Recent

Author Topic: set Desktop ACL  (Read 3512 times)

fpc2pas

  • New Member
  • *
  • Posts: 27
set Desktop ACL
« on: October 13, 2021, 05:34:48 pm »
Hi folks

I am trying to interact with another logged-on user's process such as a CMD, I am using token impersonation which we all know how to do, it is not a problem.

what I am facing is the created process displayed black and empty due to DACL issues, there is a punch of scripts written in PowerShell to do that but I want to implement it using Pascal.

for your reference, you have a look into these two scripts to get a clear idea. and there is also an outdated Delphi version but doesn't work and many errors in Lazarus.

https://github.com/checkymander/HackSql/blob/master/Set-DesktopACLs.ps1
https://raw.githubusercontent.com/checkymander/HackSql/master/Set-DesktopACLToAllowEveryone.ps1

fpc2pas

  • New Member
  • *
  • Posts: 27
Re: set Desktop ACL
« Reply #1 on: October 13, 2021, 05:35:38 pm »
here also a another Delphi ref : http://rsdn.org/forum/delphi/1698565.all but not compatible with Lazarus

jamie

  • Hero Member
  • *****
  • Posts: 5051
Re: set Desktop ACL
« Reply #2 on: October 13, 2021, 07:43:15 pm »
here also a another Delphi ref : http://rsdn.org/forum/delphi/1698565.all but not compatible with Lazarus

Ok, with a little online searching for constants and corrects for fpc, i got it to compile but I didn't test it.

Was that the problem?
The only true wisdom is knowing you know nothing

fpc2pas

  • New Member
  • *
  • Posts: 27
Re: set Desktop ACL
« Reply #3 on: October 14, 2021, 02:06:56 pm »
here also a another Delphi ref : http://rsdn.org/forum/delphi/1698565.all but not compatible with Lazarus

Ok, with a little online searching for constants and corrects for fpc, i got it to compile but I didn't test it.

Was that the problem?

oh i was having many errors while compiling the src, such as in these lines

// Add the ACE to the new ACL.
          if not AddAce(pNewAcl^, ACL_REVISION, MAXDWORD, pTempAce, pTempAce.AceSize) then

also was having errors in these
if not GetAclInformation(pdacl^, @aclSizeInfo, SizeOf(ACL_SIZE_INFORMATION), AclSizeInformation) then
but while change into pdacl value , it fixed it but still errors in pTempAce.Acesize and other longbool values, maybe some probelms in constrains, do you mind share yours modifications?

Thanks

jamie

  • Hero Member
  • *****
  • Posts: 5051
Re: set Desktop ACL
« Reply #4 on: October 14, 2021, 02:23:18 pm »
ok ,i just put the complete project in zip, its a little large for a eye ball shot.
The only true wisdom is knowing you know nothing

fpc2pas

  • New Member
  • *
  • Posts: 27
Re: set Desktop ACL
« Reply #5 on: October 14, 2021, 03:38:19 pm »
ok ,i just put the complete project in zip, its a little large for a eye ball shot.

thanks compiling is okay, but I think the code is not compatible for newer windows as access violation occurred, I am not sure where is the problem. if you have some env to try kindly forward your result
 

jamie

  • Hero Member
  • *****
  • Posts: 5051
Re: set Desktop ACL
« Reply #6 on: October 15, 2021, 04:16:44 pm »
I am not on a PC atm with multiple users so its hard for me to do this..

If you could use the debugger to step trace to which procedure is failing and let me know I can look at the code.
The only true wisdom is knowing you know nothing

fpc2pas

  • New Member
  • *
  • Posts: 27
Re: set Desktop ACL
« Reply #7 on: October 16, 2021, 04:35:11 am »
I am not on a PC atm with multiple users so its hard for me to do this..

If you could use the debugger to step trace to which procedure is failing and let me know I can look at the code.
thank you i understand that, i think the access violation happens on starting of this function
function AddAceToWindowStation(hwinsta: HWINSTA; psid: PSID): Boolean;
something like lLengthSidAsUnicodeString access violation

 

TinyPortal © 2005-2018