mimikatz/modules/kull_m_samlib.h

225 lines
9.5 KiB
C

/* Benjamin DELPY `gentilkiwi`
http://blog.gentilkiwi.com
benjamin@gentilkiwi.com
Licence : http://creativecommons.org/licenses/by/3.0/fr/
*/
#pragma once
#include "globals.h"
typedef PVOID SAMPR_HANDLE;
typedef enum _USER_INFORMATION_CLASS {
UserInternal1Information = 18,
UserAllInformation = 21,
} USER_INFORMATION_CLASS, *PUSER_INFORMATION_CLASS;
typedef struct _SAMPR_SR_SECURITY_DESCRIPTOR {
DWORD Length;
PUCHAR SecurityDescriptor;
} SAMPR_SR_SECURITY_DESCRIPTOR, *PSAMPR_SR_SECURITY_DESCRIPTOR;
typedef struct _GROUP_MEMBERSHIP {
DWORD RelativeId;
DWORD Attributes;
} GROUP_MEMBERSHIP, *PGROUP_MEMBERSHIP;
typedef struct _SAMPR_USER_INTERNAL1_INFORMATION {
BYTE NTHash[LM_NTLM_HASH_LENGTH];
BYTE LMHash[LM_NTLM_HASH_LENGTH];
BYTE NtPasswordPresent;
BYTE LmPasswordPresent;
BYTE PasswordExpired;
BYTE PrivateDataSensitive;
} SAMPR_USER_INTERNAL1_INFORMATION, *PSAMPR_USER_INTERNAL1_INFORMATION;
typedef union _SAMPR_USER_INFO_BUFFER {
SAMPR_USER_INTERNAL1_INFORMATION Internal1;
} SAMPR_USER_INFO_BUFFER, *PSAMPR_USER_INFO_BUFFER;
typedef struct _SAMPR_RID_ENUMERATION {
DWORD RelativeId;
LSA_UNICODE_STRING Name;
} SAMPR_RID_ENUMERATION, *PSAMPR_RID_ENUMERATION;
extern NTSTATUS WINAPI SamConnect(IN PUNICODE_STRING ServerName, OUT SAMPR_HANDLE * ServerHandle, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted);
extern NTSTATUS WINAPI SamEnumerateDomainsInSamServer(IN SAMPR_HANDLE ServerHandle, OUT DWORD * EnumerationContext, OUT PSAMPR_RID_ENUMERATION* Buffer, IN DWORD PreferedMaximumLength, OUT DWORD * CountReturned);
extern NTSTATUS WINAPI SamLookupDomainInSamServer(IN SAMPR_HANDLE ServerHandle, IN PUNICODE_STRING Name, OUT PSID * DomainId);
extern NTSTATUS WINAPI SamOpenDomain(IN SAMPR_HANDLE SamHandle, IN ACCESS_MASK DesiredAccess, IN PSID DomainId, OUT SAMPR_HANDLE * DomainHandle);
extern NTSTATUS WINAPI SamOpenUser(IN SAMPR_HANDLE DomainHandle, IN ACCESS_MASK DesiredAccess, IN DWORD UserId, OUT SAMPR_HANDLE * UserHandle);
extern NTSTATUS WINAPI SamQueryInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, PSAMPR_USER_INFO_BUFFER* Buffer);
extern NTSTATUS WINAPI SamGetGroupsForUser(IN SAMPR_HANDLE UserHandle, OUT PGROUP_MEMBERSHIP * Groups, OUT DWORD * CountReturned);
extern NTSTATUS WINAPI SamGetAliasMembership(IN SAMPR_HANDLE DomainHandle, IN DWORD Count, IN PSID * Sid, OUT DWORD * CountReturned, OUT PDWORD * RelativeIds);
extern NTSTATUS WINAPI SamEnumerateUsersInDomain(IN SAMPR_HANDLE DomainHandle, IN OUT PDWORD EnumerationContext, IN DWORD UserAccountControl, OUT PSAMPR_RID_ENUMERATION* Buffer, IN DWORD PreferedMaximumLength, OUT PDWORD CountReturned);
extern NTSTATUS WINAPI SamLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle, IN DWORD Count, IN PUNICODE_STRING Names, OUT PDWORD * RelativeIds, OUT PDWORD * Use);
