#define _CRT_SECURE_NO_WARNINGS #include #include #include #include #include "cod3k.h" wchar_t* GetAccessRights(PSECURITY_DESCRIPTOR pSD) { PACL pDacl = NULL; BOOL bDaclPresent = FALSE; BOOL bDaclDefaulted = FALSE; // Результирующая строка size_t RES_SIZE = 4096; // начальный размер size_t count = 0; // количество символов в строке wchar_t* res = (wchar_t*)malloc(RES_SIZE * sizeof(wchar_t)); W_SET(res, 0, RES_SIZE); if (!res) { wprintf(L"Memory allocation failed\n"); return NULL; } // Получаем DACL (Discretionary Access Control List) из дескриптора безопасности if (!GetSecurityDescriptorDacl(pSD, &bDaclPresent, &pDacl, &bDaclDefaulted)) { swprintf(res, RES_SIZE, L"GetSecurityDescriptorDacl failed (%d)\n", GetLastError()); return res; } if (!bDaclPresent || pDacl == NULL) { swprintf(res, RES_SIZE, L"No DACL present (no access restrictions)\n"); return res; } // Перебираем все ACE (Access Control Entries) в DACL for (DWORD i = 0; i < pDacl->AceCount; i++) { PACE_HEADER pAceHeader; if (!GetAce(pDacl, i, (LPVOID*)&pAceHeader)) { swprintf(res + count, RES_SIZE - count, L"GetAce failed (%d)\n", GetLastError()); count += wcslen(res + count); continue; } // Обрабатываем только ACCESS_ALLOWED_ACE_TYPE if (pAceHeader->AceType == ACCESS_ALLOWED_ACE_TYPE) { PACCESS_ALLOWED_ACE pAce = (PACCESS_ALLOWED_ACE)pAceHeader; // Получаем SID субъекта PSID pSid = (PSID)&pAce->SidStart; // Преобразуем SID в текстовый формат LPWSTR pszSid = NULL; if (!ConvertSidToStringSidW(pSid, &pszSid)) { swprintf(res + count, RES_SIZE - count, L"ConvertSidToStringSid failed (%d)\n", GetLastError()); count += wcslen(res + count); continue; } // Получаем имя субъекта по SID WCHAR szName[256]; WCHAR szDomain[256]; DWORD dwNameSize = sizeof(szName) / sizeof(szName[0]); DWORD dwDomainSize = sizeof(szDomain) / sizeof(szDomain[0]); SID_NAME_USE eUse; if (!LookupAccountSidW(NULL, pSid, szName, &dwNameSize, szDomain, &dwDomainSize, &eUse)) { swprintf(res + count, RES_SIZE - count, L"LookupAccountSid failed (%d)\n", GetLastError()); count += wcslen(res + count); LocalFree(pszSid); continue; } // Формируем строку с информацией о субъекте count += swprintf(res + count, RES_SIZE - count, L"SID: %s\n", pszSid); count += swprintf(res + count, RES_SIZE - count, L"Name: %s\\%s\n", szDomain, szName); // Формируем строку с маской доступа и её описанием DWORD dwMask = pAce->Mask; count += swprintf(res + count, RES_SIZE - count, L"Access Mask: 0x%08X\n", dwMask); count += swprintf(res + count, RES_SIZE - count, L"Access Rights:\n"); if (dwMask & FILE_READ_DATA) count += swprintf(res + count, RES_SIZE - count, L" FILE_READ_DATA\n"); if (dwMask & FILE_WRITE_DATA) count += swprintf(res + count, RES_SIZE - count, L" FILE_WRITE_DATA\n"); if (dwMask & FILE_APPEND_DATA) count += swprintf(res + count, RES_SIZE - count, L" FILE_APPEND_DATA\n"); if (dwMask & FILE_READ_EA) count += swprintf(res + count, RES_SIZE - count, L" FILE_READ_EA\n"); if (dwMask & FILE_WRITE_EA) count += swprintf(res + count, RES_SIZE - count, L" FILE_WRITE_EA\n"); if (dwMask & FILE_EXECUTE) count += swprintf(res + count, RES_SIZE - count, L" FILE_EXECUTE\n"); if (dwMask & FILE_DELETE_CHILD) count += swprintf(res + count, RES_SIZE - count, L" FILE_DELETE_CHILD\n"); if (dwMask & FILE_READ_ATTRIBUTES) count += swprintf(res + count, RES_SIZE - count, L" FILE_READ_ATTRIBUTES\n"); if (dwMask & FILE_WRITE_ATTRIBUTES) count += swprintf(res + count, RES_SIZE - count, L" FILE_WRITE_ATTRIBUTES\n"); if (dwMask & DELETE) count += swprintf(res + count, RES_SIZE - count, L" DELETE\n"); if (dwMask & READ_CONTROL) count += swprintf(res + count, RES_SIZE - count, L" READ_CONTROL\n"); if (dwMask & WRITE_DAC) count += swprintf(res + count, RES_SIZE - count, L" WRITE_DAC\n"); if (dwMask & WRITE_OWNER) count += swprintf(res + count, RES_SIZE - count, L" WRITE_OWNER\n"); if (dwMask & SYNCHRONIZE) count += swprintf(res + count, RES_SIZE - count, L" SYNCHRONIZE\n"); LocalFree(pszSid); } } return res; } PSECURITY_DESCRIPTOR get_reg_PSD(wchar_t* path) { HKEY hKey; LONG lRes = RegOpenKeyExW(HKEY_CURRENT_USER, path, 0, KEY_ALL_ACCESS, &hKey); if (lRes != ERROR_SUCCESS) { wprintf(L"RegOpenKeyEx failed (%d)\n", lRes); return NULL; } DWORD dwSize = 0; DWORD dwRes = RegGetKeySecurity(hKey, DACL_SECURITY_INFORMATION, NULL, &dwSize); if (dwRes != ERROR_INSUFFICIENT_BUFFER) { wprintf(L"RegGetKeySecurity failed (%d)\n", dwRes); return NULL; } PSECURITY_DESCRIPTOR pSD = (PSECURITY_DESCRIPTOR)malloc(dwSize); if (!pSD) { wprintf(L"Memory allocation failed\n"); return NULL; } dwRes = RegGetKeySecurity(hKey, DACL_SECURITY_INFORMATION, pSD, &dwSize); if (dwRes != ERROR_SUCCESS) { wprintf(L"RegGetKeySecurity failed (%d)\n", dwRes); free(pSD); return NULL; } RegCloseKey(hKey); return pSD; } PSECURITY_DESCRIPTOR get_PSD(wchar_t* path) { PSECURITY_DESCRIPTOR pSD = NULL; DWORD dwRes = GetNamedSecurityInfoW(path, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, NULL, NULL, &pSD); if (dwRes != ERROR_SUCCESS) { wprint(L"GetNamedSecurityInfo failed (%d)\n", dwRes); return 1; } return pSD; } int main() { const wchar_t* path = L"C:\\Users\\user\\Desktop\\УЧЕБА\\5 СЕМ\\СЕТИ"; // Получаем дескриптор безопасности для указанного файла PSECURITY_DESCRIPTOR pSD = get_PSD(path); // Выводим информацию о правах доступа wchar_t* info = GetAccessRights(pSD); wprint(info); free(info); // Освобождаем память LocalFree(pSD); printf("\n\n\n"); const wchar_t* keyPath = L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"; // Получаем дескриптор безопасности для ключа реестра pSD = get_reg_PSD((wchar_t*)keyPath); // Выводим информацию о правах доступа info = GetAccessRights(pSD); wprint(L"%s", info); free(info); // Освобождаем память free(pSD); return 0; }