mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
463 lines
13 KiB
463 lines
13 KiB
//Copyright (c) 1998 - 1999 Microsoft Corporation
|
|
// c2cfgDlg.cpp : implementation file
|
|
//
|
|
|
|
#include "stdafx.h"
|
|
#include "c2cfg.h"
|
|
#include "c2cfgDlg.h"
|
|
#include "security.h"
|
|
#include <hydra\winsta.h>
|
|
#include <HYDRA\regapi.h>
|
|
#include "..\..\inc\utildll.h"
|
|
|
|
|
|
#ifdef _DEBUG
|
|
#define new DEBUG_NEW
|
|
#undef THIS_FILE
|
|
static char THIS_FILE[] = __FILE__;
|
|
#endif
|
|
|
|
/////////////////////////////////////////////////////////////////////////////
|
|
// CAboutDlg dialog used for App About
|
|
|
|
class CAboutDlg : public CDialog
|
|
{
|
|
public:
|
|
CAboutDlg();
|
|
|
|
// Dialog Data
|
|
//{{AFX_DATA(CAboutDlg)
|
|
enum { IDD = IDD_ABOUTBOX };
|
|
//}}AFX_DATA
|
|
|
|
// ClassWizard generated virtual function overrides
|
|
//{{AFX_VIRTUAL(CAboutDlg)
|
|
protected:
|
|
virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV support
|
|
//}}AFX_VIRTUAL
|
|
|
|
// Implementation
|
|
protected:
|
|
//{{AFX_MSG(CAboutDlg)
|
|
//}}AFX_MSG
|
|
DECLARE_MESSAGE_MAP()
|
|
};
|
|
|
|
CAboutDlg::CAboutDlg() : CDialog(CAboutDlg::IDD)
|
|
{
|
|
//{{AFX_DATA_INIT(CAboutDlg)
|
|
//}}AFX_DATA_INIT
|
|
}
|
|
|
|
void CAboutDlg::DoDataExchange(CDataExchange* pDX)
|
|
{
|
|
CDialog::DoDataExchange(pDX);
|
|
//{{AFX_DATA_MAP(CAboutDlg)
|
|
//}}AFX_DATA_MAP
|
|
}
|
|
|
|
BEGIN_MESSAGE_MAP(CAboutDlg, CDialog)
|
|
//{{AFX_MSG_MAP(CAboutDlg)
|
|
// No message handlers
|
|
//}}AFX_MSG_MAP
|
|
END_MESSAGE_MAP()
|
|
|
|
/////////////////////////////////////////////////////////////////////////////
|
|
// CC2cfgDlg dialog
|
|
|
|
CC2cfgDlg::CC2cfgDlg(CWnd* pParent /*=NULL*/)
|
|
: CDialog(CC2cfgDlg::IDD, pParent)
|
|
{
|
|
//{{AFX_DATA_INIT(CC2cfgDlg)
|
|
//}}AFX_DATA_INIT
|
|
// Note that LoadIcon does not require a subsequent DestroyIcon in Win32
|
|
m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
|
|
}
|
|
|
|
void CC2cfgDlg::DoDataExchange(CDataExchange* pDX)
|
|
{
|
|
CDialog::DoDataExchange(pDX);
|
|
//{{AFX_DATA_MAP(CC2cfgDlg)
|
|
//}}AFX_DATA_MAP
|
|
}
|
|
|
|
BEGIN_MESSAGE_MAP(CC2cfgDlg, CDialog)
|
|
//{{AFX_MSG_MAP(CC2cfgDlg)
|
|
ON_WM_SYSCOMMAND()
|
|
ON_WM_PAINT()
|
|
ON_WM_QUERYDRAGICON()
|
|
ON_BN_CLICKED(ID_HELP, OnHelp)
|
|
//}}AFX_MSG_MAP
|
|
END_MESSAGE_MAP()
|
|
|
|
/////////////////////////////////////////////////////////////////////////////
|
|
// CC2cfgDlg message handlers
|
|
|
|
|
|
BOOL CC2cfgDlg::OnInitDialog()
|
|
{
|
|
WCHAR pwcSecLevel[sizeof("Medium")];
|
|
PWCHAR pwcSecurityPath = SECURITY_REG_NAME;
|
|
PWCHAR pwcSecurity = CTXSECURITY_SECURITYLEVEL;
|
|
ULONG ulSize;
|
|
ULONG ulType;
|
|
CString sErrorString;
|
|
CString sErrorTitle;
|
|
CWnd *wndRButton;
|
|
CString sSecLevelString;
|
|
|
|
CDialog::OnInitDialog();
|
|
|
|
// Add "About..." menu item to system menu.
