sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-12-07 20:23:50 +03:00
Code Activity

add a command to rpcclient: enumprivs

Browse Source 
J.F.
This commit is contained in:
Jean-François Micouleau
-
parent 9f8c644abc
commit fa63cb78e3
4 changed files with 152 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
source/libsmb/cli_lsarpc.c
View File

@@ -607,4 +607,86 @@ NTSTATUS cli_lsa_enum_trust_dom(struct cli_state *cli, TALLOC_CTX *mem_ctx,
return result;
}
/** Enumerate privileges*/
NTSTATUS cli_lsa_enum_privilege(struct cli_state *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *pol, uint32 *enum_context, uint32 pref_max_length,
uint32 *count, char ***privs_name, uint32 **privs_high, uint32 **privs_low)
{
prs_struct qbuf, rbuf;
LSA_Q_ENUM_PRIVS q;
LSA_R_ENUM_PRIVS r;
NTSTATUS result;
int i;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
/* Initialise parse structures */
prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
/* Marshall data and send request */
init_q_enum_privs(&q, pol, *enum_context, pref_max_length);
if (!lsa_io_q_enum_privs("", &q, &qbuf, 0) ||
!rpc_api_pipe_req(cli, LSA_ENUM_PRIVS, &qbuf, &rbuf)) {
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
/* Unmarshall response */
if (!lsa_io_r_enum_privs("", &r, &rbuf, 0)) {
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
if (!NT_STATUS_IS_OK(result = r.status)) {
goto done;
}
/* Return output parameters */
*enum_context = r.enum_context;
*count = r.count;
if (!((*privs_name = (char **)talloc(mem_ctx, sizeof(char *) * r.count)))) {
DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
if (!((*privs_high = (uint32 *)talloc(mem_ctx, sizeof(uint32) * r.count)))) {
DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
if (!((*privs_low = (uint32 *)talloc(mem_ctx, sizeof(uint32) * r.count)))) {
DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
for (i = 0; i < r.count; i++) {
fstring name;
rpcstr_pull_unistr2_fstring( name, &r.privs[i].name);
(*privs_name)[i] = talloc_strdup(mem_ctx, name);
(*privs_high)[i] = r.privs[i].luid_high;
(*privs_low)[i] = r.privs[i].luid_low;
}
done:
prs_mem_free(&qbuf);
prs_mem_free(&rbuf);
return result;
}
/** @} **/

21
source/rpc_parse/parse_lsa.c
View File

@@ -246,11 +246,14 @@ static BOOL lsa_io_obj_attr(char *desc, LSA_OBJ_ATTR *attr, prs_struct *ps,
if(!prs_uint32("ptr_sec_qos ", ps, depth, &attr->ptr_sec_qos )) /* security quality of service (pointer) */
return False;
/* code commented out as it's not necessary true (tested with hyena). JFM, 11/22/2001 */
#if 0
if (attr->len != prs_offset(ps) - start) {
DEBUG(3,("lsa_io_obj_attr: length %x does not match size %x\n",
attr->len, prs_offset(ps) - start));
return False;
}
#endif
if (attr->ptr_sec_qos != 0 && attr->sec_qos != NULL) {
if(!lsa_io_sec_qos("sec_qos", attr->sec_qos, ps, depth))
@@ -1280,6 +1283,20 @@ BOOL lsa_io_r_open_secret(char *desc, LSA_R_OPEN_SECRET *r_c, prs_struct *ps, in
return True;
}
/*******************************************************************
Inits an LSA_Q_ENUM_PRIVS structure.
********************************************************************/
void init_q_enum_privs(LSA_Q_ENUM_PRIVS *q_q, POLICY_HND *hnd, uint32 enum_context, uint32 pref_max_length)
{
DEBUG(5, ("init_q_enum_privs\n"));
memcpy(&q_q->pol, hnd, sizeof(q_q->pol));
q_q->enum_context = enum_context;
q_q->pref_max_length = pref_max_length;
}
/*******************************************************************
reads or writes a structure.
********************************************************************/
@@ -1382,6 +1399,10 @@ BOOL lsa_io_r_enum_privs(char *desc, LSA_R_ENUM_PRIVS *r_q, prs_struct *ps, int
if(!prs_uint32("count1", ps, depth, &r_q->count1))
return False;
if (UNMARSHALLING(ps))
if (!(r_q->privs = (LSA_PRIV_ENTRY *)prs_alloc_mem(ps, sizeof(LSA_PRIV_ENTRY) * r_q->count1)))
return False;
if (!lsa_io_priv_entries("", r_q->privs, r_q->count1, ps, depth))
return False;
}

2
source/rpc_server/srv_lsa_nt.c
View File

@@ -580,7 +580,7 @@ NTSTATUS _lsa_priv_get_dispname(pipes_struct *p, LSA_Q_PRIV_GET_DISPNAME *q_u, L
DEBUG(0,("_lsa_priv_get_dispname: %s", name_asc));
for (i=1; privs[i].se_priv!=SE_PRIV_ALL; i++) {
if ( strcmp(name_asc, privs[i].priv)) {
if ( !strcmp(name_asc, privs[i].priv)) {
fstrcpy(desc_asc, privs[i].description);

48
source/rpcclient/cmd_lsarpc.c
View File

@@ -222,6 +222,53 @@ static NTSTATUS cmd_lsa_enum_trust_dom(struct cli_state *cli,
return result;
}
/* Enumerates privileges */
static NTSTATUS cmd_lsa_enum_privilege(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
char **argv)
{
POLICY_HND pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 enum_context=0;
uint32 pref_max_length=0x1000;
uint32 count=0;
char **privs_name;
uint32 *privs_high;
uint32 *privs_low;
int i;
if (argc > 1) {
printf("Usage: %s\n", argv[0]);
return NT_STATUS_OK;
}
result = cli_lsa_open_policy(cli, mem_ctx, True,
SEC_RIGHTS_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
goto done;
result = cli_lsa_enum_privilege(cli, mem_ctx, &pol, &enum_context, pref_max_length,
&count, &privs_name, &privs_high, &privs_low);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Print results */
printf("found %d priviledges\n\n", count);
for (i = 0; i < count; i++) {
printf("%s \t\t%d:%d (0x%x:0x%x)\n", privs_name[i] ? privs_name[i] : "*unknown*",
privs_high[i], privs_low[i], privs_high[i], privs_low[i]);
}
done:
return result;
}
/* List of commands exported by this module */
struct cmd_set lsarpc_commands[] = {
@@ -232,6 +279,7 @@ struct cmd_set lsarpc_commands[] = {
{ "lookupsids", cmd_lsa_lookup_sids, PIPE_LSARPC, "Convert SIDs to names", "" },
{ "lookupnames", cmd_lsa_lookup_names, PIPE_LSARPC, "Convert names to SIDs", "" },
{ "enumtrust", cmd_lsa_enum_trust_dom, PIPE_LSARPC, "Enumerate trusted domains", "" },
{ "enumprivs", cmd_lsa_enum_privilege, PIPE_LSARPC, "Enumerate privileges", "" },
{ NULL }
};