Пользователи, пароли, защита информации (DELPHI/windows)
Пользователи, пароли, защита информации (DELPHI/windows)
Пользователи, пароли, защита информации (DELPHI/windows) Изменение привилегий { for some functions you need to get the right privileges on a windows nt machine. (e.g: to shut down or restart windows with exitwindowsex or to change the system time) the following code provides a procedure to adjust the privileges. the adjusttokenprivileges() function enables or disables privileges in the specified access token. } // nt defined privileges from winnt.h const se_create_token_name = 'secreatetokenprivilege'; se_assignprimarytoken_name = 'seassignprimarytokenprivilege'; se_lock_memory_name = 'selockmemoryprivilege'; se_increase_quota_name = 'seincreasequotaprivilege'; se_unsolicited_input_name = 'seunsolicitedinputprivilege'; se_machine_account_name = 'semachineaccountprivilege'; se_tcb_name = 'setcbprivilege'; se_security_name = 'sesecurityprivilege'; se_take_ownership_name = 'setakeownershipprivilege'; se_load_driver_name = 'seloaddriverprivilege'; se_system_profile_name = 'sesystemprofileprivilege'; se_systemtime_name = 'sesystemtimeprivilege'; se_prof_single_process_name = 'seprofilesingleprocessprivilege'; se_inc_base_priority_name = 'seincreasebasepriorityprivilege'; se_create_pagefile_name = 'secreatepagefileprivilege'; se_create_permanent_name = 'secreatepermanentprivilege'; se_backup_name = 'sebackupprivilege'; se_restore_name = 'serestoreprivilege'; se_shutdown_name = 'seshutdownprivilege'; se_debug_name = 'sedebugprivilege'; se_audit_name = 'seauditprivilege'; se_system_environment_name = 'sesystemenvironmentprivilege'; se_change_notify_name = 'sechangenotifyprivilege'; se_remote_shutdown_name = 'seremoteshutdownprivilege'; se_undock_name = 'seundockprivilege'; se_sync_agent_name = 'sesyncagentprivilege'; se_enable_delegation_name = 'seenabledelegationprivilege'; se_manage_volume_name = 'semanagevolumeprivilege'; // enables or disables privileges debending on the benabled // aktiviert oder deaktiviert privilegien, abhangig von benabled function ntsetprivilege(sprivilege: string; benabled: boolean): boolean; var htoken: thandle; tokenpriv: token_privileges; prevtokenpriv: token_privileges; returnlength: cardinal; begin result := true; // only for windows nt/2000/xp and later. if not (win32platform = ver_platform_win32_nt) then exit; result := false; // obtain the processes token if openprocesstoken(getcurrentprocess(), token_adjust_privileges or token_query, htoken) then begin try // get the locally unique identifier (luid) . if lookupprivilegevalue(nil, pchar(sprivilege), tokenpriv.privileges[0].luid) then begin tokenpriv.privilegecount := 1; // one privilege to set case benabled of true: tokenpriv.privileges[0].attributes := se_privilege_enabled; false: tokenpriv.privileges[0].attributes := 0; end; returnlength := 0; // replaces a var parameter prevtokenpriv := tokenpriv; // enable or disable the privilege adjusttokenprivileges(htoken, false, tokenpriv, sizeof(prevtokenpriv), prevtokenpriv, returnlength); end; finally closehandle(htoken); end; end; // test the return value of adjusttokenprivileges. result := getlasterror = error_success; if not result then raise exception.create(syserrormessage(getlasterror)); end; Взято с сайта http://www.swissdelphicenter.ch/en/tipsindex.php =============================================== Как вывести список привелегий? procedure tform1.button1click(sender: tobject); const tokensize = 800; // (sizeof(pointer)=4 *200) var htoken: thandle; ptokeninfo: ptokenprivileges; returnlen: cardinal; i: integer; privname: pchar; displayname: pchar; namesize: cardinal; displsize: cardinal; langid: cardinal; begin getmem(ptokeninfo, tokensize); if not openprocesstoken(getcurrentprocess(), token_adjust_privileges or token_query, htoken) then showmessage('openprocesstoken error'); if not gettokeninformation(htoken, tokenprivileges, ptokeninfo, tokensize, returnlen) then showmessage('gettokeninformation error'); getmem(privname, 255); getmem(displayname, 255); for i := 0 to ptokeninfo.privilegecount - 1 do begin displsize := 255; namesize := 255; lookupprivilegename(nil, ptokeninfo.privileges[i].luid, privname, namesize); lookupprivilegedisplayname(nil, privname, displayname, displsize, langid); listbox1.items.add(privname +^i + displayname); end; freemem(privname); freemem(displayname); freemem(ptokeninfo); end; Взято с сайта http://www.swissdelphicenter.ch/en/tipsindex.php ==================================================================== Как проверить, имеем ли мы административные привилегии в системе? type ptoken_groups = token_groups^; function runningasadministrator(): boolean; var systemsidauthority: sid_identifier_authority = security_nt_authority; psidadmin: psid; ptg: ptoken_groups = nil; htkthread: integer; { handle } cbtokengroups: longint; { dword } igroup: longint; { dword } badmin: boolean; begin result := false; if not openthreadtoken(getcurrentthread(), // get security token token_query, false, htkthread) then if getlasterror() = error_no_token then begin if not