This repository has been archived by the owner on Jul 26, 2023. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 222
More from kernel32 & advapi32 #65
Merged
Merged
Changes from 3 commits
Commits
Show all changes
5 commits
Select commit
Hold shift + click to select a range
b6be3c0
Add LoadLibrary, FreeLibrary and GetConsoleWindow
vbfox 4af671f
Add a few more API around service security from AdvApi32
vbfox 44313d8
Fix TokenAccessRights xmldoc
vbfox 7bfc032
Fix typo
vbfox a10c558
Merge remote-tracking branch 'upstream/master' into more_from_kernel3…
vbfox File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,81 @@ | ||
| // Copyright (c) to owners found in https://github.com/AArnott/pinvoke/blob/master/COPYRIGHT.md. All rights reserved. | ||
| // Licensed under the MIT license. See LICENSE.txt file in the project root for full license information. | ||
|
|
||
| namespace PInvoke | ||
| { | ||
| using System; | ||
|
|
||
| /// <content> | ||
| /// Contains the <see cref="SECURITY_INFORMATION"/> nested type. | ||
| /// </content> | ||
| public partial class AdvApi32 | ||
| { | ||
| /// <summary> | ||
| /// Identifies the object-related security information being set or queried. | ||
| /// </summary> | ||
| [Flags] | ||
| public enum SECURITY_INFORMATION | ||
| { | ||
| /// <summary> | ||
| /// The resource properties of the object being referenced. The resource properties are stored in | ||
| /// SYSTEM_RESOURCE_ATTRIBUTE_ACE types in the SACL of the security descriptor. | ||
| /// </summary> | ||
| /// <remarks> | ||
| /// Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: | ||
| /// This bit flag is not available. | ||
| /// </remarks> | ||
| ATTRIBUTE_SECURITY_INFORMATION, | ||
|
|
||
| /// <summary> | ||
| /// All parts of the security descriptor. This is useful for backup and restore software that needs to preserve | ||
| /// the entire security descriptor. | ||
| /// </summary> | ||
| /// <remarks> | ||
| /// Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: | ||
| /// This bit flag is not available. | ||
| /// </remarks> | ||
| BACKUP_SECURITY_INFORMATION, | ||
|
|
||
| /// <summary>The DACL of the object is being referenced.</summary> | ||
| DACL_SECURITY_INFORMATION, | ||
|
|
||
| /// <summary>The primary group identifier of the object is being referenced.</summary> | ||
| GROUP_SECURITY_INFORMATION, | ||
|
|
||
| /// <summary> | ||
| /// The mandatory integrity label is being referenced. The mandatory integrity label is an ACE in the SACL of the | ||
| /// object. | ||
| /// </summary> | ||
| /// <remarks>Windows Server 2003 and Windows XP: This bit flag is not available.</remarks> | ||
| LABEL_SECURITY_INFORMATION, | ||
|
|
||
| /// <summary>The owner identifier of the object is being referenced.</summary> | ||
| OWNER_SECURITY_INFORMATION, | ||
|
|
||
| /// <summary>The DACL cannot inherit access control entries (ACEs).</summary> | ||
| PROTECTED_DACL_SECURITY_INFORMATION, | ||
|
|
||
| /// <summary>The SACL cannot inherit ACEs.</summary> | ||
| PROTECTED_SACL_SECURITY_INFORMATION, | ||
|
|
||
| /// <summary>The SACL of the object is being referenced.</summary> | ||
| SACL_SECURITY_INFORMATION, | ||
|
|
||
| /// <summary> | ||
| /// The Central Access Policy (CAP) identifier applicable on the object that is being referenced. Each CAP | ||
| /// identifier is stored in a SYSTEM_SCOPED_POLICY_ID_ACE type in the SACL of the SD. | ||
| /// </summary> | ||
| /// <remarks> | ||
| /// Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: | ||
| /// This bit flag is not available. | ||
| /// </remarks> | ||
| SCOPE_SECURITY_INFORMATION, | ||
|
|
||
| /// <summary>The DACL inherits ACEs from the parent object.</summary> | ||
| UNPROTECTED_DACL_SECURITY_INFORMATION, | ||
|
|
||
| /// <summary>The SACL inherits ACEs from the parent object.</summary> | ||
