf("\n");}
VOIDTestLookupSid(){
/////////////////////////////////////////////////////////////////////////
// //
// Sid -> Name test //
// //
/////////////////////////////////////////////////////////////////////////
printf("\n\n\n"); printf(" Sid lookup . . . . . . . . . . . . . . . . . . suite\n");
printf(" Lookup NullSid\n"); TestLookupSidW( NullSid ); TestLookupSidA( NullSid );
printf(" Lookup WorldSid\n"); TestLookupSidW( WorldSid ); TestLookupSidA( WorldSid );
printf(" Lookup LocalSid\n"); TestLookupSidW( LocalSid ); TestLookupSidA( LocalSid );
printf(" Lookup CreatorOwnerSid\n"); TestLookupSidW( CreatorOwnerSid ); TestLookupSidA( CreatorOwnerSid );
printf(" Lookup NtAuthoritySid\n"); TestLookupSidW( NtAuthoritySid ); TestLookupSidA( NtAuthoritySid );
printf(" Lookup DialupSid\n"); TestLookupSidW( DialupSid ); TestLookupSidA( DialupSid );
printf(" Lookup NetworkSid\n"); TestLookupSidW( NetworkSid ); TestLookupSidA( NetworkSid );
printf(" Lookup BatchSid\n"); TestLookupSidW( BatchSid ); TestLookupSidA( BatchSid );
printf(" Lookup InteractiveSid\n"); TestLookupSidW( InteractiveSid ); TestLookupSidA( InteractiveSid );
printf(" Lookup LocalSystemSid\n"); TestLookupSidW( LocalSystemSid ); TestLookupSidA( LocalSystemSid );
printf("\n\n\n"); return;}
VOIDTestLookupName(){
/////////////////////////////////////////////////////////////////////////
// //
// Name -> Sid test //
// //
/////////////////////////////////////////////////////////////////////////
printf(" Name Lookup . . . . . . . . . . . . . . . . . suite\n");
printf(" Lookup Null\n"); TestLookupNameW( L"" ); TestLookupNameA( "" );
printf(" Lookup World\n"); TestLookupNameW( L"World" ); TestLookupNameA( "World" );
printf(" Lookup Local\n"); TestLookupNameW( L"Local" ); TestLookupNameA( "Local" );
printf(" Lookup CreatorOwner\n"); TestLookupNameW( L"CreatorOwner" ); TestLookupNameA( "CreatorOwner" );
printf(" Lookup NtAuthority\n"); TestLookupNameW( L"NtAuthority" ); TestLookupNameA( "NtAuthority" );
printf(" Lookup DialupName\n"); TestLookupNameW( L"DialupName" ); TestLookupNameA( "DialupName" );
printf(" Lookup Network\n"); TestLookupNameW( L"Network" ); TestLookupNameA( "Network" );
printf(" Lookup Batch\n"); TestLookupNameW( L"Batch" ); TestLookupNameA( "Batch" );
printf(" Lookup Interactive\n"); TestLookupNameW( L"Interactive" ); TestLookupNameA( "Interactive" );
printf(" Look up LocalSystem\n"); TestLookupNameW( L"LocalSystem" ); TestLookupNameA( "LocalSystem" );
printf("\n\n\n"); return;
}
VOIDTestLookupPrivilegeValue(){
/////////////////////////////////////////////////////////////////////////
// //
// LookupPrivilegeValue Tests //
// //
/////////////////////////////////////////////////////////////////////////
printf("\n\n\n"); printf(" Privilege Value Lookup . . . . . . . . . . . . suite\n");
printf(" Lookup SeCreateTokenPrivilege\n"); TestLookupPrivilegeValueW( &SeCreateTokenPrivilege ); TestLookupPrivilegeValueA( &SeCreateTokenPrivilege );
printf(" Lookup SeAssignPrimaryTokenPrivilege\n"); TestLookupPrivilegeValueW( &SeAssignPrimaryTokenPrivilege ); TestLookupPrivilegeValueA( &SeAssignPrimaryTokenPrivilege );
printf(" Lookup SeLockMemoryPrivilege\n"); TestLookupPrivilegeValueW( &SeLockMemoryPrivilege ); TestLookupPrivilegeValueA( &SeLockMemoryPrivilege );
printf(" Lookup SeIncreaseQuotaPrivilege\n"); TestLookupPrivilegeValueW( &SeIncreaseQuotaPrivilege ); TestLookupPrivilegeValueA( &SeIncreaseQuotaPrivilege );
printf(" Lookup SeUnsolicitedInputPrivilege\n"); TestLookupPrivilegeValueW( &SeUnsolicitedInputPrivilege ); TestLookupPrivilegeValueA( &SeUnsolicitedInputPrivilege );
