win32-security 0.3.1 → 0.3.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/CHANGES +63 -57
- data/MANIFEST +11 -9
- data/README +53 -53
- data/Rakefile +58 -61
- data/certs/djberg96_pub.pem +21 -0
- data/lib/win32-security.rb +1 -0
- data/lib/win32/security.rb +91 -91
- data/lib/win32/security/ace.rb +75 -75
- data/lib/win32/security/acl.rb +224 -224
- data/lib/win32/security/sid.rb +394 -394
- data/lib/win32/security/windows/constants.rb +184 -184
- data/lib/win32/security/windows/functions.rb +116 -116
- data/lib/win32/security/windows/structs.rb +94 -94
- data/test/test_ace.rb +48 -48
- data/test/test_acl.rb +101 -101
- data/test/test_security.rb +23 -23
- data/test/test_sid.rb +142 -142
- data/win32-security.gemspec +28 -27
- metadata +48 -18
- metadata.gz.sig +0 -0
|
@@ -1,184 +1,184 @@
|
|
|
1
|
-
module Windows
|
|
2
|
-
module Security
|
|
3
|
-
module Constants
|
|
4
|
-
private
|
|
5
|
-
|
|
6
|
-
TOKEN_QUERY = 8
|
|
7
|
-
ERROR_NO_TOKEN = 1008
|
|
8
|
-
MAXDWORD = 0xFFFFFFFF
|
|
9
|
-
|
|
10
|
-
# ACL Revisions
|
|
11
|
-
|
|
12
|
-
ACL_REVISION1 = 1
|
|
13
|
-
ACL_REVISION = 2
|
|
14
|
-
ACL_REVISION2 = 2
|
|
15
|
-
ACL_REVISION3 = 3
|
|
16
|
-
ACL_REVISION4 = 4
|
|
17
|
-
|
|
18
|
-
# ACL Information Classes
|
|
19
|
-
|
|
20
|
-
AclRevisionInformation = 1
|
|
21
|
-
AclSizeInformation = 2
|
|
22
|
-
|
|
23
|
-
# Identifier Authorities
|
|
24
|
-
|
|
25
|
-
SECURITY_NULL_SID_AUTHORITY = 0
|
|
26
|
-
SECURITY_WORLD_SID_AUTHORITY = 1
|
|
27
|
-
SECURITY_LOCAL_SID_AUTHORITY = 2
|
|
28
|
-
SECURITY_CREATOR_SID_AUTHORITY = 3
|
|
29
|
-
SECURITY_NON_UNIQUE_AUTHORITY = 4
|
|
30
|
-
SECURITY_NT_AUTHORITY = 5
|
|
31
|
-
SECURITY_RESOURCE_MANAGER_AUTHORITY = 9
|
|
32
|
-
|
|
33
|
-
# Subauthorities
|
|
34
|
-
|
|
35
|
-
SECURITY_NULL_RID = 0x00000000
|
|
36
|
-
SECURITY_WORLD_RID = 0x00000000
|
|
37
|
-
SECURITY_LOCAL_RID = 0x00000000
|
|
38
|
-
SECURITY_CREATOR_OWNER_RID = 0x00000000
|
|
39
|
-
SECURITY_CREATOR_GROUP_RID = 0x00000001
|
|
40
|
-
SECURITY_CREATOR_OWNER_SERVER_RID = 0x00000002
|
|
41
|
-
SECURITY_CREATOR_GROUP_SERVER_RID = 0x00000003
|
|
42
|
-
SECURITY_DIALUP_RID = 0x00000001
|
|
43
|
-
SECURITY_NETWORK_RID = 0x00000002
|
|
44
|
-
SECURITY_BATCH_RID = 0x00000003
|
|
45
|
-
SECURITY_INTERACTIVE_RID = 0x00000004
|
|
46
|
-
SECURITY_LOGON_IDS_RID = 0x00000005
|
|
47
|
-
SECURITY_LOGON_IDS_RID_COUNT = 3
|
|
48
|
-
SECURITY_SERVICE_RID = 0x00000006
|
|
49
|
-
SECURITY_ANONYMOUS_LOGON_RID = 0x00000007
|
|
50
|
-
SECURITY_PROXY_RID = 0x00000008
|
|
51
|
-
|
|
52
|
-
SECURITY_ENTERPRISE_CONTROLLERS_RID = 0x00000009
|
|
53
|
-
SECURITY_SERVER_LOGON_RID = SECURITY_ENTERPRISE_CONTROLLERS_RID
|
|
54
|
-
SECURITY_PRINCIPAL_SELF_RID = 0x0000000A
|
|
55
|
-
SECURITY_AUTHENTICATED_USER_RID = 0x0000000B
|
|
56
|
-
SECURITY_RESTRICTED_CODE_RID = 0x0000000C
|
|
57
|
-
SECURITY_TERMINAL_SERVER_RID = 0x0000000D
|
|
58
|
-
SECURITY_REMOTE_LOGON_RID = 0x0000000E
|
|
59
|
-
SECURITY_THIS_ORGANIZATION_RID = 0x0000000F
|
|
60
|
-
SECURITY_LOCAL_SYSTEM_RID = 0x00000012
|
|
61
|
-
SECURITY_LOCAL_SERVICE_RID = 0x00000013
|
|
62
|
-
SECURITY_NETWORK_SERVICE_RID = 0x00000014
|
|
63
|
-
SECURITY_NT_NON_UNIQUE = 0x00000015
|
|
64
|
-
SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT = 3
|
|
65
|
-
|
|
66
|
-