|
|
|
|
// IDM_ABOUTBOX must be in the system command range.
|
|
ASSERT((IDM_ABOUTBOX & 0xFFF0) == IDM_ABOUTBOX);
|
|
ASSERT(IDM_ABOUTBOX < 0xF000);
|
|
|
|
CMenu* pSysMenu = GetSystemMenu(FALSE);
|
|
CString strAboutMenu;
|
|
strAboutMenu.LoadString(IDS_ABOUTBOX);
|
|
if (!strAboutMenu.IsEmpty())
|
|
{
|
|
pSysMenu->AppendMenu(MF_SEPARATOR);
|
|
pSysMenu->AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu);
|
|
}
|
|
|
|
// Set the icon for this dialog. The framework does this automatically
|
|
// when the application's main window is not a dialog
|
|
SetIcon(m_hIcon, TRUE); // Set big icon
|
|
SetIcon(m_hIcon, FALSE); // Set small icon
|
|
|
|
// TODO: Add extra initialization here
|
|
|
|
if( TestUserForAdmin( TRUE ) != TRUE ) // param TRUE specifies check for domain admin
|
|
{
|
|
if( TestUserForAdmin( FALSE ) != TRUE ) // param FALSE specifies check for local admin
|
|
{ sErrorString.LoadString( IDS_NOT_ADMIN );
|
|
sErrorTitle.LoadString( IDS_C2_ERR );
|
|
MessageBox( sErrorString, sErrorTitle, MB_OK | MB_ICONEXCLAMATION );
|
|
DestroyWindow();
|
|
return FALSE;
|
|
}
|
|
}
|
|
|
|
if( RegOpenKeyExW( HKEY_LOCAL_MACHINE, pwcSecurityPath,0,KEY_ALL_ACCESS,&hKey ) )
|
|
{
|
|
//error message box
|
|
sErrorString.LoadString( IDS_ERR_REG );
|
|
sErrorTitle.LoadString( IDS_C2_ERR );
|
|
MessageBox( sErrorString, sErrorTitle,MB_OK );
|
|
DestroyWindow();
|
|
return FALSE;
|
|
}
|
|
|
|
if( RegQueryValueExW( hKey,pwcSecurity,0,&ulType,(LPBYTE)pwcSecLevel,&ulSize) )
|
|
{
|
|
//error message box
|
|
sErrorString.LoadString( IDS_ERR_REG );
|
|
sErrorTitle.LoadString( IDS_C2_ERR );
|
|
MessageBox( sErrorString, sErrorTitle,MB_OK );
|
|
RegCloseKey( hKey );
|
|
DestroyWindow();
|
|
return FALSE;
|
|
}
|
|
|
|
if( wcscmp( pwcSecLevel,L"Default")== 0 )
|
|
{
|
|
CheckRadioButton( IDC_HIGH, IDC_LOW, IDC_LOW );
|
|
sSecLevelString.LoadString( IDS_TEXT_DEFAULT );
|
|
}
|
|
else if( wcscmp( pwcSecLevel,L"Low")== 0 )
|
|
{
|
|
CheckRadioButton( IDC_HIGH, IDC_LOW, IDC_LOW );
|
|
sSecLevelString.LoadString( IDS_TEXT_LOW );
|
|
}
|
|
else if( wcscmp( pwcSecLevel,L"Medium")== 0 )
|
|
{
|
|
CheckRadioButton( IDC_HIGH, IDC_LOW, IDC_MED );
|
|
sSecLevelString.LoadString( IDS_TEXT_MED );
|
|
// disable low button
|
|
wndRButton = GetDlgItem( IDC_LOW );
|
|
wndRButton->EnableWindow( FALSE );
|
|
}
|
|
else
|
|
{
|
|
CheckRadioButton( IDC_HIGH, IDC_LOW, IDC_HIGH );
|
|
sSecLevelString.LoadString( IDS_TEXT_HIGH );
|
|
//disable other two buttons
|
|
wndRButton = GetDlgItem( IDC_MED );
|
|
wndRButton->EnableWindow( FALSE );
|
|
wndRButton = GetDlgItem( IDC_LOW );
|
|
wndRButton->EnableWindow( FALSE );
|
|
|
|
}
|
|
SetDlgItemText( IDC_STATUS, sSecLevelString );
|
|
return TRUE; // return TRUE unless you set the focus to a control
|
|
}
|
|
|
|
void CC2cfgDlg::OnSysCommand(UINT nID, LPARAM lParam)
|
|
{
|
|
if ((nID & 0xFFF0) == IDM_ABOUTBOX)
|
|
{
|
|
CAboutDlg dlgAbout;
|
|
dlgAbout.DoModal();
|
|
}
|
|
else
|
|
{
|
|
CDialog::OnSysCommand(nID, lParam);
|
|
}
|
|
}
|
|
|
|
// If you add a minimize button to your dialog, you will need the code below
|
|
// to draw the icon. For MFC applications using the document/view model,
|
|
// this is automatically done for you by the framework.