extern NTSTATUS WINAPI SamLookupIdsInDomain(IN SAMPR_HANDLE DomainHandle, IN DWORD Count, IN PDWORD RelativeIds, OUT PUNICODE_STRING * Names, OUT PDWORD * Use);
extern NTSTATUS WINAPI SamRidToSid(IN SAMPR_HANDLE ObjectHandle, IN DWORD Rid, OUT PSID * Sid);
extern NTSTATUS WINAPI SamCloseHandle(IN SAMPR_HANDLE SamHandle);
extern NTSTATUS WINAPI SamFreeMemory(IN PVOID Buffer);
#define SAM_SERVER_CONNECT 0x00000001
#define SAM_SERVER_SHUTDOWN 0x00000002
#define SAM_SERVER_INITIALIZE 0x00000004
#define SAM_SERVER_CREATE_DOMAIN 0x00000008
#define SAM_SERVER_ENUMERATE_DOMAINS 0x00000010
#define SAM_SERVER_LOOKUP_DOMAIN 0x00000020
#define SAM_SERVER_ALL_ACCESS 0x000f003f
#define SAM_SERVER_READ 0x00020010
#define SAM_SERVER_WRITE 0x0002000e
#define SAM_SERVER_EXECUTE 0x00020021
#define DOMAIN_READ_PASSWORD_PARAMETERS 0x00000001
#define DOMAIN_WRITE_PASSWORD_PARAMS 0x00000002
#define DOMAIN_READ_OTHER_PARAMETERS 0x00000004
#define DOMAIN_WRITE_OTHER_PARAMETERS 0x00000008
#define DOMAIN_CREATE_USER 0x00000010
#define DOMAIN_CREATE_GROUP 0x00000020
#define DOMAIN_CREATE_ALIAS 0x00000040
#define DOMAIN_GET_ALIAS_MEMBERSHIP 0x00000080
#define DOMAIN_LIST_ACCOUNTS 0x00000100
#define DOMAIN_LOOKUP 0x00000200
#define DOMAIN_ADMINISTER_SERVER 0x00000400
#define DOMAIN_ALL_ACCESS 0x000f07ff
#define DOMAIN_READ 0x00020084
#define DOMAIN_WRITE 0x0002047a
#define DOMAIN_EXECUTE 0x00020301
#define GROUP_READ_INFORMATION 0x00000001
#define GROUP_WRITE_ACCOUNT 0x00000002
#define GROUP_ADD_MEMBER 0x00000004
#define GROUP_REMOVE_MEMBER 0x00000008
#define GROUP_LIST_MEMBERS 0x00000010
#define GROUP_ALL_ACCESS 0x000F001F
#define GROUP_READ 0x00020010
#define GROUP_WRITE 0x0002000E
#define GROUP_EXECUTE 0x00020001
#define ALIAS_ADD_MEMBER 0x00000001
#define ALIAS_REMOVE_MEMBER 0x00000002
#define ALIAS_LIST_MEMBERS 0x00000004
#define ALIAS_READ_INFORMATION 0x00000008
#define ALIAS_WRITE_ACCOUNT 0x00000010
#define ALIAS_ALL_ACCESS 0x000F001F
#define ALIAS_READ 0x00020004
#define ALIAS_WRITE 0x00020013
#define ALIAS_EXECUTE 0x00020008
#define USER_READ_GENERAL 0x00000001
#define USER_READ_PREFERENCES 0x00000002
#define USER_WRITE_PREFERENCES 0x00000004
#define USER_READ_LOGON 0x00000008
#define USER_READ_ACCOUNT 0x00000010
#define USER_WRITE_ACCOUNT 0x00000020
#define USER_CHANGE_PASSWORD 0x00000040
#define USER_FORCE_PASSWORD_CHANGE 0x00000080
#define USER_LIST_GROUPS 0x00000100
#define USER_READ_GROUP_INFORMATION 0x00000200
#define USER_WRITE_GROUP_INFORMATION 0x00000400
#define USER_ALL_ACCESS 0x000f07ff
#define USER_READ 0x0002031a
#define USER_WRITE 0x00020044
#define USER_EXECUTE 0x00020041
#define USER_ALL_USERNAME 0x00000001
#define USER_ALL_FULLNAME 0x00000002
#define USER_ALL_USERID 0x00000004
#define USER_ALL_PRIMARYGROUPID 0x00000008
#define USER_ALL_ADMINCOMMENT 0x00000010
#define USER_ALL_USERCOMMENT 0x00000020
#define USER_ALL_HOMEDIRECTORY 0x00000040