SECURITY_BUILTIN_DOMAIN_RID = 0x00000020
|
|
67
|
-
SECURITY_PACKAGE_BASE_RID = 0x00000040
|
|
68
|
-
SECURITY_PACKAGE_RID_COUNT = 2
|
|
69
|
-
SECURITY_PACKAGE_NTLM_RID = 0x0000000A
|
|
70
|
-
SECURITY_PACKAGE_SCHANNEL_RID = 0x0000000E
|
|
71
|
-
SECURITY_PACKAGE_DIGEST_RID = 0x00000015
|
|
72
|
-
SECURITY_MAX_ALWAYS_FILTERED = 0x000003E7
|
|
73
|
-
SECURITY_MIN_NEVER_FILTERED = 0x000003E8
|
|
74
|
-
|
|
75
|
-
SECURITY_OTHER_ORGANIZATION_RID = 0x000003E8
|
|
76
|
-
FOREST_USER_RID_MAX = 0x000001F3
|
|
77
|
-
DOMAIN_USER_RID_ADMIN = 0x000001F4
|
|
78
|
-
DOMAIN_USER_RID_GUEST = 0x000001F5
|
|
79
|
-
DOMAIN_USER_RID_KRBTGT = 0x000001F6
|
|
80
|
-
DOMAIN_USER_RID_MAX = 0x000003E7
|
|
81
|
-
DOMAIN_GROUP_RID_ADMINS = 0x00000200
|
|
82
|
-
DOMAIN_GROUP_RID_USERS = 0x00000201
|
|
83
|
-
DOMAIN_GROUP_RID_GUESTS = 0x00000202
|
|
84
|
-
DOMAIN_GROUP_RID_COMPUTERS = 0x00000203
|
|
85
|
-
DOMAIN_GROUP_RID_CONTROLLERS = 0x00000204
|
|
86
|
-
DOMAIN_GROUP_RID_CERT_ADMINS = 0x00000205
|
|
87
|
-
DOMAIN_GROUP_RID_SCHEMA_ADMINS = 0x00000206
|
|
88
|
-
DOMAIN_GROUP_RID_ENTERPRISE_ADMINS = 0x00000207
|
|
89
|
-
DOMAIN_GROUP_RID_POLICY_ADMINS = 0x00000208
|
|
90
|
-
DOMAIN_ALIAS_RID_ADMINS = 0x00000220
|
|
91
|
-
DOMAIN_ALIAS_RID_USERS = 0x00000221
|
|
92
|
-
DOMAIN_ALIAS_RID_GUESTS = 0x00000222
|
|
93
|
-
DOMAIN_ALIAS_RID_POWER_USERS = 0x00000223
|
|
94
|
-
DOMAIN_ALIAS_RID_ACCOUNT_OPS = 0x00000224
|
|
95
|
-
DOMAIN_ALIAS_RID_SYSTEM_OPS = 0x00000225
|
|
96
|
-
DOMAIN_ALIAS_RID_PRINT_OPS = 0x00000226
|
|
97
|
-
DOMAIN_ALIAS_RID_BACKUP_OPS = 0x00000227
|
|
98
|
-
DOMAIN_ALIAS_RID_REPLICATOR = 0x00000228
|
|
99
|
-
DOMAIN_ALIAS_RID_RAS_SERVERS = 0x00000229
|
|
100
|
-
|
|
101
|
-
DOMAIN_ALIAS_RID_PREW2KCOMPACCESS = 0x0000022A
|
|
102
|
-
DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS = 0x0000022B
|
|
103
|
-
DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS = 0x0000022C
|
|
104
|
-
DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS = 0x0000022D
|
|
105
|
-
DOMAIN_ALIAS_RID_MONITORING_USERS = 0x0000022E
|
|
106
|
-
DOMAIN_ALIAS_RID_LOGGING_USERS = 0x0000022F
|
|
107
|
-
DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS = 0x00000230
|
|
108
|
-
DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS = 0x00000231
|
|
109
|
-
DOMAIN_ALIAS_RID_DCOM_USERS = 0x00000232
|
|
110
|
-
|
|
111
|
-
# SID types
|
|
112
|
-
|
|
113
|
-
SidTypeUser = 1
|
|
114
|
-
SidTypeGroup = 2
|
|
115
|
-
SidTypeDomain = 3
|
|
116
|
-
SidTypeAlias = 4
|
|
117
|
-
SidTypeWellKnownGroup = 5
|
|
118
|
-
SidTypeDeletedAccount = 6
|
|
119
|
-
SidTypeInvalid = 7
|
|
120
|
-
SidTypeUnknown = 8
|
|
121
|
-
SidTypeComputer = 9
|
|
122
|
-
|
|
123
|
-
# SDDL version information
|
|
124
|
-
|
|
125
|
-
SDDL_REVISION_1 = 1
|
|
126
|
-
|
|
127
|
-
# ACE flags
|
|
128
|
-
|
|
129
|
-
OBJECT_INHERIT_ACE = 0x1
|
|
130
|
-
CONTAINER_INHERIT_ACE = 0x2
|
|
131
|
-
NO_PROPAGATE_INHERIT_ACE = 0x4
|
|
132
|
-
INHERIT_ONLY_ACE = 0x8
|
|
133
|
-
INHERITED_ACE = 0x10
|
|
134
|
-
|
|
135
|
-
# ACE Types
|
|
136
|
-
|
|
137
|
-
ACCESS_MIN_MS_ACE_TYPE = 0x0
|
|
138
|
-
ACCESS_ALLOWED_ACE_TYPE = 0x0
|
|
139
|
-
ACCESS_DENIED_ACE_TYPE = 0x1
|
|
140
|
-
SYSTEM_AUDIT_ACE_TYPE = 0x2
|
|
141
|
-
SYSTEM_ALARM_ACE_TYPE = 0x3
|
|
142
|
-
ACCESS_MAX_MS_V2_ACE_TYPE = 0x3
|
|
143
