int _tmain(int argc, _TCHAR* argv[]) { int result = -1; HANDLE lsa = 0; //wchar_t unlock[MAX_GROUPNAME] = L""; TRACE(L"-------------------------\n"); //EnablePrivilege(L"SeTcbPrivilege"); if(!RegisterLogonProcess(LOGON_PROCESS_NAME, &lsa)) TRACEMSG(GetLastError()); if(IsWindowsServer()) { TRACE(L"Windows Server\n"); } else { TRACE(L"Windows pas Server\n"); } /* if(GetGroupName(gUnlockGroupName, unlock, sizeof unlock / sizeof *unlock) == S_OK) { wchar_t caption[512]; wchar_t text[2048]; OutputDebugString(L"Group name "); OutputDebugString(unlock); OutputDebugString(L"\n"); if((GetNoticeText(L"Caption", caption, sizeof caption / sizeof *caption) == S_OK) && (GetNoticeText(L"Text", text, sizeof text / sizeof *text) == S_OK)) { wchar_t message[MAX_USERNAME + sizeof text / sizeof *text]; wchar_t *read = text; wchar_t *write = text; while(*read) { if((*read == '\\') && (*(read+1) == 'n')) { *write++ = '\n'; read += 2; } else { *write++ = *read++; } } *write = 0; wsprintf(message, text, unlock); //Will insert group name if there is a %s in the message MessageBox(0, message, caption, MB_YESNOCANCEL|MB_ICONEXCLAMATION); } } */ if(argc > 1) for(int i=1; i<argc; ++i) { // wchar_t user[MAX_USERNAME]; // wchar_t domain[MAX_DOMAIN]; wchar_t passwd[MAX_PASSWORD]; wchar_t username[512]; wchar_t domain[512]; HANDLE current_user = 0; OpenProcessToken(GetCurrentProcess(), TOKEN_READ, ¤t_user); GetUsernameAndDomainFromToken(current_user, username, sizeof username / sizeof *username, domain, sizeof domain / sizeof *domain); if(ShouldHookUnlockPasswordDialog(current_user)) { TRACE(L"Should hook.\n"); } if (_getws_s(passwd, MAX_PASSWORD) == passwd) { result = ShouldUnlockForUser(lsa, current_user, L".", argv[i], passwd); switch(result) { case eLetMSGINAHandleIt: TRACE(L"TEST result is eLetMSGINAHandleIt\n"); wprintf(L"Actual result : eLetMSGINAHandleIt\n"); break; case eUnlock: TRACE(L"TEST result is eUnlock\n"); wprintf(L"Actual result : eUnlock\n"); break; case eForceLogoff: TRACE(L"TEST result is eForceLogoff\n"); wprintf(L"Actual result : eForceLogoff\n"); break; } } else { TRACE(L"Unable to read password\n"); break; } CloseHandle(current_user); } LsaDeregisterLogonProcess(lsa); //DisablePrivilege(L"SeTcbPrivilege"); return result; }
BOOL ZRegisterLogonProcess( DWORD dwProcessId, BOOL fSecure) { return RegisterLogonProcess( dwProcessId, fSecure) ; }
int WINAPI WinMain( IN HINSTANCE hInstance, IN HINSTANCE hPrevInstance, IN LPSTR lpCmdLine, IN int nShowCmd) { #if 0 LSA_STRING ProcessName, PackageName; HANDLE LsaHandle; LSA_OPERATIONAL_MODE Mode; BOOLEAN Old; ULONG AuthenticationPackage; NTSTATUS Status; #endif ULONG HardErrorResponse; MSG Msg; UNREFERENCED_PARAMETER(hPrevInstance); UNREFERENCED_PARAMETER(lpCmdLine); UNREFERENCED_PARAMETER(nShowCmd); hAppInstance = hInstance; /* Make us critical */ RtlSetProcessIsCritical(TRUE, NULL, FALSE); RtlSetThreadIsCritical(TRUE, NULL, FALSE); if (!RegisterLogonProcess(GetCurrentProcessId(), TRUE)) { ERR("WL: Could not register logon process\n"); NtRaiseHardError(STATUS_SYSTEM_PROCESS_TERMINATED, 0, 0, NULL, OptionOk, &HardErrorResponse); ExitProcess(1); } WLSession = (PWLSESSION)HeapAlloc(GetProcessHeap(), 0, sizeof(WLSESSION)); if (!WLSession) { ERR("WL: Could not allocate memory for winlogon instance\n"); NtRaiseHardError(STATUS_SYSTEM_PROCESS_TERMINATED, 0, 0, NULL, OptionOk, &HardErrorResponse); ExitProcess(1); } ZeroMemory(WLSession, sizeof(WLSESSION)); WLSession->DialogTimeout = 120; /* 2 minutes */ /* Initialize the dialog tracking list */ InitDialogListHead(); if (!CreateWindowStationAndDesktops(WLSession)) { ERR("WL: Could not create window station and desktops\n"); NtRaiseHardError(STATUS_SYSTEM_PROCESS_TERMINATED, 