#define USER_ALL_HOMEDIRECTORYDRIVE 0x00000080
#define USER_ALL_SCRIPTPATH 0x00000100
#define USER_ALL_PROFILEPATH 0x00000200
#define USER_ALL_WORKSTATIONS 0x00000400
#define USER_ALL_LASTLOGON 0x00000800
#define USER_ALL_LASTLOGOFF 0x00001000
#define USER_ALL_LOGONHOURS 0x00002000
#define USER_ALL_BADPASSWORDCOUNT 0x00004000
#define USER_ALL_LOGONCOUNT 0x00008000
#define USER_ALL_PASSWORDCANCHANGE 0x00010000
#define USER_ALL_PASSWORDMUSTCHANGE 0x00020000
#define USER_ALL_PASSWORDLASTSET 0x00040000
#define USER_ALL_ACCOUNTEXPIRES 0x00080000
#define USER_ALL_USERACCOUNTCONTROL 0x00100000
#define USER_ALL_PARAMETERS 0x00200000
#define USER_ALL_COUNTRYCODE 0x00400000
#define USER_ALL_CODEPAGE 0x00800000
#define USER_ALL_NTPASSWORDPRESENT 0x01000000
#define USER_ALL_LMPASSWORDPRESENT 0x02000000
#define USER_ALL_PRIVATEDATA 0x04000000
#define USER_ALL_PASSWORDEXPIRED 0x08000000
#define USER_ALL_SECURITYDESCRIPTOR 0x10000000
#define USER_ALL_UNDEFINED_MASK 0xc0000000
//
// Special Values and Constants - User
//
//
// Bit masks for field usriX_flags of USER_INFO_X (X = 0/1).
//
#define UF_SCRIPT 0x0001
#define UF_ACCOUNTDISABLE 0x0002
#define UF_HOMEDIR_REQUIRED 0x0008
#define UF_LOCKOUT 0x0010
#define UF_PASSWD_NOTREQD 0x0020
#define UF_PASSWD_CANT_CHANGE 0x0040
#define UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED 0x0080
//
// Account type bits as part of usri_flags.
//
#define UF_TEMP_DUPLICATE_ACCOUNT 0x0100
#define UF_NORMAL_ACCOUNT 0x0200
#define UF_INTERDOMAIN_TRUST_ACCOUNT 0x0800
#define UF_WORKSTATION_TRUST_ACCOUNT 0x1000
#define UF_SERVER_TRUST_ACCOUNT 0x2000
#define UF_MACHINE_ACCOUNT_MASK ( UF_INTERDOMAIN_TRUST_ACCOUNT | \
UF_WORKSTATION_TRUST_ACCOUNT | \
UF_SERVER_TRUST_ACCOUNT )
#define UF_ACCOUNT_TYPE_MASK ( \
UF_TEMP_DUPLICATE_ACCOUNT | \
UF_NORMAL_ACCOUNT | \
UF_INTERDOMAIN_TRUST_ACCOUNT | \
UF_WORKSTATION_TRUST_ACCOUNT | \
UF_SERVER_TRUST_ACCOUNT \
)
#define UF_DONT_EXPIRE_PASSWD 0x10000
#define UF_MNS_LOGON_ACCOUNT 0x20000
#define UF_SMARTCARD_REQUIRED 0x40000
#define UF_TRUSTED_FOR_DELEGATION 0x80000
#define UF_NOT_DELEGATED 0x100000
#define UF_USE_DES_KEY_ONLY 0x200000
#define UF_DONT_REQUIRE_PREAUTH 0x400000
#define UF_PASSWORD_EXPIRED 0x800000
#define UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION 0x1000000
#define UF_NO_AUTH_DATA_REQUIRED 0x2000000
#define UF_SETTABLE_BITS ( \
UF_SCRIPT | \
UF_ACCOUNTDISABLE | \
UF_LOCKOUT | \
UF_HOMEDIR_REQUIRED | \
UF_PASSWD_NOTREQD | \
UF_PASSWD_CANT_CHANGE | \
UF_ACCOUNT_TYPE_MASK | \
UF_DONT_EXPIRE_PASSWD | \
UF_MNS_LOGON_ACCOUNT |\
UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED |\
UF_SMARTCARD_REQUIRED | \
UF_TRUSTED_FOR_DELEGATION | \
UF_NOT_DELEGATED | \
UF_USE_DES_KEY_ONLY | \
UF_DONT_REQUIRE_PREAUTH |\
UF_PASSWORD_EXPIRED |\
UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION |\
UF_NO_AUTH_DATA_REQUIRED \
)