|
-
ACCESS_ALLOWED_COMPOUND_ACE_TYPE = 0x4
|
|
144
|
-
ACCESS_MAX_MS_V3_ACE_TYPE = 0x4
|
|
145
|
-
ACCESS_MIN_MS_OBJECT_ACE_TYPE = 0x5
|
|
146
|
-
ACCESS_ALLOWED_OBJECT_ACE_TYPE = 0x5
|
|
147
|
-
ACCESS_DENIED_OBJECT_ACE_TYPE = 0x6
|
|
148
|
-
SYSTEM_AUDIT_OBJECT_ACE_TYPE = 0x7
|
|
149
|
-
SYSTEM_ALARM_OBJECT_ACE_TYPE = 0x8
|
|
150
|
-
ACCESS_MAX_MS_OBJECT_ACE_TYPE = 0x8
|
|
151
|
-
ACCESS_MAX_MS_V4_ACE_TYPE = 0x8
|
|
152
|
-
ACCESS_MAX_MS_ACE_TYPE = 0x8
|
|
153
|
-
ACCESS_ALLOWED_CALLBACK_ACE_TYPE = 0x9
|
|
154
|
-
ACCESS_DENIED_CALLBACK_ACE_TYPE = 0xA
|
|
155
|
-
ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE = 0xB
|
|
156
|
-
ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE = 0xC
|
|
157
|
-
SYSTEM_AUDIT_CALLBACK_ACE_TYPE = 0xD
|
|
158
|
-
SYSTEM_ALARM_CALLBACK_ACE_TYPE = 0xE
|
|
159
|
-
SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE = 0xF
|
|
160
|
-
SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE = 0x10
|
|
161
|
-
ACCESS_MAX_MS_V5_ACE_TYPE = 0x10
|
|
162
|
-
|
|
163
|
-
# Standard Access Rights
|
|
164
|
-
|
|
165
|
-
DELETE = 0x00010000
|
|
166
|
-
READ_CONTROL = 0x20000
|
|
167
|
-
WRITE_DAC = 0x40000
|
|
168
|
-
WRITE_OWNER = 0x80000
|
|
169
|
-
SYNCHRONIZE = 0x100000
|
|
170
|
-
STANDARD_RIGHTS_REQUIRED = 0xf0000
|
|
171
|
-
STANDARD_RIGHTS_READ = 0x20000
|
|
172
|
-
STANDARD_RIGHTS_WRITE = 0x20000
|
|
173
|
-
STANDARD_RIGHTS_EXECUTE = 0x20000
|
|
174
|
-
STANDARD_RIGHTS_ALL = 0x1F0000
|
|
175
|
-
SPECIFIC_RIGHTS_ALL = 0xFFFF
|
|
176
|
-
ACCESS_SYSTEM_SECURITY = 0x1000000
|
|
177
|
-
MAXIMUM_ALLOWED = 0x2000000
|
|
178
|
-
GENERIC_READ = 0x80000000
|
|
179
|
-
GENERIC_WRITE = 0x40000000
|
|
180
|
-
GENERIC_EXECUTE = 0x20000000
|
|
181
|
-
GENERIC_ALL = 0x10000000
|
|
182
|
-
end
|
|
183
|
-
end
|
|
184
|
-
end
|
|
1
|
+
module Windows
|
|
2
|
+
module Security
|
|
3
|
+
module Constants
|
|
4
|
+
private
|
|
5
|
+
|
|
6
|
+
TOKEN_QUERY = 8
|
|
7
|
+
ERROR_NO_TOKEN = 1008
|
|
8
|
+
MAXDWORD = 0xFFFFFFFF
|
|
9
|
+
|
|
10
|
+
# ACL Revisions
|
|
11
|
+
|
|
12
|
+
ACL_REVISION1 = 1
|
|
13
|
+
ACL_REVISION = 2
|
|
14
|
+
ACL_REVISION2 = 2
|
|
15
|
+
ACL_REVISION3 = 3
|
|
16
|
+
ACL_REVISION4 = 4
|
|
17
|
+
|
|
18
|
+
# ACL Information Classes
|
|
19
|
+
|
|
20
|
+
AclRevisionInformation = 1
|
|
21
|
+
AclSizeInformation = 2
|
|
22
|
+
|
|
23
|
+
# Identifier Authorities
|
|
24
|
+
|
|
25
|
+
SECURITY_NULL_SID_AUTHORITY = 0
|
|
26
|
+
SECURITY_WORLD_SID_AUTHORITY = 1
|
|
27
|
+
SECURITY_LOCAL_SID_AUTHORITY = 2
|
|
28
|
+
SECURITY_CREATOR_SID_AUTHORITY = 3
|
|
29
|
+
SECURITY_NON_UNIQUE_AUTHORITY = 4
|
|
30
|
+
SECURITY_NT_AUTHORITY = 5
|
|
31
|
+
SECURITY_RESOURCE_MANAGER_AUTHORITY = 9
|
|
32
|
+
|
|
33
|
+
# Subauthorities
|
|
34
|
+
|
|
35
|
+
SECURITY_NULL_RID = 0x00000000
|
|
36
|
+
SECURITY_WORLD_RID = 0x00000000
|
|
37
|
+
SECURITY_LOCAL_RID = 0x00000000
|
|
38
|
+
SECURITY_CREATOR_OWNER_RID = 0x00000000
|
|
39
|
+
SECURITY_CREATOR_GROUP_RID = 0x00000001
|
|
40
|
+
SECURITY_CREATOR_OWNER_SERVER_RID = 0x00000002
|
|
41
|
+
SECURITY_CREATOR_GROUP_SERVER_RID = 0x00000003
|
|
42
|
+
SECURITY_DIALUP_RID = 0x00000001
|
|
43
|
+
SECURITY_NETWORK_RID = 0x00000002
|
|
44
|
+
SECURITY_BATCH_RID = 0x00000003
|
|
45
|
+
SECURITY_INTERACTIVE_RID = 0x00000004
|
|
46
|
+