| UNPROTECTED_SACL_SECURITY_INFORMATION | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| // Copyright (c) to owners found in https://github.com/AArnott/pinvoke/blob/master/COPYRIGHT.md. All rights reserved. | ||
| // Licensed under the MIT license. See LICENSE.txt file in the project root for full license information. | ||
|
|
||
| namespace PInvoke | ||
| { | ||
| /// <content> | ||
| /// Contains the <see cref="TOKEN_ELEVATION_TYPE"/> nested type. | ||
| /// </content> | ||
| public partial class AdvApi32 | ||
| { | ||
| /// <summary> | ||
| /// Indicates the elevation type of token being queried by the <see cref="GetTokenInformation"/> function. | ||
| /// </summary> | ||
| public enum TOKEN_ELEVATION_TYPE | ||
| { | ||
| /// <summary> | ||
| /// Standard user that don't require UAC as he doesn't have any elevated attributes in it's | ||
| /// security token. | ||
| /// </summary> | ||
| TokenElevationTypeDefault = 1, | ||
|
|
||
| /// <summary> | ||
| /// Process executing with full elevated rights, either UAC is disable or the process is | ||
| /// executing in "Run as administrator" mode. | ||
| /// </summary> | ||
| TokenElevationTypeFull, | ||
|
|
||
| /// <summary> | ||
| /// Process executing under UAC, the current user got some elevated right but they can't | ||
| /// be used in the process as the token is "split". | ||
| /// </summary> | ||
| TokenElevationTypeLimited | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| // Copyright (c) to owners found in https://github.com/AArnott/pinvoke/blob/master/COPYRIGHT.md. All rights reserved. | ||
| // Licensed under the MIT license. See LICENSE.txt file in the project root for full license information. | ||
|
|
||
| namespace PInvoke | ||
| { | ||
| /// <content> | ||
| /// Contains the <see cref="TOKEN_INFORMATION_CLASS"/> nested type. | ||
| /// </content> | ||
| public partial class AdvApi32 | ||
| { | ||
| /// <summary> | ||
| /// Specify the type of information being assigned to or retrieved from an access token. | ||
| /// </summary> | ||
| public enum TOKEN_INFORMATION_CLASS | ||
| { | ||
| TokenUser = 1, | ||
| TokenGroups, | ||
| TokenPrivileges, | ||
| TokenOwner, | ||
| TokenPrimaryGroup, | ||
| TokenDefaultDacl, | ||
| TokenSource, | ||
| TokenType, | ||
| TokenImpersonationLevel, | ||
| TokenStatistics, | ||
| TokenRestrictedSids, | ||
| TokenSessionId, | ||
| TokenGroupsAndPrivileges, | ||
| TokenSessionReference, | ||
| TokenSandBoxInert, | ||
| TokenAuditPolicy, | ||
| TokenOrigin, | ||
| TokenElevationType, | ||
| TokenLinkedToken, | ||
| TokenElevation, | ||
| TokenHasRestrictions, | ||
| TokenAccessInformation, | ||
| TokenVirtualizationAllowed, | ||
| TokenVirtualizationEnabled, | ||
| TokenIntegrityLevel, | ||
| TokenUiAccess, | ||
| TokenMandatoryPolicy, | ||
| TokenLogonSid, | ||
| TokenIsAppContainer, | ||
| TokenCapabilities, | ||
| TokenAppContainerSid, | ||
| TokenAppContainerNumber, | ||
| TokenUserClaimAttributes, | ||
| TokenDeviceClaimAttributes, | ||
| TokenRestrictedUserClaimAttributes, | ||
| TokenRestrictedDeviceClaimAttributes, | ||
| TokenDeviceGroups, | ||
| TokenRestrictedDeviceGroups, | ||
| TokenSecurityAttributes, | ||
| TokenIsRestricted, | ||
| MaxTokenInfoClass | ||
| } | ||
| } | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,100 @@ | ||
| // Copyright (c) to owners found in https://github.com/AArnott/pinvoke/blob/master/COPYRIGHT.md. All rights reserved. | ||
| // Licensed under the MIT license. See LICENSE.txt file in the project root for full license information. | ||
|
|
||
| namespace PInvoke | ||
| { | ||
| using System; | ||
|
|
||
| /// <content> | ||
| /// Contains the <see cref="TokenAccessRights"/> nested type. | ||
| /// </content> | ||
| public partial class AdvApi32 | ||
| { | ||
| /// <summary> | ||
| /// The different access rights allowed to access an access token. | ||
| /// </summary> | ||
| [Flags] | ||
| public enum TokenAccessRights : uint | ||
| { | ||
| /// <summary>The right to delete the object.</summary> | ||
