summaryrefslogtreecommitdiffhomepage
path: root/src/internal
diff options
context:
space:
mode:
authormidipix <writeonce@midipix.org>2018-03-27 01:53:14 +0000
committermidipix <writeonce@midipix.org>2018-03-29 21:56:28 -0400
commit0a84879cdc3be1bbe3e09dd9fd883a4832e9443e (patch)
tree890b50007ab3c483666d922c6edad95d17c619b5 /src/internal
parent227c1560530dc822180e71690795d4a97d2d7310 (diff)
downloadntapi-0a84879cdc3be1bbe3e09dd9fd883a4832e9443e.tar.bz2
ntapi-0a84879cdc3be1bbe3e09dd9fd883a4832e9443e.tar.xz
internals: when running as a local/domain user, cache the domain's admin sid.
Diffstat (limited to 'src/internal')
-rw-r--r--src/internal/ntapi.c24
-rw-r--r--src/internal/ntapi_impl.h5
2 files changed, 24 insertions, 5 deletions
diff --git a/src/internal/ntapi.c b/src/internal/ntapi.c
index f0b4431..aaf1b33 100644
--- a/src/internal/ntapi.c
+++ b/src/internal/ntapi.c
@@ -94,6 +94,8 @@ static int32_t __fastcall __ntapi_init_once(ntapi_vtbl ** pvtbl)
void * hntdll;
size_t block_size;
size_t buf[64];
+ unsigned char * value;
+ uint16_t sacnt;
nt_oa oa;
nt_cid cid;
ntapi_zw_allocate_virtual_memory * pfn_zw_allocate_virtual_memory;
@@ -482,7 +484,7 @@ static int32_t __fastcall __ntapi_init_once(ntapi_vtbl ** pvtbl)
internals->htoken,
NT_SE_CREATE_SYMBOLIC_LINK_PRIVILEGE);
- /* sid */
+ /* user */
if ((status = __ntapi->zw_query_information_token(
internals->htoken,
NT_TOKEN_USER,
@@ -490,12 +492,28 @@ static int32_t __fastcall __ntapi_init_once(ntapi_vtbl ** pvtbl)
&block_size)))
return status;
- internals->sid = (nt_sid *)&internals->sid_buffer;
+ internals->user = (nt_sid *)&internals->sid_buffer[0];
+ internals->admin = (nt_sid *)&internals->sid_buffer[1];
__ntapi->tt_sid_copy(
- internals->sid,
+ internals->user,
((nt_sid_and_attributes *)buf)->sid);
+ /* admin */
+ value = internals->user->identifier_authority.value;
+ sacnt = internals->user->sub_authority_count;
+
+ if ((value[0] == 0) && (value[1] == 0)
+ && (value[2] == 0) && (value[3] == 0)
+ && (value[4] == 0) && (value[5] == 5)
+ && internals->user->sub_authority[0] == 21) {
+ __ntapi->tt_sid_copy(
+ internals->admin,
+ internals->user);
+
+ internals->admin->sub_authority[sacnt - 1] = 500;
+ }
+
/* done */
*pvtbl = &___ntapi_shadow;
at_locked_inc(&__ntapi_init_idx);
diff --git a/src/internal/ntapi_impl.h b/src/internal/ntapi_impl.h
index 6021a48..d020386 100644
--- a/src/internal/ntapi_impl.h
+++ b/src/internal/ntapi_impl.h
@@ -82,8 +82,9 @@ typedef struct __attr_ptr_size_aligned__ _ntapi_internals {
nt_port_name * subsystem;
nt_security_descriptor seq_desc;
nt_security_quality_of_service seq_qos;
- nt_sid_any sid_buffer;
- nt_sid * sid;
+ nt_sid_any sid_buffer[2];
+ nt_sid * user;
+ nt_sid * admin;
void * hprocess;
void * htoken;
void * hport_tty_session;