printf(" Lookup SeTcbPrivilege\n"); TestLookupPrivilegeValueW( &SeTcbPrivilege ); TestLookupPrivilegeValueA( &SeTcbPrivilege );
printf(" Lookup SeSecurityPrivilege\n"); TestLookupPrivilegeValueW( &SeSecurityPrivilege ); TestLookupPrivilegeValueA( &SeSecurityPrivilege );
printf(" Lookup SeTakeOwnershipPrivilege\n"); TestLookupPrivilegeValueW( &SeTakeOwnershipPrivilege ); TestLookupPrivilegeValueA( &SeTakeOwnershipPrivilege );
printf(" Lookup SeLoadDriverPrivilege\n"); TestLookupPrivilegeValueW( &SeLoadDriverPrivilege ); TestLookupPrivilegeValueA( &SeLoadDriverPrivilege );
printf(" Lookup SeCreatePagefilePrivilege\n"); TestLookupPrivilegeValueW( &SeCreatePagefilePrivilege ); TestLookupPrivilegeValueA( &SeCreatePagefilePrivilege );
printf(" Lookup SeIncreaseBasePriorityPrivilege\n"); TestLookupPrivilegeValueW( &SeIncreaseBasePriorityPrivilege ); TestLookupPrivilegeValueA( &SeIncreaseBasePriorityPrivilege );
printf(" Lookup SeSystemProfilePrivilege\n"); TestLookupPrivilegeValueW( &SeSystemProfilePrivilege ); TestLookupPrivilegeValueA( &SeSystemProfilePrivilege );
printf(" Lookup SeSystemtimePrivilege\n"); TestLookupPrivilegeValueW( &SeSystemtimePrivilege ); TestLookupPrivilegeValueA( &SeSystemtimePrivilege );
printf(" Lookup SeProfileSingleProcessPrivilege\n"); TestLookupPrivilegeValueW( &SeProfileSingleProcessPrivilege ); TestLookupPrivilegeValueA( &SeProfileSingleProcessPrivilege );
printf(" Lookup SeCreatePermanentPrivilege\n"); TestLookupPrivilegeValueW( &SeCreatePermanentPrivilege ); TestLookupPrivilegeValueA( &SeCreatePermanentPrivilege );
printf(" Lookup SeBackupPrivilege\n"); TestLookupPrivilegeValueW( &SeBackupPrivilege ); TestLookupPrivilegeValueA( &SeBackupPrivilege );
printf(" Lookup SeRestorePrivilege\n"); TestLookupPrivilegeValueW( &SeRestorePrivilege ); TestLookupPrivilegeValueA( &SeRestorePrivilege );
printf(" Lookup SeShutdownPrivilege\n"); TestLookupPrivilegeValueW( &SeShutdownPrivilege ); TestLookupPrivilegeValueA( &SeShutdownPrivilege );
printf(" Lookup SeDebugPrivilege\n"); TestLookupPrivilegeValueW( &SeDebugPrivilege ); TestLookupPrivilegeValueA( &SeDebugPrivilege );
printf(" Lookup SeAuditPrivilege\n"); TestLookupPrivilegeValueW( &SeAuditPrivilege ); TestLookupPrivilegeValueA( &SeAuditPrivilege );
printf(" Lookup SeSystemEnvironmentPrivilege\n"); TestLookupPrivilegeValueW( &SeSystemEnvironmentPrivilege ); TestLookupPrivilegeValueA( &SeSystemEnvironmentPrivilege );
printf(" Lookup SeChangeNotifyPrivilege\n"); TestLookupPrivilegeValueW( &SeChangeNotifyPrivilege ); TestLookupPrivilegeValueA( &SeChangeNotifyPrivilege );
printf(" Lookup SeRemoteShutdownPrivilege\n"); TestLookupPrivilegeValueW( &SeRemoteShutdownPrivilege ); TestLookupPrivilegeValueA( &SeRemoteShutdownPrivilege );
printf("\n\n\n"); return;}
VOIDTestLookupPrivilegeName(){ /////////////////////////////////////////////////////////////////////////
// //
// LookupPrivilegeName Tests //
// //
/////////////////////////////////////////////////////////////////////////
printf("\n\n\n"); printf(" Privilege Name Lookup . . . . . . . . . . . . suite\n");
printf(" Lookup SeCreateTokenPrivilege\n"); TestLookupPrivilegeNameW( &SeCreateTokenPrivilege ); TestLookupPrivilegeNameA( &SeCreateTokenPrivilege );
printf(" Lookup SeAssignPrimaryTokenPrivilege\n"); TestLookupPrivilegeNameW( &SeAssignPrimaryTokenPrivilege ); TestLookupPrivilegeNameA( &SeAssignPrimaryTokenPrivilege );
printf(" Lookup SeLockMemoryPrivilege\n"); TestLookupPrivilegeNameW( &SeLockMemoryPrivilege ); TestLookupPrivilegeNameA( &SeLockMemoryPrivilege );
printf(" Lookup SeIncreaseQuotaPrivilege\n"); TestLookupPrivilegeNameW( &SeIncreaseQuotaPrivilege ); TestLookupPrivilegeNameA( &SeIncreaseQuotaPrivilege );
