1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
// Copyright (c) 2016 Egor Tensin <Egor.Tensin@gmail.com>
// This file is part of the "Privilege test" project.
// For details, see https://github.com/egor-tensin/privilege-test.
// Distributed under the MIT License.
#pragma once
#include "error.hpp"
#include <Windows.h>
#include <sddl.h>
#include <array>
#include <memory>
#include <string>
constexpr DWORD max_sid_size = SECURITY_MAX_SID_SIZE;
typedef std::array<unsigned char, max_sid_size> SidBuffer;
namespace sid
{
SidBuffer well_known(WELL_KNOWN_SID_TYPE type)
{
SidBuffer buffer;
DWORD cb = static_cast<DWORD>(buffer.size());
if (!CreateWellKnownSid(type, NULL, buffer.data(), &cb))
error::raise("CreateWellKnownSid");
return buffer;
}
SidBuffer builtin_administrators()
{
/*
void* sid = nullptr;
SID_IDENTIFIER_AUTHORITY authority = SECURITY_NT_AUTHORITY;
if (!AllocateAndInitializeSid(
&authority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&sid))
{
error::raise("AllocateAndInitializeSid");
}
return std::unique_ptr<void, FreeSid>{sid};
*/
return well_known(WinBuiltinAdministratorsSid);
}
struct DeleteSidString
{
void operator()(wchar_t* s) const
{
LocalFree(s);
}
};
std::wstring to_string(const SidBuffer& sid)
{
wchar_t* s = nullptr;
if (!ConvertSidToStringSidW(const_cast<unsigned char*>(sid.data()), &s))
error::raise("ConvertSidToStringSidW");
return std::unique_ptr<wchar_t, DeleteSidString>{s}.get();
}
}
|