0, 0, NULL, OptionOk, &HardErrorResponse); ExitProcess(1); } LockWorkstation(WLSession); /* Load default keyboard layouts */ if (!InitKeyboardLayouts()) { ERR("WL: Could not preload keyboard layouts\n"); NtRaiseHardError(STATUS_SYSTEM_PROCESS_TERMINATED, 0, 0, NULL, OptionOk, &HardErrorResponse); ExitProcess(1); } if (!StartRpcServer()) { ERR("WL: Could not start the RPC server\n"); NtRaiseHardError(STATUS_SYSTEM_PROCESS_TERMINATED, 0, 0, NULL, OptionOk, &HardErrorResponse); ExitProcess(1); } if (!StartServicesManager()) { ERR("WL: Could not start services.exe\n"); NtRaiseHardError(STATUS_SYSTEM_PROCESS_TERMINATED, 0, 0, NULL, OptionOk, &HardErrorResponse); ExitProcess(1); } if (!StartLsass()) { ERR("WL: Failed to start lsass.exe service (error %lu)\n", GetLastError()); NtRaiseHardError(STATUS_SYSTEM_PROCESS_TERMINATED, 0, 0, NULL, OptionOk, &HardErrorResponse); ExitProcess(1); } /* Wait for the LSA server */ WaitForLsass(); /* Init Notifications */ InitNotifications(); /* Load and initialize gina */ if (!GinaInit(WLSession)) { ERR("WL: Failed to initialize Gina\n"); // FIXME: Retrieve the real name of the GINA DLL we were trying to load. // It is known only inside the GinaInit function... DialogBoxParam(hAppInstance, MAKEINTRESOURCE(IDD_GINALOADFAILED), GetDesktopWindow(), GinaLoadFailedWindowProc, (LPARAM)L"msgina.dll"); HandleShutdown(WLSession, WLX_SAS_ACTION_SHUTDOWN_REBOOT); ExitProcess(1); } DisplayStatusMessage(WLSession, WLSession->WinlogonDesktop, IDS_REACTOSISSTARTINGUP); #if 0 /* Connect to NetLogon service (lsass.exe) */ /* Real winlogon uses "Winlogon" */ RtlInitUnicodeString((PUNICODE_STRING)&ProcessName, L"Winlogon"); Status = LsaRegisterLogonProcess(&ProcessName, &LsaHandle, &Mode); if (Status == STATUS_PORT_CONNECTION_REFUSED) { /* Add the 'SeTcbPrivilege' privilege and try again */ Status = RtlAdjustPrivilege(SE_TCB_PRIVILEGE, TRUE, TRUE, &Old); if (!NT_SUCCESS(Status)) { ERR("RtlAdjustPrivilege() failed with error %lu\n", LsaNtStatusToWinError(Status)); return 1; } Status = LsaRegisterLogonProcess(&ProcessName, &LsaHandle, &Mode); } if (!NT_SUCCESS(Status)) { ERR("LsaRegisterLogonProcess() failed with error %lu\n", LsaNtStatusToWinError(Status)); return 1; } RtlInitUnicodeString((PUNICODE_STRING)&PackageName, MICROSOFT_KERBEROS_NAME_W); Status = LsaLookupAuthenticationPackage(LsaHandle, &PackageName, &AuthenticationPackage); if (!NT_SUCCESS(Status)) { ERR("LsaLookupAuthenticationPackage() failed with error %lu\n", LsaNtStatusToWinError(Status)); LsaDeregisterLogonProcess(LsaHandle); return 1; } #endif CallNotificationDlls(WLSession, StartupHandler); /* Create a hidden window to get SAS notifications */ if (!InitializeSAS(WLSession)) { ERR("WL: Failed to initialize SAS\n"); ExitProcess(2); } // DisplayStatusMessage(Session, Session->WinlogonDesktop, IDS_PREPARENETWORKCONNECTIONS); // DisplayStatusMessage(Session, Session->WinlogonDesktop, IDS_APPLYINGCOMPUTERSETTINGS); /* Display logged out screen */ WLSession->LogonState = STATE_INIT; RemoveStatusMessage(WLSession); /* Check for pending setup */ if (GetSetupType() != 0) { /* Run setup and reboot when done */ TRACE("WL: Setup mode detected\n"); RunSetup(); } else { PostMessageW(WLSession->SASWindow, WLX_WM_SAS, WLX_SAS_TYPE_CTRL_ALT_DEL, 0); } (void)LoadLibraryW(L"sfc_os.dll"); /* Tell kernel that CurrentControlSet is good (needed * to support Last good known configuration boot) */ NtInitializeRegistry(CM_BOOT_FLAG_ACCEPTED | 1); /* Message loop for the SAS window */ while (GetMessageW(&Msg, WLSession->SASWindow, 0, 0)) { TranslateMessage(&Msg); DispatchMessageW(&Msg); } CleanupNotifications(); /* We never go there */ return 0; }