Jump to content

Need some C++ to autoit converting help

E1M1
 Share

Recommended Posts

E1M1 Universalist

E1M1

Posted
Posted (edited)

I want to convert that C++ to autoit.

#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <AccCtrl.h>
#include <Aclapi.h>

/**
 * Opens a process. Overwrite the DACL of target process
 * as a fallback if the process has dropped rights. Doesn't
 * require the user to be logged in with system or admin
 * rights.
 *
 * @author asp
 * @param wndclass Name of windowclass.
 * @param rights The process access rights you want.
 * @return 0 on failure. Otherwise handle to process.
 */
HANDLE
   openSecureProcess(LPCSTR wndclass,
                     DWORD rights)
   {
      DWORD pid;
      HWND window;
      HANDLE process;
      PACL dacl;
      PSECURITY_DESCRIPTOR secdesc;

      // Find a window which uses the window class.
      window = FindWindow(wndclass, 0);
      if(window == 0)
      {
        return 0;
      }

      // Get the process id of the process which created it.
      GetWindowThreadProcessId(window, &pid);
     
      // Try to open the process with the requested rights.
      process = OpenProcess(rights, 0, pid);
      if(process != 0)
      {
         return process;
      }

      // Get the DACL of this process since we know we have
      // all rights in it. This really can't fail.
      if(GetSecurityInfo(GetCurrentProcess(),
                         SE_KERNEL_OBJECT,
                         DACL_SECURITY_INFORMATION,
                         0,
                         0,
                         &dacl,
                         0,
                         &secdesc) != ERROR_SUCCESS)
      {
         return 0;
      }
     
      // Open it with WRITE_DAC access so that we can write to the DACL.
      process = OpenProcess(WRITE_DAC, 0, pid);
      if(process == 0)
      {
         LocalFree(secdesc);
         return 0;
      }
     
      if(SetSecurityInfo(process,
                         SE_KERNEL_OBJECT,
                         DACL_SECURITY_INFORMATION |
                         UNPROTECTED_DACL_SECURITY_INFORMATION,
                         0,
                         0,
                         dacl,
                         0) != ERROR_SUCCESS)
      {
         LocalFree(secdesc);
         return 0;
      }
         
      // The DACL is overwritten with our own DACL. We
      // should be able to open it with the requested
      // privileges now.
      CloseHandle(process);
      LocalFree(secdesc);
      process = OpenProcess(rights, 0, pid);
      if(process == 0)
      {
         return 0;
      }

      return process;
   }

Code I have

Func   openSecureProcess($Class,$Rights)
      Local $pid;
      Local $window;
      Local $process;
      Local $dacl;
      Local $secdesc;

      ;// Find a window which uses the window class.
      $window =  _WinAPI_FindWindow($Class, 0);
      if($window == 0) Then return 0;

      ;// Get the process id of the process which created it.
      _WinAPI_GetWindowThreadProcessId($window, $pid);

      ;// Try to open the process with the requested rights.
      $process = _WinAPI_OpenProcess($rights, 0, $pid);
      if($process <> 0) Then return $process;

      ;// Get the DACL of this process since we know we have
      ;// all rights in it. This really can't fail.
      if(GetSecurityInfo(_WinAPI_GetCurrentProcess(),SE_KERNEL_OBJECT,DACL_SECURITY_INFORMATION,0,0,$dacl,0,$secdesc) <> ERROR_SUCCESS) Then return 0;

      ;// Open it with WRITE_DAC access so that we can write to the DACL.
      $process = _WinAPI_OpenProcess(WRITE_DAC, 0, $pid);
      if($process == 0) Then
         _WinAPI_LocalFree($secdesc);
         return 0;
      EndIf

      if(SetSecurityInfo($process,SE_KERNEL_OBJECT,DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION,0,0,$dacl,0) <> ERROR_SUCCESS) Then
         _WinAPI_LocalFree($secdesc);
         return 0;
      EndIf

      ;// The DACL is overwritten with our own DACL. We
      ;// should be able to open it with the requested
      ;// privileges now.
      _WinAPI_CloseHandle($process);
      _WinAPI_LocalFree($secdesc);
      $process = _WinAPI_OpenProcess($rights, 0, $pid);
      if($process == 0) return 0;

      return $process;
EndFunc

Questions:

1)How to convert GetSecurityInfo and SetSecurityInfo to autoit.

2)_WinAPI_OpenProcess(WRITE_DAC, 0, $pid); what's WRITE_DAC? MS says it's 0x00040000L. but what does that L mean at then can I just use 0x00040000?

3) if function argument is &secdesc then do I have to use $secdesc or ByRef $secdesc?

4)how to convert DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION to autoit? MSDN gives values for these variables but what I need to do with | ?

5)What is ERROR_SUCCESS in autoit

Edited by E1M1

edited

BrettF Universalist

BrettF

Posted
Posted

1)How to convert GetSecurityInfo and SetSecurityInfo to autoit.

No idea. But I think DLLCall with Advapi32.dll could work if nothing else does...

2)_WinAPI_OpenProcess(WRITE_DAC, 0, $pid); what's WRITE_DAC? MS says it's 0x00040000L. but what does that L mean at then can I just use 0x00040000?

Google says something about the suffix L/l being a long or something...

3) if function argument is &secdesc then do I have to use $secdesc or ByRef $secdesc?