openprocesstoken(getcurrentprocess(), token_query, htkthread) then exit; end else exit; if gettokeninformation(htkthread, // get #of groups tokengroups, nil, 0, cbtokengroups) then exit; if getlasterror() <> error_insufficient_buffer then exit; ptg := ptoken_groups(getmem(cbtokengroups)); if not assigned(ptg) then exit; if not gettokeninformation(htkthread, // get groups tokengroups, ptg, cbtokengroups, cbtokengroups) then exit; if not allocateandinitializesid(systemsidauthority, 2, security_builtin_domain_rid, domain_alias_rid_admins, 0, 0, 0, 0, 0, 0, psidadmin) then exit; igroup := 0; while igroup < ptg^.groupcount do // check administrator group begin if equalsid(ptg^.groups[igroup].sid, psidadmin) then begin result := true; break; end; inc(igroup); end; freesid(psidadmin); end; Взято сhttp://delphiworld.narod.ru ======================================================= Проверить запущена ли программа от system account? function onsystemaccount(): boolean; const cnmaxnamelen = 254; var sname: string; dwnamelen: dword; begin dwnamelen := cnmaxnamelen - 1; setlength(sname, cnmaxnamelen); getusername(pchar(sname), dwnamelen); setlength(sname, dwnamelen); if uppercase(trim(sname)) = 'system' then result := true else result := false; end; Взято с сайта http://www.swissdelphicenter.ch/en/tipsindex.php =============================================================== Запуск процесса в контексте другого пользователя uses jwawinbase; ( http://members.chello.nl/m.vanbrakel2/ ) //... procedure tform1.button1click(sender: tobject); var si: startupinfow; pif: process_information; res: bool; s: string; begin //set startupinfow first si.cb := sizeof(startupinfow); si.dwflags := startf_useshowwindow; si.wshowwindow := sw_showdefault; si.lpreserved := nil; si.lpdesktop := nil; si.lptitle := 'konsole'; // run createprocesswithlogonw... res := createprocesswithlogonw('security', 'arvicor', 'test', logon_with_profile, 'c:\win2kas\system32\regedt32.exe', nil , create_default_error_mode, nil, nil, si, pif); if booltostr(res) = '0' then begin //if an error occures, show the error-code //this code can be 'translated' with 'net helpmsg ' on command-prompt str(getlasterror, s); showmessage('createprocesswithlogonresult: ' + booltostr(res) + #10 + 'getlasterror: ' + s); end; end; Взято с сайта http://www.swissdelphicenter.ch/en/tipsindex.php ================================================ Получить список пользователей getlocaluserlist - возвращает список пользователей (windows nt, windows 2000) unit func; interface uses sysutils, classes, stdctrls, comctrls, graphics, windows; //////////////////////////////////////////////////////////////////////////////// {$externalsym netuserenum} function netuserenum(servername: lpwstr; level, filter: dword; bufptr: pointer; prefmaxlen: dword; entriesread, totalentries, resume_handle: lpdword): dword; stdcall; external 'netapi32.dll' name 'netuserenum'; function netapibufferfree(buffer: pointer {lpvoid}): dword; stdcall; external 'netapi32.dll' name 'netapibufferfree'; //////////////////////////////////////////////////////////////////////////////// procedure getlocaluserlist(ulist: tstringlist); implementation //------------------------------------------------------------------------------ // возвращает список пользователей локального хоста //------------------------------------------------------------------------------ procedure getlocaluserlist(ulist: tstringlist); const nerr_success = 0; filter_temp_duplicate_account = $0001; filter_normal_account = $0002; filter_proxy_account = $0004; filter_interdomain_trust_account = $0008; filter_workstation_trust_account = $0010; filter_server_trust_account = $0020; type tuser_info_10 = record usri10_name, usri10_comment, usri10_usr_comment, usri10_full_name: pwidechar; end; puser_info_10 = ^tuser_info_10; var dweread, dwetotal, dwres, res: dword; inf: puser_info_10; info: pointer; p: pchar; i: integer; begin if ulist = nil then exit; ulist.clear; info := nil; dwres := 0; res := netuserenum(nil, 10, filter_normal_account, @info, 65536, @dweread, @dwetotal, @dwres); if (res <> nerr_success) or (info = nil) then exit; p := pchar(info); for i := 0 to dweread - 1 do begin inf := puser_info_10(p + i * sizeof(tuser_info_10)); ulist.add(widechartostring(pwidechar((inf^).usri10_name))); end; netapibufferfree(info); end; end. Автор: Кондратюк Виталий Взято с http://delphiworld.narod.ru ============================================== Как прочитать пароль, скрытый за звездочками? Наверно так: хотя классов может быть больше procedure tform1.timer1timer(sender: tobject); var wnd : hwnd; lpclassname: array [0..$ff] of char; begin wnd := windowfrompoint(mouse.cursorpos); getclassname (wnd, lpclassname, $ff); if ((strpas(lpclassname) = 'tedit') or (strpas(lpclassname) = 'edit')) then postmessage (wnd, em_setpasswordchar, 0, 0); end; Автор ответа: baa Взято с vingrad.ru http://forum.vingrad.ru Здесь проблема: если страница памяти защищена, то её нельзя прочитать таким способом, но можно заменить passwordchar(пример: поле ввода пароля в удаленном соединении) Автор ответа: mikel Взято с vingrad.ru http://forum.vingrad.ru