printf(" Lookup SeUnsolicitedInputPrivilege\n"); TestLookupPrivilegeNameW( &SeUnsolicitedInputPrivilege ); TestLookupPrivilegeNameA( &SeUnsolicitedInputPrivilege );
printf(" Lookup SeTcbPrivilege\n"); TestLookupPrivilegeNameW( &SeTcbPrivilege ); TestLookupPrivilegeNameA( &SeTcbPrivilege );
printf(" Lookup SeSecurityPrivilege\n"); TestLookupPrivilegeNameW( &SeSecurityPrivilege ); TestLookupPrivilegeNameA( &SeSecurityPrivilege );
printf(" Lookup SeTakeOwnershipPrivilege\n"); TestLookupPrivilegeNameW( &SeTakeOwnershipPrivilege ); TestLookupPrivilegeNameA( &SeTakeOwnershipPrivilege );
printf(" Lookup SeLoadDriverPrivilege\n"); TestLookupPrivilegeNameW( &SeLoadDriverPrivilege ); TestLookupPrivilegeNameA( &SeLoadDriverPrivilege );
printf(" Lookup SeCreatePagefilePrivilege\n"); TestLookupPrivilegeNameW( &SeCreatePagefilePrivilege ); TestLookupPrivilegeNameA( &SeCreatePagefilePrivilege );
printf(" Lookup SeIncreaseBasePriorityPrivilege\n"); TestLookupPrivilegeNameW( &SeIncreaseBasePriorityPrivilege ); TestLookupPrivilegeNameA( &SeIncreaseBasePriorityPrivilege );
printf(" Lookup SeSystemProfilePrivilege\n"); TestLookupPrivilegeNameW( &SeSystemProfilePrivilege ); TestLookupPrivilegeNameA( &SeSystemProfilePrivilege );
printf(" Lookup SeSystemtimePrivilege\n"); TestLookupPrivilegeNameW( &SeSystemtimePrivilege ); TestLookupPrivilegeNameA( &SeSystemtimePrivilege );
printf(" Lookup SeProfileSingleProcessPrivilege\n"); TestLookupPrivilegeNameW( &SeProfileSingleProcessPrivilege ); TestLookupPrivilegeNameA( &SeProfileSingleProcessPrivilege );
printf(" Lookup SeCreatePermanentPrivilege\n"); TestLookupPrivilegeNameW( &SeCreatePermanentPrivilege ); TestLookupPrivilegeNameA( &SeCreatePermanentPrivilege );
printf(" Lookup SeBackupPrivilege\n"); TestLookupPrivilegeNameW( &SeBackupPrivilege ); TestLookupPrivilegeNameA( &SeBackupPrivilege );
printf(" Lookup SeRestorePrivilege\n"); TestLookupPrivilegeNameW( &SeRestorePrivilege ); TestLookupPrivilegeNameA( &SeRestorePrivilege );
printf(" Lookup SeShutdownPrivilege\n"); TestLookupPrivilegeNameW( &SeShutdownPrivilege ); TestLookupPrivilegeNameA( &SeShutdownPrivilege );
printf(" Lookup SeDebugPrivilege\n"); TestLookupPrivilegeNameW( &SeDebugPrivilege ); TestLookupPrivilegeNameA( &SeDebugPrivilege );
printf(" Lookup SeAuditPrivilege\n"); TestLookupPrivilegeNameW( &SeAuditPrivilege ); TestLookupPrivilegeNameA( &SeAuditPrivilege );
printf(" Lookup SeSystemEnvironmentPrivilege\n"); TestLookupPrivilegeNameW( &SeSystemEnvironmentPrivilege ); TestLookupPrivilegeNameA( &SeSystemEnvironmentPrivilege );
printf(" Lookup SeChangeNotifyPrivilege\n"); TestLookupPrivilegeNameW( &SeChangeNotifyPrivilege ); TestLookupPrivilegeNameA( &SeChangeNotifyPrivilege );
printf(" Lookup SeRemoteShutdownPrivilege\n"); TestLookupPrivilegeNameW( &SeRemoteShutdownPrivilege ); TestLookupPrivilegeNameA( &SeRemoteShutdownPrivilege );
printf("\n\n\n"); return;}
VOIDTestLookupPrivilegeDisplayName(){ /////////////////////////////////////////////////////////////////////////
// //
// LookupPrivilegeDisplayName Tests //
// //
/////////////////////////////////////////////////////////////////////////
printf(" Privilege Display Name Lookup . . . . . . . . suite\n");
printf(" Lookup SeCreateTokenPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeCreateTokenPrivilege ); TestLookupPrivilegeDisplayNameA( &SeCreateTokenPrivilege );
printf(" Lookup SeAssignPrimaryTokenPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeAssignPrimaryTokenPrivilege ); TestLookupPrivilegeDisplayNameA( &SeAssignPrimaryTokenPrivilege );
printf(" Lookup SeLockMemoryPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeLockMemoryPrivilege ); TestLookupPrivilegeDisplayNameA( &SeLockMemoryPrivilege );