From what I understand ByRef...

4)how to convert DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION to autoit? MSDN gives values for these variables but what I need to do with | ?

Bitwise OR

Interesting how I came up with all of those answers using google. Also your code is missing pretty much everything to even start to attempting to make it work...

Cheers.

Vist my blog!UDFs: Opens The Default Mail Client | _LoginBox | Convert Reg to AU3 | BASS.au3 (BASS.dll) (Includes various BASS Libraries) | MultiLang.au3 (Multi-Language GUIs!)Example Scripts: Computer Info Telnet Server | "Secure" HTTP Server (Based on Manadar's Server)Software: AAMP- Advanced AutoIt Media Player | WorldCam | AYTU - Youtube Uploader Tutorials: Learning to Script with AutoIt V3Projects (Hardware + AutoIt): ArduinoUseful Links: AutoIt 1-2-3 | The AutoIt Downloads Section: | SciTE4AutoIt3 Full Version!
E1M1 Universalist

E1M1

Posted
  • Author
Posted (edited)

Here's my new code. How many mistakes can you still find from it?

Did I convert variables right?

Does this code have anything else than GetSecurityInfo and SetSecurityInfo missing?

Func   openSecureProcess($Class,$Rights)
      Local $pid;
      Local $window;
      Local $process;
      Local $dacl;
      Local $secdesc;

$ERROR_SUCCESS = 0x0
$SE_KERNEL_OBJECT = 6
$DACL_SECURITY_INFORMATION = 0x00000004
$UNPROTECTED_DACL_SECURITY_INFORMATION = 0x20000000

      ;// Find a window which uses the window class.
      $window =  _WinAPI_FindWindow($Class, 0);
      if($window == 0) Then return 0;

      ;// Get the process id of the process which created it.
      _WinAPI_GetWindowThreadProcessId($window, $pid);

      ;// Try to open the process with the requested rights.
      $process = _WinAPI_OpenProcess($rights, 0, $pid);
      if($process <> 0) Then return $process;

      ;// Get the DACL of this process since we know we have
      ;// all rights in it. This really can't fail.
      if(GetSecurityInfo(_WinAPI_GetCurrentProcess(),$SE_KERNEL_OBJECT,$DACL_SECURITY_INFORMATION,0,0,$dacl,0,$secdesc) <> $ERROR_SUCCESS) Then return 0;

      ;// Open it with WRITE_DAC access so that we can write to the DACL.
      $process = _WinAPI_OpenProcess(0x00040000, 0, $pid);
      if($process == 0) Then
         _WinAPI_LocalFree($secdesc);
         return 0;
      EndIf

      if(SetSecurityInfo($process,$SE_KERNEL_OBJECT,$DACL_SECURITY_INFORMATION + $UNPROTECTED_DACL_SECURITY_INFORMATION,0,0,$dacl,0) <> $ERROR_SUCCESS) Then
         _WinAPI_LocalFree($secdesc);
         return 0;
      EndIf

      ;// The DACL is overwritten with our own DACL. We
      ;// should be able to open it with the requested
      ;// privileges now.
      _WinAPI_CloseHandle($process);
      _WinAPI_LocalFree($secdesc);
      $process = _WinAPI_OpenProcess($rights, 0, $pid);
      if($process == 0) Then return 0;

      return $process;
EndFunc
Edited by E1M1

edited

BrettF Universalist

BrettF

Posted
Posted

GetSecurityInfo? SetSecurityInfo What is that?

Also you are missing #include...

Cheers,

Brett

Vist my blog!UDFs: Opens The Default Mail Client | _LoginBox | Convert Reg to AU3 | BASS.au3 (BASS.dll) (Includes various BASS Libraries) | MultiLang.au3 (Multi-Language GUIs!)Example Scripts: Computer Info Telnet Server | "Secure" HTTP Server (Based on Manadar's Server)Software: AAMP- Advanced AutoIt Media Player | WorldCam | AYTU - Youtube Uploader Tutorials: Learning to Script with AutoIt V3Projects (Hardware + AutoIt): ArduinoUseful Links: AutoIt 1-2-3 | The AutoIt Downloads Section: | SciTE4AutoIt3 Full Version!
E1M1 Universalist

E1M1

Posted
  • Author
Posted (edited)

How do I complete these 2 funcs?

Func GetSecurityInfo($handle, $ObjectType, $SecurityInfo, $ppsidOwner, $ppsidGroup, $ppDacl, $ppSacl, $ppSecurityDescriptor)
    DllCall("Advapi32.dll", "long", "GetSecurityInfo", "HANDLE", $handle
EndFunc

Func SetSecurityInfo($handle, $ObjectType, $SecurityInfo, $psidOwner, $psidGroup, $pDacl, $pSacl)
    DllCall("Advapi32.dll", "long", "SetSecurityInfo", "HANDLE",$handle
EndFunc

http://msdn.microsoft.com/en-us/library/aa379588%28VS.85%29.aspx sais that 2nd argument is ObjectType. but when I looked at DllCall I didn't find "ObjectType" from valid types list.

I found Optional output arguments can be NULL but what does NULL mean? just ""?

Does [out, optional] mean that I have to put ByRef before variable?

Sorry for so many stupid questions about DLL, I have never done anything like that before.

Edited by E1M1

edited

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...