Class: TurboRex::Windows::Security::SecurityDescriptor

Inherits:
Object
  • Object
show all
Defined in:
lib/turborex/windows/security/security_descriptor.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(revision, control, owner, group, sacl, dacl, sbzl = 0) ⇒ SecurityDescriptor

Returns a new instance of SecurityDescriptor.



13
14
15
16
17
18
19
20
21
 
# File 'lib/turborex/windows/security/security_descriptor.rb', line 13

def initialize(revision, control, owner, group, sacl, dacl, sbzl=0)
  @revision = revision
  @sbzl = sbzl
  @control = control
  @owner = owner
  @group = group
  @sacl = sacl
  @dacl = dacl
end

Instance Attribute Details

#controlObject (readonly)

Returns the value of attribute control.



7
8
9
 
# File 'lib/turborex/windows/security/security_descriptor.rb', line 7

def control
  @control
end

#daclObject (readonly)

Returns the value of attribute dacl.



11
12
13
 
# File 'lib/turborex/windows/security/security_descriptor.rb', line 11

def dacl
  @dacl
end

#groupObject (readonly)

Returns the value of attribute group.



9
10
11
 
# File 'lib/turborex/windows/security/security_descriptor.rb', line 9

def group
  @group
end

#ownerObject (readonly)

Returns the value of attribute owner.



8
9
10
 
# File 'lib/turborex/windows/security/security_descriptor.rb', line 8

def owner
  @owner
end

#revisionObject (readonly)

Returns the value of attribute revision.



5
6
7
 
# File 'lib/turborex/windows/security/security_descriptor.rb', line 5

def revision
  @revision
end

#saclObject (readonly)

Returns the value of attribute sacl.



10
11
12
 
# File 'lib/turborex/windows/security/security_descriptor.rb', line 10

def sacl
  @sacl
end

#sbzlObject (readonly)

Returns the value of attribute sbzl.



6
7
8
 
# File 'lib/turborex/windows/security/security_descriptor.rb', line 6

def sbzl
  @sbzl
end

Class Method Details

.from_raw(raw) ⇒ Object

Very few robustness checks, may result in memory-corruption.



24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
 
# File 'lib/turborex/windows/security/security_descriptor.rb', line 24

def self.from_raw(raw)
  apiproxy_klass = TurboRex::Windows::Win32API
  sd = apiproxy_klass.alloc_c_ary('BYTE', raw.bytesize)
  sd.str = raw
  
  # Get security descriptor control and revision
  pcontrol = apiproxy_klass.alloc_c_ptr('SECURITY_DESCRIPTOR_CONTROL')
  prevision = apiproxy_klass.alloc_c_ptr('DWORD')
  if apiproxy_klass.getsecuritydescriptorcontrol(sd, pcontrol, prevision) == 0
    raise_api_call_failure('GetSecurityDescriptorControl')
  end
  control = pcontrol[0]
  revision = prevision[0]
  
  # Get owner sid
  ppsid = apiproxy_klass.alloc_c_ptr('PSID')
  pownder_default = apiproxy_klass.alloc_c_ptr('BOOL')
  if apiproxy_klass.getsecuritydescriptorowner(sd, ppsid, pownder_default) == 0
    raise_api_call_failure('GetSecurityDescriptorOwner')
  end

  ppszsid = apiproxy_klass.alloc_c_ptr('LPSTR')
  if apiproxy_klass.convertsidtostringsida(ppsid[0], ppszsid) == 0
    raise_api_call_failure('ConvertSidToStringSidA')
  end
  sz_owner_sid = apiproxy_klass.memory_read_strz(ppszsid[0])

  # Get group sid
  if apiproxy_klass.getsecuritydescriptorgroup(sd, ppsid, pownder_default) == 0
    raise_api_call_failure('GetSecurityDescriptorGroup')
  end

  ppszsid = apiproxy_klass.alloc_c_ptr('LPSTR')
  if apiproxy_klass.convertsidtostringsida(ppsid[0], ppszsid) == 0
    raise_api_call_failure('ConvertSidToStringSidA')
  end
  sz_group_sid = apiproxy_klass.memory_read_strz(ppszsid[0])          
  
  # TODO: parse SACL


  # Get DACL
  ppacl = apiproxy_klass.alloc_c_ptr('PACL')
  dacl_present = apiproxy_klass.alloc_c_ptr('BOOL')
  pdacl_default = apiproxy_klass.alloc_c_ptr('BOOL') 
  if apiproxy_klass.getsecuritydescriptordacl(sd, dacl_present, ppacl, pdacl_default) == 0
    raise_api_call_failure('GetSecurityDescriptorDacl')
  end

  acl_revision_info = apiproxy_klass.alloc_c_struct('ACL_REVISION_INFORMATION')
  if apiproxy_klass.getaclinformation(ppacl[0], acl_revision_info, acl_revision_info.sizeof, apiproxy_klass::ACLREVISIONINFORMATION) == 0
    raise_api_call_failure('GetAclInformation')
  end
  acl_revision = acl_revision_info.AclRevision

  acl_size_info = apiproxy_klass.alloc_c_struct('ACL_SIZE_INFORMATION')
  if apiproxy_klass.getaclinformation(ppacl[0], acl_size_info, acl_size_info.sizeof, apiproxy_klass::ACLSIZEINFORMATION) == 0
    raise_api_call_failure('GetAclInformation')
  end
  ace_count = acl_size_info.AceCount

  ppace = apiproxy_klass.alloc_c_ptr('LPVOID')
  aces = []
  ace_count.times do |i|
    if apiproxy_klass.getace(ppacl[0], i, ppace) == 0
      raise_api_call_failure('GetACE')
    end

    # parse ace
    aces << parse_ace_from_ptr(ppace[0])
  end

  dacl = ACL::DACL.new(acl_revision, ace_count, aces)

  new(revision, control, sz_owner_sid, sz_group_sid, nil, dacl)
end

.parse_ace_from_ptr(ptr) ⇒ Object 



106
107
108
109
110
111
112
113
114
 
# File 'lib/turborex/windows/security/security_descriptor.rb', line 106

def self.parse_ace_from_ptr(ptr)
  ace_header = TurboRex::Windows::Win32API.alloc_c_struct('ACE_HEADER')
  raw_header = TurboRex::Windows::Utils.read_memory(ptr, ace_header.sizeof)
  ace_header.str = raw_header
  size = ace_header.AceSize

  raw_ace = TurboRex::Windows::Utils.read_memory(ptr, size)
  ACE.from_raw(raw_ace)
end

.raise_api_call_failure(api_name) ⇒ Object 



102
103
104
 
# File 'lib/turborex/windows/security/security_descriptor.rb', line 102

def self.raise_api_call_failure(api_name)
  raise "Unable to call #{api_name}. GetLastError returns: #{TurboRex::Windows::Win32API.getlasterror}"
end