void DumpSecurityDescriptor(CSecurityDesc& sd, SECURITY_INFORMATION si, Mapping* pAccessMappings)
{
CIndent scope;
CSid sidOwner;
CSid sidGroup;
CDacl dacl;
CSacl sacl;
bool bPresent = false;
bool bDefaulted = false;
if (LOBYTE(LOWORD(::GetVersion())) >= 5)
{
// only works on Windows 2000 or greater
CString strSD;
if (sd.ToString(&strSD, si))
Log(_T("%s"), (LPCTSTR)strSD);
}
if ((si & OWNER_SECURITY_INFORMATION) && sd.GetOwner(&sidOwner, &bDefaulted))
{
Log(_T("Owner: %s"),
bDefaulted ? _T("[Defaulted]") : _T(""));
DumpSid(sidOwner);
}
if ((si & GROUP_SECURITY_INFORMATION) && sd.GetGroup(&sidGroup, &bDefaulted))
{
Log(_T("Group: %s"),
bDefaulted ? _T("[Defaulted]") : _T(""));
DumpSid(sidGroup);
}
if ((si & DACL_SECURITY_INFORMATION) && sd.GetDacl(&dacl, &bPresent, &bDefaulted))
{
Log(_T("Dacl: %s %s"),
bPresent ? _T("") : _T("[Not Present]"),
bDefaulted ? _T("[Defaulted]") : _T(""));
DumpAcl(dacl, pAccessMappings);
}
if ((si & SACL_SECURITY_INFORMATION) && sd.GetSacl(&sacl, &bPresent, &bDefaulted))
{
Log(_T("Sacl: %s %s"),
bPresent ? _T("") : _T("[Not Present]"),
bDefaulted ? _T("[Defaulted]") : _T(""));
DumpAcl(sacl, pAccessMappings);
}
}
//*****************************************************************************
//* Function Name: DumpTokenLogonSid
//* Description:
//*****************************************************************************
void DumpTokenLogonSid (
HANDLE p_hToken,
LPVOID p_pTokenInformation,
DWORD p_dwTokenInformationLength)
{
PSID l_pTokenLogonSid = reinterpret_cast<PSID>(p_pTokenInformation);
DumpSid (l_pTokenLogonSid, _T("TokenLogonSid"));
}
void DumpAce(CSid& sid,
ACCESS_MASK mask,
BYTE type,
BYTE flags,
GUID guidObjectType,
GUID guidInheritedObjectType,
Mapping* pAccessMappings)
{
CIndent scope;
Log(_T("Sid:"));
DumpSid(sid);
Log(_T("Mask:"));
DumpAccessMask(mask, pAccessMappings);
Log(_T("Type:"));
DumpAceType(type);
Log(_T("Flags:"));
DumpAceFlags(flags);
if (!InlineIsEqualGUID(GUID_NULL, guidObjectType))
{
Log(_T("Object Type:"));
CStringW str;
if (StringFromGUID2(guidObjectType, CStrBufW(str, 128), 128))
Log(CW2CT(str));
else
Log(_T("Failure converting GUID to String"));
}
if (!InlineIsEqualGUID(GUID_NULL, guidInheritedObjectType))
{
Log(_T("Inherited Object Type:"));
CStringW str;
if (StringFromGUID2(guidInheritedObjectType, CStrBufW(str, 128), 128))
Log(CW2CT(str));
else
Log(_T("Failure converting GUID to String"));
}
}
void DumpGroups(CTokenGroups& groups)
{
CIndent scope;
CSid::CSidArray sids;
CAtlArray<DWORD> attrs;
groups.GetSidsAndAttributes(&sids, &attrs);
ATLASSERT(groups.GetCount() == sids.GetCount());
ATLASSERT(groups.GetCount() == attrs.GetCount());
Log(_T("Group Count: %d"), groups.GetCount());
for (UINT i=0; i<groups.GetCount(); i++)
{
Log(_T("Group %d:"), i);
Log(_T("Sid:"));
DumpSid(sids[i]);
Log(_T("Attributes:"));
DumpGroupAttributes(attrs[i]);
}
}
void DumpAccessToken(CAccessToken& at)
{
CIndent scope;
CSid sidUser;
if (!at.GetUser(&sidUser))
Log(_T("Failure retrieving User from Token"));
else
{
Log(_T("User:"******"Failure retrieving Groups from Token"));
else
{
Log(_T("Groups:"));
DumpGroups(groups);
}
CTokenPrivileges priv;
if (!at.GetPrivileges(&priv))
Log(_T("Failure retrieving Privileges from Token"));
else
{
Log(_T("Privileges:"));
DumpPrivileges(priv);
}
CSid sidOwner;
if (!at.GetOwner(&sidOwner))
Log(_T("Failure retrieving Owner from Token"));
else
{
Log(_T("Default Owner:"));
DumpSid(sidOwner);
}
CSid sidPrimaryGroup;
if (!at.GetOwner(&sidPrimaryGroup))
Log(_T("Failure retrieving Primary Group from Token"));
else
{
Log(_T("Primary Group:"));
DumpSid(sidPrimaryGroup);
}
CDacl dacl;
if (!at.GetDefaultDacl(&dacl))
Log(_T("Failure retrieving Default Dacl from Token"));
else
{
Log(_T("Default Dacl:"));
DumpAcl(dacl, mapGenericAccess);
}
TOKEN_SOURCE source;
if (!at.GetSource(&source))
Log(_T("Failure retrieving Source from Token"));
else
{
Log(_T("Source:"));
Log(_T("Source Name: %.8s"), CString(source.SourceName));
Log(_T("Source Identifier: 0x%.8x%.8x"), source.SourceIdentifier.HighPart, source.SourceIdentifier.LowPart);
}
TOKEN_TYPE type;
if (!at.GetType(&type))
Log(_T("Failure retrieving Type from Token"));
else
Log(_T("Type: %s"), (LPCTSTR)GetTokenType(type));
if (type == TokenImpersonation)
{
SECURITY_IMPERSONATION_LEVEL sil;
if (!at.GetImpersonationLevel(&sil))
Log(_T("Failure retrieving Impersonation Level from Token"));
else
Log(_T("Impersonation Level: %s"), (LPCTSTR)GetImpersonationLevel(sil));
}
TOKEN_STATISTICS stats;
if (!at.GetStatistics(&stats))
Log(_T("Failure retrieving Statistics from Token"));
else
{
Log(_T("Statistics:"));
DumpStatistics(stats);
}
}
