E1M1 Posted June 27, 2010 Share Posted June 27, 2010 (edited) I want to convert that C++ to autoit.expandcollapse popup#define WIN32_LEAN_AND_MEAN #include <windows.h> #include <AccCtrl.h> #include <Aclapi.h> /** * Opens a process. Overwrite the DACL of target process * as a fallback if the process has dropped rights. Doesn't * require the user to be logged in with system or admin * rights. * * @author asp * @param wndclass Name of windowclass. * @param rights The process access rights you want. * @return 0 on failure. Otherwise handle to process. */ HANDLE openSecureProcess(LPCSTR wndclass, DWORD rights) { DWORD pid; HWND window; HANDLE process; PACL dacl; PSECURITY_DESCRIPTOR secdesc; // Find a window which uses the window class. window = FindWindow(wndclass, 0); if(window == 0) { return 0; } // Get the process id of the process which created it. GetWindowThreadProcessId(window, &pid); // Try to open the process with the requested rights. process = OpenProcess(rights, 0, pid); if(process != 0) { return process; } // Get the DACL of this process since we know we have // all rights in it. This really can't fail. if(GetSecurityInfo(GetCurrentProcess(), SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, 0, 0, &dacl, 0, &secdesc) != ERROR_SUCCESS) { return 0; } // Open it with WRITE_DAC access so that we can write to the DACL. process = OpenProcess(WRITE_DAC, 0, pid); if(process == 0) { LocalFree(secdesc); return 0; } if(SetSecurityInfo(process, SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION, 0, 0, dacl, 0) != ERROR_SUCCESS) { LocalFree(secdesc); return 0; } // The DACL is overwritten with our own DACL. We // should be able to open it with the requested // privileges now. CloseHandle(process); LocalFree(secdesc); process = OpenProcess(rights, 0, pid); if(process == 0) { return 0; } return process; }Code I haveexpandcollapse popupFunc openSecureProcess($Class,$Rights) Local $pid; Local $window; Local $process; Local $dacl; Local $secdesc; ;// Find a window which uses the window class. $window = _WinAPI_FindWindow($Class, 0); if($window == 0) Then return 0; ;// Get the process id of the process which created it. _WinAPI_GetWindowThreadProcessId($window, $pid); ;// Try to open the process with the requested rights. $process = _WinAPI_OpenProcess($rights, 0, $pid); if($process <> 0) Then return $process; ;// Get the DACL of this process since we know we have ;// all rights in it. This really can't fail. if(GetSecurityInfo(_WinAPI_GetCurrentProcess(),SE_KERNEL_OBJECT,DACL_SECURITY_INFORMATION,0,0,$dacl,0,$secdesc) <> ERROR_SUCCESS) Then return 0; ;// Open it with WRITE_DAC access so that we can write to the DACL. $process = _WinAPI_OpenProcess(WRITE_DAC, 0, $pid); if($process == 0) Then _WinAPI_LocalFree($secdesc); return 0; EndIf if(SetSecurityInfo($process,SE_KERNEL_OBJECT,DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION,0,0,$dacl,0) <> ERROR_SUCCESS) Then _WinAPI_LocalFree($secdesc); return 0; EndIf ;// The DACL is overwritten with our own DACL. We ;// should be able to open it with the requested ;// privileges now. _WinAPI_CloseHandle($process); _WinAPI_LocalFree($secdesc); $process = _WinAPI_OpenProcess($rights, 0, $pid); if($process == 0) return 0; return $process; EndFuncQuestions:1)How to convert GetSecurityInfo and SetSecurityInfo to autoit.2)_WinAPI_OpenProcess(WRITE_DAC, 0, $pid); what's WRITE_DAC? MS says it's 0x00040000L. but what does that L mean at then can I just use 0x00040000?3) if function argument is &secdesc then do I have to use $secdesc or ByRef $secdesc?4)how to convert DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION to autoit? MSDN gives values for these variables but what I need to do with | ?5)What is ERROR_SUCCESS in autoit Edited June 27, 2010 by E1M1 edited Link to comment Share on other sites More sharing options...
BrettF Posted June 27, 2010 Share Posted June 27, 2010 1)How to convert GetSecurityInfo and SetSecurityInfo to autoit.No idea. But I think DLLCall with Advapi32.dll could work if nothing else does... 2)_WinAPI_OpenProcess(WRITE_DAC, 0, $pid); what's WRITE_DAC? MS says it's 0x00040000L. but what does that L mean at then can I just use 0x00040000?Google says something about the suffix L/l being a long or something...3) if function argument is &secdesc then do I have to use $secdesc or ByRef $secdesc?From what I understand ByRef...4)how to convert DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION to autoit? MSDN gives values for these variables but what I need to do with | ?Bitwise ORInteresting how I came up with all of those answers using google. Also your code is missing pretty much everything to even start to attempting to make it work...Cheers. Vist my blog!UDFs: Opens The Default Mail Client | _LoginBox | Convert Reg to AU3 | BASS.au3 (BASS.dll) (Includes various BASS Libraries) | MultiLang.au3 (Multi-Language GUIs!)Example Scripts: Computer Info Telnet Server | "Secure" HTTP Server (Based on Manadar's Server)Software: AAMP- Advanced AutoIt Media Player | WorldCam | AYTU - Youtube Uploader Tutorials: Learning to Script with AutoIt V3Projects (Hardware + AutoIt): ArduinoUseful Links: AutoIt 1-2-3 | The AutoIt Downloads Section: | SciTE4AutoIt3 Full Version! Link to comment Share on other sites More sharing options...
