forked from nick627/UserControl
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathGetUserInfo.cpp
More file actions
200 lines (179 loc) · 5.95 KB
/
GetUserInfo.cpp
File metadata and controls
200 lines (179 loc) · 5.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
#include "stdafx.h"
#include "LoadDll.h"
#include "ExternSymbols.h"
#include "GetUserInfo.h"
LSA_HANDLE GetPolicyHandle()
{
LSA_OBJECT_ATTRIBUTES ObjectAttributes;
NTSTATUS ntsResult;
LSA_HANDLE lsahPolicyHandle;
// Object attributes are reserved, so initialize to zeros.
ZeroMemory(&ObjectAttributes, sizeof(ObjectAttributes));
// Get a handle to the Policy object.
ntsResult = LsaOpenPolicyPtr(
NULL, //Name of the target system.
&ObjectAttributes, //Object attributes.
POLICY_ALL_ACCESS | POLICY_LOOKUP_NAMES | POLICY_CREATE_ACCOUNT, //Desired access permissions.
&lsahPolicyHandle //Receives the policy handle.
);
if (ntsResult != STATUS_SUCCESS)
{
// An error occurred. Display it as a win32 error code.
wprintf(L"OpenPolicy returned %lu\n", LsaNtStatusToWinErrorPtr(ntsResult));
return NULL;
}
return lsahPolicyHandle;
}
void Enumerate_Privileges(LPTSTR _user_name)
{
DWORD dwUserBuf = 256;
PSID userSID = NULL;
DWORD dwSID, dwDomainNameSize = 0;
BYTE bySidBuffer[1024];
LPTSTR chSID = NULL;
TCHAR chDomainName[256];
SID_NAME_USE snu;
LSA_HANDLE policy_handle = NULL;
PLSA_UNICODE_STRING pp_user_rights;
ULONG count_of_rights = 0;
userSID = (PSID)bySidBuffer;
dwSID = sizeof(bySidBuffer);
dwDomainNameSize = sizeof(chDomainName);
if (!LookupAccountNamePtr(NULL, (LPWSTR)_user_name, (PSID)userSID, (LPDWORD)&dwSID, (LPTSTR)chDomainName, (LPDWORD)&dwDomainNameSize, (PSID_NAME_USE)&snu))
{
wprintf(L"can't LookupAccountName\n");
return;
}
policy_handle = GetPolicyHandle();
if (!policy_handle)
{
wprintf(L"err\n");
return;
}
LsaEnumerateAccountRightsPtr(policy_handle, userSID, &pp_user_rights, &count_of_rights);
wprintf(L"\t Privileges:\n");
for (size_t i = 0; i < count_of_rights; i++)
{
wprintf(L"\t\t %s\n", pp_user_rights[i].Buffer);
}
}
void Get_User_Sid(LPTSTR _user_name)
{
DWORD dwUserBuf = 256;
PSID userSID = NULL;
DWORD dwSID, dwDomainNameSize = 0;
BYTE bySidBuffer[1024];
LPTSTR chSID = NULL;
TCHAR chDomainName[256];
SID_NAME_USE snu;
userSID = (PSID)bySidBuffer;
dwSID = sizeof(bySidBuffer);
dwDomainNameSize = sizeof(chDomainName);
if (!LookupAccountNamePtr(NULL, (LPWSTR)_user_name, (PSID)userSID, (LPDWORD)&dwSID, (LPTSTR)chDomainName, (LPDWORD)&dwDomainNameSize, (PSID_NAME_USE)&snu))
{
wprintf(L"can't LookupAccountName\n");
}
ConvertSidToStringSidPtr(userSID, &chSID);
wprintf(L"\t SID:\n\t\t%s\n", chSID);
LocalFree((HLOCAL)chSID);
}
void Enumerate_Users(LPTSTR _server_name)
{
LPUSER_INFO_0 pBuf = NULL;
LPUSER_INFO_0 pTmpBuf;
DWORD dwLevel = 0;
DWORD dwPrefMaxLen = MAX_PREFERRED_LENGTH;
DWORD dwEntriesRead = 0;
DWORD dwTotalEntries = 0;
DWORD dwResumeHandle = 0;
DWORD i;
DWORD dwTotalCount = 0;
NET_API_STATUS nStatus;
LPTSTR pszServerName = _server_name;
do // begin do
{
nStatus = NetUserEnumPtr((LPCWSTR)pszServerName,
dwLevel,
FILTER_NORMAL_ACCOUNT, // global users
(LPBYTE*)&pBuf,
dwPrefMaxLen,
&dwEntriesRead,
&dwTotalEntries,
&dwResumeHandle);
// If the call succeeds,
//
if ((nStatus == NERR_Success) || (nStatus == ERROR_MORE_DATA))
{
if ((pTmpBuf = pBuf) != NULL)
{
//
// Loop through the entries.
//
for (i = 0; (i < dwEntriesRead); i++)
{
assert(pTmpBuf != NULL);
if (pTmpBuf == NULL)
{
fprintf(stderr, "An access violation has occurred\n");
break;
}
//
// Print the name of the user account.
//
wprintf(L"\nUser name: %s\n", pTmpBuf->usri0_name);
Get_User_Sid(pTmpBuf->usri0_name);
Enumerate_Groups(pTmpBuf->usri0_name);
Enumerate_Privileges(pTmpBuf->usri0_name);
//
// Print the user groups.
//
pTmpBuf++;
dwTotalCount++;
}
}
}
// Otherwise, print the system error.
//
else
{
fprintf(stderr, "A system error has occurred: %d\n", nStatus);
}
if (pBuf != NULL)
{
NetApiBufferFreePtr(pBuf);
pBuf = NULL;
}
}
// Continue to call NetUserEnum while
// there are more entries.
//
while (nStatus == ERROR_MORE_DATA); // end do
// Check again for allocated memory.
if (pBuf != NULL)
{
NetApiBufferFreePtr(pBuf);
}
}
void Enumerate_Groups(LPWSTR _user_name)
{
LPBYTE buffer;
DWORD entries;
DWORD total_entries;
LOCALGROUP_USERS_INFO_0 *groups;
printf("\t local groups: \n");
NetUserGetLocalGroupsPtr(NULL, _user_name, 0, LG_INCLUDE_INDIRECT, &buffer, MAX_PREFERRED_LENGTH, &entries, &total_entries);
groups = (LOCALGROUP_USERS_INFO_0*)buffer;
for (int i = 0; i < entries; i++)
{
printf("\t\t%S\n", groups[i].lgrui0_name);
}
NetApiBufferFreePtr(buffer);
printf("\t global groups: \n");
NetUserGetGroupsPtr(NULL, _user_name, 0, &buffer, MAX_PREFERRED_LENGTH, &entries, &total_entries);
GROUP_USERS_INFO_0 *ggroups = (GROUP_USERS_INFO_0*)buffer;
for (int i = 0; i < entries; i++)
{
printf("\t\t%S\n", ggroups[i].grui0_name);
}
NetApiBufferFreePtr(buffer);
}