SECURITY_LOGON_IDS_RID = 0x00000005
|
|
47
|
+
SECURITY_LOGON_IDS_RID_COUNT = 3
|
|
48
|
+
SECURITY_SERVICE_RID = 0x00000006
|
|
49
|
+
SECURITY_ANONYMOUS_LOGON_RID = 0x00000007
|
|
50
|
+
SECURITY_PROXY_RID = 0x00000008
|
|
51
|
+
|
|
52
|
+
SECURITY_ENTERPRISE_CONTROLLERS_RID = 0x00000009
|
|
53
|
+
SECURITY_SERVER_LOGON_RID = SECURITY_ENTERPRISE_CONTROLLERS_RID
|
|
54
|
+
SECURITY_PRINCIPAL_SELF_RID = 0x0000000A
|
|
55
|
+
SECURITY_AUTHENTICATED_USER_RID = 0x0000000B
|
|
56
|
+
SECURITY_RESTRICTED_CODE_RID = 0x0000000C
|
|
57
|
+
SECURITY_TERMINAL_SERVER_RID = 0x0000000D
|
|
58
|
+
SECURITY_REMOTE_LOGON_RID = 0x0000000E
|
|
59
|
+
SECURITY_THIS_ORGANIZATION_RID = 0x0000000F
|
|
60
|
+
SECURITY_LOCAL_SYSTEM_RID = 0x00000012
|
|
61
|
+
SECURITY_LOCAL_SERVICE_RID = 0x00000013
|
|
62
|
+
SECURITY_NETWORK_SERVICE_RID = 0x00000014
|
|
63
|
+
SECURITY_NT_NON_UNIQUE = 0x00000015
|
|
64
|
+
SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT = 3
|
|
65
|
+
|
|
66
|
+
SECURITY_BUILTIN_DOMAIN_RID = 0x00000020
|
|
67
|
+
SECURITY_PACKAGE_BASE_RID = 0x00000040
|
|
68
|
+
SECURITY_PACKAGE_RID_COUNT = 2
|
|
69
|
+
SECURITY_PACKAGE_NTLM_RID = 0x0000000A
|
|
70
|
+
SECURITY_PACKAGE_SCHANNEL_RID = 0x0000000E
|
|
71
|
+
SECURITY_PACKAGE_DIGEST_RID = 0x00000015
|
|
72
|
+
SECURITY_MAX_ALWAYS_FILTERED = 0x000003E7
|
|
73
|
+
SECURITY_MIN_NEVER_FILTERED = 0x000003E8
|
|
74
|
+
|
|
75
|
+
SECURITY_OTHER_ORGANIZATION_RID = 0x000003E8
|
|
76
|
+
FOREST_USER_RID_MAX = 0x000001F3
|
|
77
|
+
DOMAIN_USER_RID_ADMIN = 0x000001F4
|
|
78
|
+
DOMAIN_USER_RID_GUEST = 0x000001F5
|
|
79
|
+
DOMAIN_USER_RID_KRBTGT = 0x000001F6
|
|
80
|
+
DOMAIN_USER_RID_MAX = 0x000003E7
|
|
81
|
+
DOMAIN_GROUP_RID_ADMINS = 0x00000200
|
|
82
|
+
DOMAIN_GROUP_RID_USERS = 0x00000201
|
|
83
|
+
DOMAIN_GROUP_RID_GUESTS = 0x00000202
|
|
84
|
+
DOMAIN_GROUP_RID_COMPUTERS = 0x00000203
|
|
85
|
+
DOMAIN_GROUP_RID_CONTROLLERS = 0x00000204
|
|
86
|
+
DOMAIN_GROUP_RID_CERT_ADMINS = 0x00000205
|
|
87
|
+
DOMAIN_GROUP_RID_SCHEMA_ADMINS = 0x00000206
|
|
88
|
+
DOMAIN_GROUP_RID_ENTERPRISE_ADMINS = 0x00000207
|
|
89
|
+
DOMAIN_GROUP_RID_POLICY_ADMINS = 0x00000208
|
|
90
|
+
DOMAIN_ALIAS_RID_ADMINS = 0x00000220
|
|
91
|
+
DOMAIN_ALIAS_RID_USERS = 0x00000221
|
|
92
|
+
DOMAIN_ALIAS_RID_GUESTS = 0x00000222
|
|
93
|
+
DOMAIN_ALIAS_RID_POWER_USERS = 0x00000223
|
|
94
|
+
DOMAIN_ALIAS_RID_ACCOUNT_OPS = 0x00000224
|
|
95
|
+
DOMAIN_ALIAS_RID_SYSTEM_OPS = 0x00000225
|
|
96
|
+
DOMAIN_ALIAS_RID_PRINT_OPS = 0x00000226
|
|
97
|
+
DOMAIN_ALIAS_RID_BACKUP_OPS = 0x00000227
|
|
98
|
+
DOMAIN_ALIAS_RID_REPLICATOR = 0x00000228
|
|
99
|
+
DOMAIN_ALIAS_RID_RAS_SERVERS = 0x00000229
|
|
100
|
+
|
|
101
|
+
DOMAIN_ALIAS_RID_PREW2KCOMPACCESS = 0x0000022A
|
|
102
|
+
DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS = 0x0000022B
|
|
103
|
+
DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS = 0x0000022C
|
|
104
|
+
DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS = 0x0000022D
|
|
105
|
+
DOMAIN_ALIAS_RID_MONITORING_USERS = 0x0000022E
|
|
106
|
+
DOMAIN_ALIAS_RID_LOGGING_USERS = 0x0000022F
|
|
107
|
+
DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS = 0x00000230
|
|
108
|
+
DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS = 0x00000231
|
|
109
|
+
DOMAIN_ALIAS_RID_DCOM_USERS = 0x00000232