E1M1 Posted June 27, 2010 Author Share Posted June 27, 2010 (edited) Here's my new code. How many mistakes can you still find from it? Did I convert variables right? Does this code have anything else than GetSecurityInfo and SetSecurityInfo missing? expandcollapse popupFunc openSecureProcess($Class,$Rights) Local $pid; Local $window; Local $process; Local $dacl; Local $secdesc; $ERROR_SUCCESS = 0x0 $SE_KERNEL_OBJECT = 6 $DACL_SECURITY_INFORMATION = 0x00000004 $UNPROTECTED_DACL_SECURITY_INFORMATION = 0x20000000 ;// Find a window which uses the window class. $window = _WinAPI_FindWindow($Class, 0); if($window == 0) Then return 0; ;// Get the process id of the process which created it. _WinAPI_GetWindowThreadProcessId($window, $pid); ;// Try to open the process with the requested rights. $process = _WinAPI_OpenProcess($rights, 0, $pid); if($process <> 0) Then return $process; ;// Get the DACL of this process since we know we have ;// all rights in it. This really can't fail. if(GetSecurityInfo(_WinAPI_GetCurrentProcess(),$SE_KERNEL_OBJECT,$DACL_SECURITY_INFORMATION,0,0,$dacl,0,$secdesc) <> $ERROR_SUCCESS) Then return 0; ;// Open it with WRITE_DAC access so that we can write to the DACL. $process = _WinAPI_OpenProcess(0x00040000, 0, $pid); if($process == 0) Then _WinAPI_LocalFree($secdesc); return 0; EndIf if(SetSecurityInfo($process,$SE_KERNEL_OBJECT,$DACL_SECURITY_INFORMATION + $UNPROTECTED_DACL_SECURITY_INFORMATION,0,0,$dacl,0) <> $ERROR_SUCCESS) Then _WinAPI_LocalFree($secdesc); return 0; EndIf ;// The DACL is overwritten with our own DACL. We ;// should be able to open it with the requested ;// privileges now. _WinAPI_CloseHandle($process); _WinAPI_LocalFree($secdesc); $process = _WinAPI_OpenProcess($rights, 0, $pid); if($process == 0) Then return 0; return $process; EndFunc Edited June 27, 2010 by E1M1 edited Link to comment Share on other sites More sharing options...
BrettF Posted June 27, 2010 Share Posted June 27, 2010 GetSecurityInfo? SetSecurityInfo What is that? Also you are missing #include... Cheers, Brett Vist my blog!UDFs: Opens The Default Mail Client | _LoginBox | Convert Reg to AU3 | BASS.au3 (BASS.dll) (Includes various BASS Libraries) | MultiLang.au3 (Multi-Language GUIs!)Example Scripts: Computer Info Telnet Server | "Secure" HTTP Server (Based on Manadar's Server)Software: AAMP- Advanced AutoIt Media Player | WorldCam | AYTU - Youtube Uploader Tutorials: Learning to Script with AutoIt V3Projects (Hardware + AutoIt): ArduinoUseful Links: AutoIt 1-2-3 | The AutoIt Downloads Section: | SciTE4AutoIt3 Full Version! Link to comment Share on other sites More sharing options...
E1M1 Posted June 27, 2010 Author Share Posted June 27, 2010 (edited) How do I complete these 2 funcs? Func GetSecurityInfo($handle, $ObjectType, $SecurityInfo, $ppsidOwner, $ppsidGroup, $ppDacl, $ppSacl, $ppSecurityDescriptor) DllCall("Advapi32.dll", "long", "GetSecurityInfo", "HANDLE", $handle EndFunc Func SetSecurityInfo($handle, $ObjectType, $SecurityInfo, $psidOwner, $psidGroup, $pDacl, $pSacl) DllCall("Advapi32.dll", "long", "SetSecurityInfo", "HANDLE",$handle EndFunc http://msdn.microsoft.com/en-us/library/aa379588%28VS.85%29.aspx sais that 2nd argument is ObjectType. but when I looked at DllCall I didn't find "ObjectType" from valid types list. I found Optional output arguments can be NULL but what does NULL mean? just ""? Does [out, optional] mean that I have to put ByRef before variable? Sorry for so many stupid questions about DLL, I have never done anything like that before. Edited June 27, 2010 by E1M1 edited Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now