|
|
|
|
void CC2cfgDlg::OnPaint()
|
|
{
|
|
if (IsIconic())
|
|
{
|
|
CPaintDC dc(this); // device context for painting
|
|
|
|
SendMessage(WM_ICONERASEBKGND, (WPARAM) dc.GetSafeHdc(), 0);
|
|
|
|
// Center icon in client rectangle
|
|
int cxIcon = GetSystemMetrics(SM_CXICON);
|
|
int cyIcon = GetSystemMetrics(SM_CYICON);
|
|
CRect rect;
|
|
GetClientRect(&rect);
|
|
int x = (rect.Width() - cxIcon + 1) / 2;
|
|
int y = (rect.Height() - cyIcon + 1) / 2;
|
|
|
|
// Draw the icon
|
|
dc.DrawIcon(x, y, m_hIcon);
|
|
}
|
|
else
|
|
{
|
|
CDialog::OnPaint();
|
|
}
|
|
}
|
|
|
|
// The system calls this to obtain the cursor to display while the user drags
|
|
// the minimized window.
|
|
HCURSOR CC2cfgDlg::OnQueryDragIcon()
|
|
{
|
|
return (HCURSOR) m_hIcon;
|
|
}
|
|
|
|
HKEY g_RegEventKey;
|
|
|
|
void CC2cfgDlg::OnOK()
|
|
{
|
|
// TODO: Add extra validation here
|
|
WCHAR pwcPath[MAX_PATH];
|
|
WCHAR pwc_src[MAX_PATH];
|
|
WCHAR pwc_dest[MAX_PATH];
|
|
WCHAR pwcNTF_file[20];
|
|
WCHAR pwcREG_file[20];
|
|
WCHAR C2CONFIG[] = L"c2config";
|
|
|
|
WCHAR pwcSecLevel[sizeof("Medium")];
|
|
ULONG ulSize;
|
|
PWCHAR pwcSecurity = CTXSECURITY_SECURITYLEVEL;
|
|
WCHAR szDir[MAX_PATH];
|
|
CString sErrorString;
|
|
CString sErrorTitle;
|
|
CString sMessage;
|
|
CString sMessageTitle;
|
|
|
|
DWORD idRegSecCheck,
|
|
idDirSecCheck;
|
|
/************
|
|
Structures containing event handles to wait on and boolean variable
|
|
to set when event occurs
|
|
**************/
|
|
EVENT_CHECK_TYPE DirectoryEventCheck,
|
|
RegistryEventCheck;
|
|
BOOLEAN PosixDeleted = FALSE;
|
|
BOOLEAN OS2Deleted = FALSE;
|
|
WCHAR szBuffer[MAX_PATH];
|
|
WCHAR szFileName[MAX_PATH];
|
|
PWCHAR pwc;
|
|
|
|
STARTUPINFOW StartUpInfo;
|
|
PROCESS_INFORMATION ProcessInfo;
|
|
|
|
|
|
if( IsDlgButtonChecked(IDC_HIGH) )
|
|
{
|
|
wcscpy( pwcNTF_file, L"\\c2ntfhi.inf" );
|
|
wcscpy( pwcREG_file, L"\\c2reghi.inf" );
|
|
wcscpy( pwcSecLevel, L"High");
|
|
}
|
|
else if( IsDlgButtonChecked(IDC_MED) )
|
|
{
|
|
wcscpy( pwcNTF_file, L"\\c2ntfmed.inf" );
|
|
wcscpy( pwcREG_file, L"\\c2regmed.inf" );
|
|
wcscpy( pwcSecLevel, L"Medium" );
|
|
}
|
|
else
|
|
{
|
|
// low
|
|
wcscpy( pwcNTF_file, L"\\c2ntflow.inf" );
|
|
wcscpy( pwcREG_file, L"\\c2reglow.inf" );
|
|
wcscpy( pwcSecLevel, L"Low");
|
|
}
|
|
|
|