printf(" Lookup SeIncreaseQuotaPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeIncreaseQuotaPrivilege ); TestLookupPrivilegeDisplayNameA( &SeIncreaseQuotaPrivilege );
printf(" Lookup SeUnsolicitedInputPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeUnsolicitedInputPrivilege ); TestLookupPrivilegeDisplayNameA( &SeUnsolicitedInputPrivilege );
printf(" Lookup SeTcbPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeTcbPrivilege ); TestLookupPrivilegeDisplayNameA( &SeTcbPrivilege );
printf(" Lookup SeSecurityPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeSecurityPrivilege ); TestLookupPrivilegeDisplayNameA( &SeSecurityPrivilege );
printf(" Lookup SeTakeOwnershipPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeTakeOwnershipPrivilege ); TestLookupPrivilegeDisplayNameA( &SeTakeOwnershipPrivilege );
printf(" Lookup SeLoadDriverPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeLoadDriverPrivilege ); TestLookupPrivilegeDisplayNameA( &SeLoadDriverPrivilege );
printf(" Lookup SeCreatePagefilePrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeCreatePagefilePrivilege ); TestLookupPrivilegeDisplayNameA( &SeCreatePagefilePrivilege );
printf(" Lookup SeIncreaseBasePriorityPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeIncreaseBasePriorityPrivilege ); TestLookupPrivilegeDisplayNameA( &SeIncreaseBasePriorityPrivilege );
printf(" Lookup SeSystemProfilePrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeSystemProfilePrivilege ); TestLookupPrivilegeDisplayNameA( &SeSystemProfilePrivilege );
printf(" Lookup SeSystemtimePrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeSystemtimePrivilege ); TestLookupPrivilegeDisplayNameA( &SeSystemtimePrivilege );
printf(" Lookup SeProfileSingleProcessPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeProfileSingleProcessPrivilege ); TestLookupPrivilegeDisplayNameA( &SeProfileSingleProcessPrivilege );
printf(" Lookup SeCreatePermanentPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeCreatePermanentPrivilege ); TestLookupPrivilegeDisplayNameA( &SeCreatePermanentPrivilege );
printf(" Lookup SeBackupPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeBackupPrivilege ); TestLookupPrivilegeDisplayNameA( &SeBackupPrivilege );
printf(" Lookup SeRestorePrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeRestorePrivilege ); TestLookupPrivilegeDisplayNameA( &SeRestorePrivilege );
printf(" Lookup SeShutdownPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeShutdownPrivilege ); TestLookupPrivilegeDisplayNameA( &SeShutdownPrivilege );
printf(" Lookup SeDebugPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeDebugPrivilege ); TestLookupPrivilegeDisplayNameA( &SeDebugPrivilege );
printf(" Lookup SeAuditPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeAuditPrivilege ); TestLookupPrivilegeDisplayNameA( &SeAuditPrivilege );
printf(" Lookup SeSystemEnvironmentPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeSystemEnvironmentPrivilege ); TestLookupPrivilegeDisplayNameA( &SeSystemEnvironmentPrivilege );
printf(" Lookup SeChangeNotifyPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeChangeNotifyPrivilege ); TestLookupPrivilegeDisplayNameA( &SeChangeNotifyPrivilege );
printf(" Lookup SeRemoteShutdownPrivilege\n"); TestLookupPrivilegeDisplayNameW( &SeRemoteShutdownPrivilege ); TestLookupPrivilegeDisplayNameA( &SeRemoteShutdownPrivilege );
printf("\n\n\n"); return;}
intmain (void){
initialize();
TestLookupSid();
TestLookupName();
TestLookupPrivilegeName();
TestLookupPrivilegeValue();
TestLookupPrivilegeDisplayName();
return(0);}
|