|
|
110
|
+
|
|
111
|
+
# SID types
|
|
112
|
+
|
|
113
|
+
SidTypeUser = 1
|
|
114
|
+
SidTypeGroup = 2
|
|
115
|
+
SidTypeDomain = 3
|
|
116
|
+
SidTypeAlias = 4
|
|
117
|
+
SidTypeWellKnownGroup = 5
|
|
118
|
+
SidTypeDeletedAccount = 6
|
|
119
|
+
SidTypeInvalid = 7
|
|
120
|
+
SidTypeUnknown = 8
|
|
121
|
+
SidTypeComputer = 9
|
|
122
|
+
|
|
123
|
+
# SDDL version information
|
|
124
|
+
|
|
125
|
+
SDDL_REVISION_1 = 1
|
|
126
|
+
|
|
127
|
+
# ACE flags
|
|
128
|
+
|
|
129
|
+
OBJECT_INHERIT_ACE = 0x1
|
|
130
|
+
CONTAINER_INHERIT_ACE = 0x2
|
|
131
|
+
NO_PROPAGATE_INHERIT_ACE = 0x4
|
|
132
|
+
INHERIT_ONLY_ACE = 0x8
|
|
133
|
+
INHERITED_ACE = 0x10
|
|
134
|
+
|
|
135
|
+
# ACE Types
|
|
136
|
+
|
|
137
|
+
ACCESS_MIN_MS_ACE_TYPE = 0x0
|
|
138
|
+
ACCESS_ALLOWED_ACE_TYPE = 0x0
|
|
139
|
+
ACCESS_DENIED_ACE_TYPE = 0x1
|
|
140
|
+
SYSTEM_AUDIT_ACE_TYPE = 0x2
|
|
141
|
+
SYSTEM_ALARM_ACE_TYPE = 0x3
|
|
142
|
+
ACCESS_MAX_MS_V2_ACE_TYPE = 0x3
|
|
143
|
+
ACCESS_ALLOWED_COMPOUND_ACE_TYPE = 0x4
|
|
144
|
+
ACCESS_MAX_MS_V3_ACE_TYPE = 0x4
|
|
145
|
+
ACCESS_MIN_MS_OBJECT_ACE_TYPE = 0x5
|
|
146
|
+
ACCESS_ALLOWED_OBJECT_ACE_TYPE = 0x5
|
|
147
|
+
ACCESS_DENIED_OBJECT_ACE_TYPE = 0x6
|
|
148
|
+
SYSTEM_AUDIT_OBJECT_ACE_TYPE = 0x7
|
|
149
|
+
SYSTEM_ALARM_OBJECT_ACE_TYPE = 0x8
|
|
150
|
+
ACCESS_MAX_MS_OBJECT_ACE_TYPE = 0x8
|
|
151
|
+
ACCESS_MAX_MS_V4_ACE_TYPE = 0x8
|
|
152
|
+
ACCESS_MAX_MS_ACE_TYPE = 0x8
|
|
153
|
+
ACCESS_ALLOWED_CALLBACK_ACE_TYPE = 0x9
|
|
154
|
+
ACCESS_DENIED_CALLBACK_ACE_TYPE = 0xA
|
|
155
|
+
ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE = 0xB
|
|
156
|
+
ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE = 0xC
|
|
157
|
+
SYSTEM_AUDIT_CALLBACK_ACE_TYPE = 0xD
|
|
158
|
+
SYSTEM_ALARM_CALLBACK_ACE_TYPE = 0xE
|
|
159
|
+
SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE = 0xF
|
|
160
|
+
SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE = 0x10
|
|
161
|
+
ACCESS_MAX_MS_V5_ACE_TYPE = 0x10
|
|
162
|
+
|
|
163
|
+
# Standard Access Rights
|
|
164
|
+
|
|
165
|
+
DELETE = 0x00010000
|
|
166
|
+
READ_CONTROL = 0x20000
|
|
167
|
+
WRITE_DAC = 0x40000
|
|
168
|
+
WRITE_OWNER = 0x80000
|
|
169
|
+
SYNCHRONIZE = 0x100000
|
|
170
|
+
STANDARD_RIGHTS_REQUIRED = 0xf0000
|
|
171
|
+
STANDARD_RIGHTS_READ = 0x20000
|
|
172
|
+
STANDARD_RIGHTS_WRITE = 0x20000
|
|
173
|
+
STANDARD_RIGHTS_EXECUTE = 0x20000
|
|
174
|
+
STANDARD_RIGHTS_ALL = 0x1F0000
|
|
175
|
+
SPECIFIC_RIGHTS_ALL = 0xFFFF
|
|
176
|
+
ACCESS_SYSTEM_SECURITY = 0x1000000
|
|
177
|
+
MAXIMUM_ALLOWED = 0x2000000
|
|
178
|
+
GENERIC_READ = 0x80000000
|
|
179
|
+
GENERIC_WRITE = 0x40000000
|
|
180
|
+
GENERIC_EXECUTE = 0x20000000
|
|
181
|
+
GENERIC_ALL = 0x10000000
|
|
182
|
+
end
|
|
183
|
+
end
|
|
184
|
+
end
|
|
@@ -1,116 +1,116 @@
|
|
|
1
|
-
require 'ffi'
|
|
2
|
-
|
|
3
|
-
module Windows
|
|
4
|
-
module Security
|
|
5
|
-
module Functions
|
|
6
|
-
extend FFI::Library
|
|
7
|
-
|
|
8
|
-
private
|
|
9
|
-
|
|
10
|
-
# Wrapper method for attach_function + private
|
|
11
|
-
def self.attach_pfunc(*args)
|
|
12
|
-
attach_function(*args)
|
|
13
|
-
private args[0]
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
typedef :ulong, :dword
|
|
17
|
-
typedef :pointer, :ptr
|
|
18
|
-
|
|
19
|
-
# Work around a bug in 64-bit JRuby
|