| DELETE = 0x00010000, | ||
|
|
||
| /// <summary> | ||
| /// The right to read the information in the object's security descriptor, not including the information in the | ||
| /// system access control list (SACL). | ||
| /// </summary> | ||
| READ_CONTROL = 0x00020000, | ||
|
|
||
| /// <summary>The right to modify the discretionary access control list (DACL) in the object's security descriptor.</summary> | ||
| WRITE_DAC = 0x00040000, | ||
|
|
||
| /// <summary>The right to change the owner in the object's security descriptor.</summary> | ||
| WRITE_OWNER = 0x00080000, | ||
|
|
||
| /// <summary>Combines DELETE, READ_CONTROL, WRITE_DAC, and WRITE_OWNER access.</summary> | ||
| STANDARD_RIGHTS_REQUIRED = 0x000F0000, | ||
|
|
||
| /// <summary>Currently defined to equal READ_CONTROL.</summary> | ||
| STANDARD_RIGHTS_READ = READ_CONTROL, | ||
|
|
||
| /// <summary>Currently defined to equal READ_CONTROL.</summary> | ||
| STANDARD_RIGHTS_WRITE = READ_CONTROL, | ||
|
|
||
| /// <summary>Currently defined to equal READ_CONTROL.</summary> | ||
| STANDARD_RIGHTS_EXECUTE = READ_CONTROL, | ||
|
|
||
| /// <summary> | ||
| /// Required to attach a primary token to a process. The SE_ASSIGNPRIMARYTOKEN_NAME privilege is also required to | ||
| /// accomplish this task. | ||
| /// </summary> | ||
| TOKEN_ASSIGN_PRIMARY = 0x0001, | ||
|
|
||
| /// <summary>Required to duplicate an access token.</summary> | ||
| TOKEN_DUPLICATE = 0x0002, | ||
|
|
||
| /// <summary>Required to attach an impersonation access token to a process.</summary> | ||
| TOKEN_IMPERSONATE = 0x0004, | ||
|
|
||
| /// <summary>Required to query an access token.</summary> | ||
| TOKEN_QUERY = 0x0008, | ||
|
|
||
| /// <summary>Required to query the source of an access token.</summary> | ||
| TOKEN_QUERY_SOURCE = 0x0010, | ||
|
|
||
| /// <summary>Required to enable or disable the privileges in an access token.</summary> | ||
| TOKEN_ADJUST_PRIVILEGES = 0x0020, | ||
|
|
||
| /// <summary>Required to adjust the attributes of the groups in an access token.</summary> | ||
| TOKEN_ADJUST_GROUPS = 0x0040, | ||
|
|
||
| /// <summary>Required to change the default owner, primary group, or DACL of an access token.</summary> | ||
| TOKEN_ADJUST_DEFAULT = 0x0080, | ||
|
|
||
| /// <summary>Required to adjust the session ID of an access token. The SE_TCB_NAME privilege is required.</summary> | ||
| TOKEN_ADJUST_SESSIONID = 0x0100, | ||
|
|
||
| /// <summary>Combines STANDARD_RIGHTS_READ and TOKEN_QUERY.</summary> | ||
| TOKEN_READ = STANDARD_RIGHTS_READ | TOKEN_QUERY, | ||
|
|
||
| /// <summary>Combines STANDARD_RIGHTS_WRITE, TOKEN_ADJUST_PRIVILEGES, TOKEN_ADJUST_GROUPS, and TOKEN_ADJUST_DEFAULT.</summary> | ||
| TOKEN_WRITE = STANDARD_RIGHTS_WRITE | TOKEN_ADJUST_PRIVILEGES | TOKEN_ADJUST_GROUPS | TOKEN_ADJUST_DEFAULT, | ||
|
|
||
| /// <summary>Required to wait for the process to terminate using the wait functions.</summary> | ||
| ACCESS_SYSTEM_SECURITY = 0x01000000, | ||
|
|
||
| /// <summary>Combines STANDARD_RIGHTS_EXECUTE and TOKEN_IMPERSONATE.</summary> | ||
| TOKEN_EXECUTE = STANDARD_RIGHTS_EXECUTE | TOKEN_IMPERSONATE, | ||
|
|
||
| /// <summary>Combines all possible access rights for a token.</summary> | ||
| TOKEN_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | | ||
| TOKEN_ASSIGN_PRIMARY | | ||
| TOKEN_DUPLICATE | | ||
| TOKEN_IMPERSONATE | | ||
| TOKEN_QUERY | | ||
| TOKEN_QUERY_SOURCE | | ||
| TOKEN_ADJUST_PRIVILEGES | | ||
| TOKEN_ADJUST_GROUPS | | ||
| TOKEN_ADJUST_DEFAULT | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
double-checking that naturally occurring +1's for each of these values coincide with their native equivalents?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For once it's actually defined as a real enum in native code : https://msdn.microsoft.com/en-us/library/windows/desktop/aa379626(v=vs.85).aspx with the same value generation