/*************************************************************************************
|
|
What I'm trying to do: C2config.exe takes in the files c2regacl.inf (registry)
|
|
and c2ntfacl.inf( file system ). These files are scripts to set the ACL's on the
|
|
registry and file system . There a 3 different
|
|
flavors of each of these files. One each for LOW, MEDIUM, and HIGH c2 security. I
|
|
simply select a file based on the security level selected and then copy it to the
|
|
the generic name c2regacl.inf or c2ntfacl.inf.
|
|
|
|
The user must still run 2 functions in c2config.exe to use these inf files. After
|
|
c2config.exe runs I do a check to see if they were run.
|
|
*************************************************************************************/
|
|
GetSystemDirectoryW( pwcPath, MAX_PATH );
|
|
wcscpy( pwc_src, pwcPath );
|
|
wcscat( pwc_src, pwcNTF_file );
|
|
wcscpy( pwc_dest, pwcPath );
|
|
wcscat( pwc_dest, L"\\c2ntfacl.inf" );
|
|
|
|
|
|
if( !CopyFileW(pwc_src, pwc_dest, FALSE) )
|
|
{
|
|
//error message box
|
|
sErrorString.Format( IDS_ERR_NO_FILE, pwcNTF_file+1 );
|
|
sErrorTitle.LoadString( IDS_C2_ERR );
|
|
MessageBox( sErrorString, sErrorTitle,MB_OK );
|
|
RegCloseKey( hKey );
|
|
CDialog::OnOK();
|
|
return;
|
|
}
|
|
|
|
*pwc_src = *pwc_dest = L'\0';
|
|
wcscpy( pwc_src, pwcPath );
|
|
wcscat( pwc_src, pwcREG_file );
|
|
wcscpy( pwc_dest, pwcPath );
|
|
wcscat( pwc_dest, L"\\c2regacl.inf" );
|
|
|
|
if( !CopyFileW(pwc_src, pwc_dest, FALSE) )
|
|
{
|
|
//send an error box out
|
|
sErrorString.Format( IDS_ERR_NO_FILE, pwcREG_file+1 );
|
|
sErrorTitle.LoadString( IDS_C2_ERR );
|
|
MessageBox( sErrorString, sErrorTitle,MB_OK );
|
|
RegCloseKey( hKey );
|
|
CDialog::OnOK();
|
|
return;
|
|
}
|
|
|
|
|
|
memset( &StartUpInfo,'\0', sizeof(STARTUPINFO) );
|
|
StartUpInfo.cb = sizeof(STARTUPINFO);
|
|
StartUpInfo.wShowWindow = SW_SHOWDEFAULT;
|
|
|
|
/*****************************************************************************
|
|
These threads are started to check if c2config is run correctly -- changing
|
|
the security ACL's on the registry and specified files. Theses threads are
|
|
passed an event handle and a boolean variable. If the security they are
|
|
looking at is changed, the event is triggered and the bolean variable is set.