|
20
|
-
if RUBY_PLATFORM == 'java' && ENV_JAVA['sun.arch.data.model'] == '64'
|
|
21
|
-
typedef :ulong_long, :handle
|
|
22
|
-
else
|
|
23
|
-
typedef :uintptr_t, :handle
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
ffi_lib :kernel32
|
|
27
|
-
ffi_convention :stdcall
|
|
28
|
-
|
|
29
|
-
enum :token_info_class, [
|
|
30
|
-
:TokenUser, 1,
|
|
31
|
-
:TokenGroups,
|
|
32
|
-
:TokenPrivileges,
|
|
33
|
-
:TokenOwner,
|
|
34
|
-
:TokenPrimaryGroup,
|
|
35
|
-
:TokenDefaultDacl,
|
|
36
|
-
:TokenSource,
|
|
37
|
-
:TokenType,
|
|
38
|
-
:TokenImpersonationLevel,
|
|
39
|
-
:TokenStatistics,
|
|
40
|
-
:TokenRestrictedSids,
|
|
41
|
-
:TokenSessionId,
|
|
42
|
-
:TokenGroupsAndPrivileges,
|
|
43
|
-
:TokenSessionReference,
|
|
44
|
-
:TokenSandBoxInert,
|
|
45
|
-
:TokenAuditPolicy,
|
|
46
|
-
:TokenOrigin,
|
|
47
|
-
:TokenElevationType,
|
|
48
|
-
:TokenLinkedToken,
|
|
49
|
-
:TokenElevation,
|
|
50
|
-
:TokenHasRestrictions,
|
|
51
|
-
:TokenAccessInformation,
|
|
52
|
-
:TokenVirtualizationAllowed,
|
|
53
|
-
:TokenVirtualizationEnabled,
|
|
54
|
-
:TokenIntegrityLevel,
|
|
55
|
-
:TokenUIAccess,
|
|
56
|
-
:TokenMandatoryPolicy,
|
|
57
|
-
:TokenLogonSid,
|
|
58
|
-
:TokenIsAppContainer,
|
|
59
|
-
:TokenCapabilities,
|
|
60
|
-
:TokenAppContainerSid,
|
|
61
|
-
:TokenAppContainerNumber,
|
|
62
|
-
:TokenUserClaimAttributes,
|
|
63
|
-
:TokenDeviceClaimAttributes,
|
|
64
|
-
:TokenRestrictedUserClaimAttributes,
|
|
65
|
-
:TokenRestrictedDeviceClaimAttributes,
|
|
66
|
-
:TokenDeviceGroups,
|
|
67
|
-
:TokenRestrictedDeviceGroups,
|
|
68
|
-
:TokenSecurityAttributes,
|
|
69
|
-
:TokenIsRestricted,
|
|
70
|
-
:MaxTokenInfoClass
|
|
71
|
-
]
|
|
72
|
-
|
|
73
|
-
attach_pfunc :GetCurrentProcess, [], :handle
|
|
74
|
-
attach_pfunc :GetCurrentThread, [], :handle
|
|
75
|
-
attach_pfunc :GetVersionExA, [:ptr], :bool
|
|
76
|
-
attach_pfunc :GetLastError, [], :dword
|
|
77
|
-
attach_pfunc :CloseHandle, [:dword], :bool
|
|
78
|
-
|
|
79
|
-
ffi_lib :advapi32
|
|
80
|
-
|
|
81
|
-
attach_pfunc :AddAce, [:ptr, :dword, :dword, :ptr, :dword], :bool
|
|
82
|
-
attach_pfunc :AddAccessAllowedAce, [:ptr, :dword, :dword, :ptr], :bool
|
|
83
|
-
attach_pfunc :AddAccessAllowedAceEx, [:ptr, :dword, :dword, :dword, :ptr], :bool
|
|
84
|
-
attach_pfunc :AddAccessDeniedAce, [:ptr, :dword, :dword, :ptr], :bool
|
|
85
|
-
attach_pfunc :AddAccessDeniedAceEx, [:ptr, :dword, :dword, :dword, :ptr], :bool
|
|
86
|
-
attach_pfunc :AllocateAndInitializeSid, [:ptr, :int, :dword, :dword, :dword, :dword, :dword, :dword, :dword, :dword, :ptr], :bool
|
|
87
|
-
attach_pfunc :CheckTokenMembership, [:handle, :ptr, :ptr], :bool
|
|
88
|
-
attach_pfunc :ConvertSidToStringSid, :ConvertSidToStringSidA, [:ptr, :ptr], :bool
|
|
89
|
-
attach_pfunc :ConvertStringSidToSid, :ConvertStringSidToSidA, [:string, :ptr], :bool
|
|
90
|
-
attach_pfunc :DeleteAce, [:ptr, :dword], :bool
|
|
91
|
-
attach_pfunc :EqualSid, [:ptr, :ptr], :bool
|
|
92
|
-
attach_pfunc :FindFirstFreeAce, [:ptr, :ptr], :bool
|
|
93
|
-
attach_pfunc :GetAce, [:ptr, :dword, :ptr], :bool
|
|
94
|
-
attach_pfunc :GetAclInformation, [:ptr, :ptr, :dword, :int], :bool
|
|
95
|
-
attach_pfunc :GetLengthSid, [:ptr], :dword
|
|
96
|
-
attach_pfunc :GetSidLengthRequired, [:uint], :dword
