It is currently Sun May 31, 2020 12:42 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: get user's security groups
PostPosted: Tue May 19, 2020 2:11 pm 
Offline
Enthusiast
Enthusiast

Joined: Wed Mar 11, 2009 4:06 pm
Posts: 251
Location: NL
This quick hack test

Code:
EnableExplicit

Global LibAuthZ
Prototype AuthzInitializeContextFromSid(Flags.l, *UserSid, *hAuthzResourceManager, *pExpirationTime, *Identifier.LUID, *DynamicGroupArgs, *phAuthzClientContext)
Prototype AuthzInitializeResourceManager(Flags.l, *pfnDynamicAccessCheck, *pfnComputeDynamicGroups, *pfnFreeDynamicGroups,  szResourceManagerName.s, *phAuthzResourceManager)
Prototype AuthzGetInformationFromContext(hAuthzClientContext, InfoClass, BufferSize.l, *pSizeRequired, *Buffer)

LibAuthZ = OpenLibrary(#PB_Any, "AuthZ.dll")
Global AuthzInitializeContextFromSid.AuthzInitializeContextFromSid = GetFunction(LibAuthZ, "AuthzInitializeContextFromSid")
Global AuthzInitializeResourceManager.AuthzInitializeResourceManager = GetFunction(LibAuthZ, "AuthzInitializeResourceManager")
Global AuthzGetInformationFromContext.AuthzGetInformationFromContext = GetFunction(LibAuthZ, "AuthzGetInformationFromContext")

Global LibAdvAPI32
Prototype ConvertSidToStringSid(*sid, *StringSID)

LibAdvAPI32 = OpenLibrary(#PB_Any, "advapi32.dll")
Global ConvertSidToStringSid.ConvertSidToStringSid = GetFunction(LibAdvAPI32, "ConvertSidToStringSidW")

#AUTHZ_RM_FLAG_NO_AUDIT = $1

If LibAdvAPI32 = 0 Or LibAdvAPI32 = 0
  End
EndIf

Procedure Test(AccountName.s)
  Protected cbSID.l, DomainName.s, cbDomainName.l, SIDType, SID, *pSID
 
  If Not LookupAccountName_(0, @AccountName, 0, @cbSID, 0, @cbDomainName, @SIDType)
    If GetLastError_() = #ERROR_INSUFFICIENT_BUFFER
      *pSID = AllocateMemory(cbSID)
      DomainName = Space(cbDomainName)
      If LookupAccountName_(0, @AccountName, *pSID, @cbSID, @DomainName, @cbDomainName, @SIDType)
        If ConvertSidToStringSid(*pSID, @Sid)
          Debug PeekS(Sid)
          LocalFree_(Sid)
        EndIf
      EndIf
     
    EndIf
  EndIf 
 
  Protected r, i, *rm, *cc, size, luid.LUID, *tg.TOKEN_GROUPS
  r = AuthzInitializeResourceManager(#AUTHZ_RM_FLAG_NO_AUDIT, 0, 0, 0, "", @*rm)
  If r
    Debug "AuthzInitializeResourceManager"
    ;r = AuthzInitializeContextFromSid(0, *uinfo\usri4_user_sid, *rm, 0, luid, 0, @*cc)
    r = AuthzInitializeContextFromSid(0, *pSID, *rm, 0, luid, 0, @*cc)
    If r
      Debug "AuthzInitializeContextFromSid"
      r = AuthzGetInformationFromContext(*cc, 1, 0, @size, 0)
      If Not r And size > 0 And GetLastError_() = #ERROR_INSUFFICIENT_BUFFER
        Debug "AuthzGetInformationFromContext"
        *tg = AllocateMemory(size)
        r = AuthzGetInformationFromContext(*cc, 1, size, @size, *tg)
        If r
          Debug *tg\GroupCount
          End
          Debug size
          Debug "AuthzGetInformationFromContext 2"
          For i = 0 To *tg\GroupCount - 1
            If *tg <> 0
              If ConvertSidToStringSid(*tg\Groups[i]\Sid, @Sid)
                Debug PeekS(Sid)
                LocalFree_(Sid)
              EndIf
            EndIf
           
          Next         
        EndIf   
      EndIf
    EndIf 
  EndIf 
EndProcedure

Test("Administrator")



PB IDE has to be run as admin.

passes all if's but it's GroupCount is way too big, hence it crashes at printing group sids.

Any Windows API guru available to take a look?
What may or may not help:
https://github.com/bill-long/GetAuthzIn ... Program.cs
https://github.com/microsoft/Windows-cl ... AuthzSvr.c
https://docs.microsoft.com/en-us/window ... nt-context


Top
 Profile  
Reply with quote  
 Post subject: Re: get user's security groups
PostPosted: Thu May 21, 2020 4:00 am 
Offline
Enthusiast
Enthusiast

Joined: Wed Mar 11, 2009 4:06 pm
Posts: 251
Location: NL
The case of a 1 that has to be a 2... ;


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 6 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

 


Powered by phpBB © 2008 phpBB Group
subSilver+ theme by Canver Software, sponsor Sanal Modifiye