python - GetTokenInformation with ctypes -


i'm trying use gettokeninformation function ctypes. problem print none. 

import winappdbg ctypes import *  lpvoid = c_void_p pvoid = lpvoid psid = pvoid dword = c_uint32   class sid_and_attributes(structure):     _fields_ = [         ("sid",         psid),         ("attributes",  dword),     ]  class token_user(structure):     _fields_ = [         ("user", sid_and_attributes),]  tokenprivs = (winappdbg.win32.token_query | winappdbg.win32.token_read | winappdbg.win32.token_impersonate | winappdbg.win32.token_query_source | winappdbg.win32.token_duplicate | winappdbg.win32.token_assign_primary) hprocess = winappdbg.win32.openprocess(winappdbg.win32.process_query_information, false, winappdbg.win32.getcurrentprocessid()) htoken = winappdbg.win32.openprocesstoken(hprocess, desiredaccess = tokenprivs)  tokeninformation = token_user() dwlength = dword(0) windll.advapi32.gettokeninformation(htoken, winappdbg.win32.tokenuser, byref(tokeninformation), sizeof(token_user), byref(dwlength)) print tokeninformation.user.sid

p.s. i'm aware win32security.gettokeninformation exists. want use ctypes because of real process handlers.

edit:

working code:

import winappdbg ctypes import *  lpvoid = c_void_p pvoid = lpvoid psid = pvoid dword = c_uint32  class sid_and_attributes(structure):     _fields_ = [         ("sid",         psid),         ("attributes",  dword),     ]  class token_user(structure):     _fields_ = [         ("user", sid_and_attributes),]  tokenprivs = (winappdbg.win32.token_query | winappdbg.win32.token_read | winappdbg.win32.token_impersonate | winappdbg.win32.token_query_source | winappdbg.win32.token_duplicate | winappdbg.win32.token_assign_primary) hprocess = winappdbg.win32.openprocess(winappdbg.win32.process_query_information, false, winappdbg.win32.getcurrentprocessid()) htoken = winappdbg.win32.openprocesstoken(hprocess, desiredaccess = tokenprivs)  dwsize = dword(0) pstringsid = winappdbg.win32.lpstr()  windll.advapi32.gettokeninformation(htoken, winappdbg.win32.tokenuser, none, 0, byref(dwsize))  address = windll.kernel32.localalloc(0x0040, dwsize) print "address: " + str(address)  windll.advapi32.gettokeninformation(htoken, winappdbg.win32.tokenuser, address, dwsize, byref(dwsize)) print formaterror(getlasterror())  ptoken_user = cast(address, pointer(token_user))  windll.advapi32.convertsidtostringsida(ptoken_user.contents.user.sid, byref(pstringsid)) print "sid: " + pstringsid.value

although query token information class tokenuser stores token_user structure in target buffer, not contain required information itself. can see in structure's documentation, contains sid_and_attributes structure, in turn contains pointer sid , integer flags.

if added more error checking, see call gettokeninformation() not succeed, reported error code error_insufficient_buffer (122) , dwlength set 36 (definitely more sizeof(token_user), 8).

apparently function wants enough space in target buffer store sid itself, point data documented output structure token_user.

i don't know ctypes much, need create output buffer real buffer/array instead of structure, , perform casting on data. can either take easy way , create buffer large enough on first try, or call function twice, first required buffer length, second fill it.


Comments

Post a Comment

Popular posts from this blog

java - How to specify maven bin in eclipse maven plugin? -

i have eclipse maven plugin coming on centos. how can execute maven command on linx like: mvn clean package [abigail@localhost ~]$ mvn bash: mvn: command not found how should specify path executable of maven plugin in eclipse? or have install maven seperately? thanks. eclipse (m2e) have bundled central parts of maven inside eclipse plugin, why not detected, , not usable. investigation find correct way bootstrap it, have create launcher file manually. if want run maven outside of eclipse, far better off standalone version of maven. mvn command bootstrap maven runtime system correctly, , secondly, able use advice concerning use of maven. maven binaries quite stable, wouldn't need upgrade upgrade eclipse. you can subsequently switch eclipse use external installation if prefer.
Read more

single sign on - Logging into Plone site with credentials passed through HTTP -

i using plone 4.3.3 , new plone development. here trying achieve: i have site going redirect plone site. in http url line redirects plone site pass username whereas plone site should automatically log user username in without asking credentials password. not care safety or encryption @ point. how achieve that? (i guess need somehow modify existing login view, how do that?) thanks. i had same problem , @ end i've developed own pas plugin. i've followed next steps: create pas plugin implement extractcredentials method following this example implement authenticatecredentials method following this example add plugin develop section in build.conf. start plone , open zope console. go acl_users folder , add plugin pas system there examples here can use templates.
Read more

php - Why does AJAX not process login form? -

i writing simple login script in php form. can't work. there wrong ajax. when click submit button doesn't anything. this login html form: <form id="login_form"> <input type="text" class="input_field" name="username" id="username" value="gebruikersnaam" onclick="if(value=='gebruikersnaam'){ this.value='' }"/> <input type="password" class="input_field" name="password" id="password"/> <input type="submit" class="login_button" id="login_button" value="ga door"/> </form> this ajax: $(document).ready(function(){ $("#login_form").submit(function() { $.ajax({ type: "post", url: 'php/login_check.php', data: $("#login_form").serialize(), // serializes form...
Read more