|
|
97
|
-
attach_pfunc :GetSidSubAuthority, [:ptr, :dword], :ptr
|
|
98
|
-
attach_pfunc :GetTokenInformation, [:handle, :token_info_class, :ptr, :dword, :ptr], :bool
|
|
99
|
-
attach_pfunc :InitializeAcl, [:ptr, :dword, :dword], :bool
|
|
100
|
-
attach_pfunc :InitializeSid, [:ptr, :ptr, :uint], :bool
|
|
101
|
-
attach_pfunc :IsValidAcl, [:ptr], :bool
|
|
102
|
-
attach_pfunc :IsValidSid, [:ptr], :bool
|
|
103
|
-
attach_pfunc :IsWellKnownSid, [:ptr, :int], :bool
|
|
104
|
-
attach_pfunc :LookupAccountName, :LookupAccountNameA, [:string, :string, :ptr, :ptr, :ptr, :ptr, :ptr], :bool
|
|
105
|
-
attach_pfunc :LookupAccountSid, :LookupAccountSidA, [:string, :ptr, :ptr, :ptr, :ptr, :ptr, :ptr], :bool
|
|
106
|
-
attach_pfunc :OpenProcessToken, [:handle, :dword, :ptr], :bool
|
|
107
|
-
attach_pfunc :OpenThreadToken, [:handle, :dword, :
|
|
108
|
-
attach_pfunc :SetAclInformation, [:ptr, :ptr, :dword, :int], :bool
|
|
109
|
-
|
|
110
|
-
attach_pfunc :ConvertSecurityDescriptorToStringSecurityDescriptor,
|
|
111
|
-
:ConvertSecurityDescriptorToStringSecurityDescriptorA, [:ptr, :dword, :dword, :ptr, :ptr], :bool
|
|
112
|
-
attach_pfunc :ConvertStringSecurityDescriptorToSecurityDescriptor,
|
|
113
|
-
:ConvertStringSecurityDescriptorToSecurityDescriptorA, [:string, :dword, :ptr, :ptr], :bool
|
|
114
|
-
end
|
|
115
|
-
end
|
|
116
|
-
end
|
|
1
|
+
require 'ffi'
|
|
2
|
+
|
|
3
|
+
module Windows
|
|
4
|
+
module Security
|
|
5
|
+
module Functions
|
|
6
|
+
extend FFI::Library
|
|
7
|
+
|
|
8
|
+
private
|
|
9
|
+
|
|
10
|
+
# Wrapper method for attach_function + private
|
|
11
|
+
def self.attach_pfunc(*args)
|
|
12
|
+
attach_function(*args)
|
|
13
|
+
private args[0]
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
typedef :ulong, :dword
|
|
17
|
+
typedef :pointer, :ptr
|
|
18
|
+
|
|
19
|
+
# Work around a bug in 64-bit JRuby
|
|
20
|
+
if RUBY_PLATFORM == 'java' && ENV_JAVA['sun.arch.data.model'] == '64'
|
|
21
|
+
typedef :ulong_long, :handle
|
|
22
|
+
else
|
|
23
|
+
typedef :uintptr_t, :handle
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
ffi_lib :kernel32
|
|
27
|
+
ffi_convention :stdcall
|
|
28
|
+
|
|
29
|
+
enum :token_info_class, [
|
|
30
|
+
:TokenUser, 1,
|
|
31
|
+
:TokenGroups,
|
|
32
|
+
:TokenPrivileges,
|
|
33
|
+
:TokenOwner,
|
|
34
|
+
:TokenPrimaryGroup,
|
|
35
|
+
:TokenDefaultDacl,
|
|
36
|
+
:TokenSource,
|
|
37
|
+
:TokenType,
|
|
38
|
+
:TokenImpersonationLevel,
|
|
39
|
+
:TokenStatistics,
|
|
40
|
+
:TokenRestrictedSids,
|
|
41
|
+
:TokenSessionId,
|
|
42
|
+
:TokenGroupsAndPrivileges,
|
|
43
|
+
:TokenSessionReference,
|
|
44
|
+
:TokenSandBoxInert,
|
|
45
|
+
:TokenAuditPolicy,
|
|
46
|
+
:TokenOrigin,
|
|
47
|
+
:TokenElevationType,
|
|
48
|
+
:TokenLinkedToken,
|
|
49
|
+
:TokenElevation,
|
|
50
|
+
:TokenHasRestrictions,
|
|
51
|
+
:TokenAccessInformation,
|
|
52
|
+
:TokenVirtualizationAllowed,
|
|
53
|
+
:TokenVirtualizationEnabled,
|
|
54
|
+
:TokenIntegrityLevel,
|
|
55
|
+
:TokenUIAccess,
|
|
56
|
+
:TokenMandatoryPolicy,
|
|
57
|
+
:TokenLogonSid,
|
|
58
|
+
:TokenIsAppContainer,
|
|
59
|
+
:TokenCapabilities,
|
|
60
|
+
:TokenAppContainerSid,
|
|
61
|
+
:TokenAppContainerNumber,
|
|
62
|
+
:TokenUserClaimAttributes,
|
|
63
|
+