|
|
*****************************************************************************/
|
|
|
|
RegistryEventCheck.handle = CreateEvent( NULL, FALSE, FALSE, NULL );
|
|
RegistryEventCheck.bEventTriggered = FALSE;
|
|
|
|
if( RegistryEventCheck.handle != NULL )
|
|
{
|
|
CreateThread( NULL,
|
|
0,
|
|
(LPTHREAD_START_ROUTINE)RegistrySecurityCheck,
|
|
&RegistryEventCheck,
|
|
0,
|
|
&idRegSecCheck
|
|
);
|
|
}
|
|
|
|
|
|
/* I only want to keep the drive letter info part of the system directory */
|
|
GetSystemDirectoryW( szDir, MAX_PATH );
|
|
szDir[3] = L'\0';
|
|
|
|
DirectoryEventCheck.handle = FindFirstChangeNotificationW( szDir,
|
|
TRUE,
|
|
FILE_NOTIFY_CHANGE_SECURITY );
|
|
DirectoryEventCheck.bEventTriggered = FALSE;
|
|
|
|
if( DirectoryEventCheck.handle != INVALID_HANDLE_VALUE )
|
|
{
|
|
CreateThread( NULL,
|
|
0,
|
|
(LPTHREAD_START_ROUTINE)DirectorySecurityCheck,
|
|
&DirectoryEventCheck,
|
|
0,
|
|
&idDirSecCheck
|
|
);
|
|
}
|
|
|
|
/******* Run C2config and then I'll check to see what the user did **************/
|
|
CreateProcessW(NULL, C2CONFIG, NULL, NULL, FALSE, 0, NULL, NULL, &StartUpInfo, &ProcessInfo );
|
|
|
|
WaitForSingleObject( ProcessInfo.hProcess, INFINITE );
|
|
|
|
/********************************************************************
|
|
I can't guarentee that the created threads ever stop waiting for an
|
|
event. So they would not always be able to close there handles. So
|
|
I do it here.
|
|
***********************************************************************/
|
|
RegCloseKey( g_RegEventKey );
|
|
CloseHandle( RegistryEventCheck.handle );
|
|
FindCloseChangeNotification( DirectoryEventCheck.handle );
|
|
|
|
/**********************************************************************
|
|
Both the Registry and the Directory Security levels must be set, or
|
|
I do not record the change in the directory.
|
|
**********************************************************************/
|
|
wcscpy( szFileName, L"psxss.exe" );
|
|
if( SearchPathW( NULL, szFileName, NULL, MAX_PATH, szBuffer, &pwc ) == 0 )
|
|
PosixDeleted = TRUE;
|
|
|
|
wcscpy( szFileName, L"os2.exe" );
|
|
if( SearchPathW( NULL, szFileName, NULL, MAX_PATH, szBuffer, &pwc ) == 0 )
|
|
OS2Deleted = TRUE;
|
|
|
|
|
|
if( (RegistryEventCheck.bEventTriggered == TRUE) &&
|
|
(DirectoryEventCheck.bEventTriggered == TRUE) &&
|
|
(PosixDeleted == TRUE) &&
|
|
(OS2Deleted == TRUE)
|
|
)
|
|
{
|
|
ulSize = ( wcslen(pwcSecLevel) + 1 ) * sizeof(WCHAR);
|
|
RegSetValueExW( hKey,pwcSecurity,0,REG_SZ,(LPBYTE)pwcSecLevel,ulSize );
|
|
|
|
sMessage.Format( IDS_SUCCESS_FM, pwcSecLevel );
|
|
sMessageTitle.LoadString( IDS_C2 );
|
|
MessageBox( sMessage, sMessageTitle, MB_OK );
|
|
}
|
|
else
|
|
{
|
|
sMessage.LoadString( IDS_FAIL );
|
|
sMessageTitle.LoadString( IDS_C2 );
|
|
MessageBox( sMessage, sMessageTitle,MB_OK );
|
|
}
|
|
|
|
RegCloseKey( hKey );
|
|
|
|
CDialog::OnOK();
|
|
}
|
|
|
|
void CC2cfgDlg::WinHelp(DWORD dwData, UINT nCmd)
|
|
{
|
|
// TODO: Add your specialized code here and/or call the base class
|
|
|
|
CDialog::WinHelp(dwData, nCmd);
|
|
}
|
|
|
|
|
|
void CC2cfgDlg::OnHelp()
|
|
{
|
|
// TODO: Add your control notification handler code here
|
|
WinHelp(0, HELP_CONTENTS);
|
|
}
|