:TokenDeviceClaimAttributes,
|
|
64
|
+
:TokenRestrictedUserClaimAttributes,
|
|
65
|
+
:TokenRestrictedDeviceClaimAttributes,
|
|
66
|
+
:TokenDeviceGroups,
|
|
67
|
+
:TokenRestrictedDeviceGroups,
|
|
68
|
+
:TokenSecurityAttributes,
|
|
69
|
+
:TokenIsRestricted,
|
|
70
|
+
:MaxTokenInfoClass
|
|
71
|
+
]
|
|
72
|
+
|
|
73
|
+
attach_pfunc :GetCurrentProcess, [], :handle
|
|
74
|
+
attach_pfunc :GetCurrentThread, [], :handle
|
|
75
|
+
attach_pfunc :GetVersionExA, [:ptr], :bool
|
|
76
|
+
attach_pfunc :GetLastError, [], :dword
|
|
77
|
+
attach_pfunc :CloseHandle, [:dword], :bool
|
|
78
|
+
|
|
79
|
+
ffi_lib :advapi32
|
|
80
|
+
|
|
81
|
+
attach_pfunc :AddAce, [:ptr, :dword, :dword, :ptr, :dword], :bool
|
|
82
|
+
attach_pfunc :AddAccessAllowedAce, [:ptr, :dword, :dword, :ptr], :bool
|
|
83
|
+
attach_pfunc :AddAccessAllowedAceEx, [:ptr, :dword, :dword, :dword, :ptr], :bool
|
|
84
|
+
attach_pfunc :AddAccessDeniedAce, [:ptr, :dword, :dword, :ptr], :bool
|
|
85
|
+
attach_pfunc :AddAccessDeniedAceEx, [:ptr, :dword, :dword, :dword, :ptr], :bool
|
|
86
|
+
attach_pfunc :AllocateAndInitializeSid, [:ptr, :int, :dword, :dword, :dword, :dword, :dword, :dword, :dword, :dword, :ptr], :bool
|
|
87
|
+
attach_pfunc :CheckTokenMembership, [:handle, :ptr, :ptr], :bool
|
|
88
|
+
attach_pfunc :ConvertSidToStringSid, :ConvertSidToStringSidA, [:ptr, :ptr], :bool
|
|
89
|
+
attach_pfunc :ConvertStringSidToSid, :ConvertStringSidToSidA, [:string, :ptr], :bool
|
|
90
|
+
attach_pfunc :DeleteAce, [:ptr, :dword], :bool
|
|
91
|
+
attach_pfunc :EqualSid, [:ptr, :ptr], :bool
|
|
92
|
+
attach_pfunc :FindFirstFreeAce, [:ptr, :ptr], :bool
|
|
93
|
+
attach_pfunc :GetAce, [:ptr, :dword, :ptr], :bool
|
|
94
|
+
attach_pfunc :GetAclInformation, [:ptr, :ptr, :dword, :int], :bool
|
|
95
|
+
attach_pfunc :GetLengthSid, [:ptr], :dword
|
|
96
|
+
attach_pfunc :GetSidLengthRequired, [:uint], :dword
|
|
97
|
+
attach_pfunc :GetSidSubAuthority, [:ptr, :dword], :ptr
|
|
98
|
+
attach_pfunc :GetTokenInformation, [:handle, :token_info_class, :ptr, :dword, :ptr], :bool
|
|
99
|
+
attach_pfunc :InitializeAcl, [:ptr, :dword, :dword], :bool
|
|
100
|
+
attach_pfunc :InitializeSid, [:ptr, :ptr, :uint], :bool
|
|
101
|
+
attach_pfunc :IsValidAcl, [:ptr], :bool
|
|
102
|
+
attach_pfunc :IsValidSid, [:ptr], :bool
|
|
103
|
+
attach_pfunc :IsWellKnownSid, [:ptr, :int], :bool
|
|
104
|
+
attach_pfunc :LookupAccountName, :LookupAccountNameA, [:string, :string, :ptr, :ptr, :ptr, :ptr, :ptr], :bool
|
|
105
|
+
attach_pfunc :LookupAccountSid, :LookupAccountSidA, [:string, :ptr, :ptr, :ptr, :ptr, :ptr, :ptr], :bool
|
|
106
|
+
attach_pfunc :OpenProcessToken, [:handle, :dword, :ptr], :bool
|
|
107
|
+
attach_pfunc :OpenThreadToken, [:handle, :dword, :int, :ptr], :bool
|
|
108
|
+
attach_pfunc :SetAclInformation, [:ptr, :ptr, :dword, :int], :bool
|
|
109
|
+
|
|
110
|
+
attach_pfunc :ConvertSecurityDescriptorToStringSecurityDescriptor,
|
|
111
|
+
:ConvertSecurityDescriptorToStringSecurityDescriptorA, [:ptr, :dword, :dword, :ptr, :ptr], :bool
|
|
112
|
+
attach_pfunc :ConvertStringSecurityDescriptorToSecurityDescriptor,
|
|
113
|
+
:ConvertStringSecurityDescriptorToSecurityDescriptorA, [:string, :dword, :ptr, :ptr], :bool
|
|
114
|
+
end
|
|
115
|
+
end
|
|
116
|
+
end
|