Problem taking ownership of folder...

delphi package - easy access to security apis
Post Reply
badhabit
Posts: 3
Joined: Mon Jun 05, 2006 10:09 am
Location: Aalborg, Denmark

Problem taking ownership of folder...

Post by badhabit »

Hi,

I'm trying to take ownership of a directory, but i'm getting Access denied even though i'm administrator of the system...?

I'm executing the following code:

Code: Select all

var
  ISecObj: ISecurityObject;
  DirPath: string;
begin
  DirPath:='C:\SomeDir\';
  ISecObj:=FileSecurity(DirPath);
  ISecObj.Owner := CurrentUser;
  ShowMessage(ISecObj.LastErrorStr);
end;
If i browse to C:\ and open the security settings for the directory "somedir" i can take ownership of the folder. But the above codes fails with access denied....any clues?

Thanks for some great components!

Best Regards
Thomas Eg Jørgensen
Denmark
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

Try running the following code before you execute the madSecurity code. The code will simply enable all privileges your current user has. By default not all privileges are enabled, although you have them.

Code: Select all

procedure EnableAllPrivileges;
type TTokenPrivileges = record
       PrivilegeCount : dword;
       Privileges     : array [0..maxInt shr 4 - 1] of TLUIDAndAttributes;
     end;
var c1, c2 : dword;
    i1     : integer;
    ptp    : ^TTokenPrivileges;
    backup, restore : int64;
begin
  if OpenProcessToken(windows.GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, c1) then
    try
      c2 := 0;
      GetTokenInformation(c1, TokenPrivileges, nil, 0, c2);
      if c2 <> 0 then begin
        ptp := pointer(LocalAlloc(LPTR, c2 * 2));
        if GetTokenInformation(c1, TokenPrivileges, ptp, c2 * 2, c2) then begin
          // enabling backup/restore privileges breaks Explorer's Samba support
          if not LookupPrivilegeValue(nil, pchar(DecryptStr(CSeBackupPrivilege )), backup ) then backup  := 0;
          if not LookupPrivilegeValue(nil, pchar(DecryptStr(CSeRestorePrivilege)), restore) then restore := 0;
          for i1 := 0 to integer(ptp^.PrivilegeCount) - 1 do
            if (ptp^.Privileges[i1].Luid <> backup ) and
               (ptp^.Privileges[i1].Luid <> restore) then
              ptp^.Privileges[i1].Attributes := ptp^.Privileges[i1].Attributes or SE_PRIVILEGE_ENABLED;
          AdjustTokenPrivileges(c1, false, PTokenPrivileges(ptp)^, c2, PTokenPrivileges(nil)^, cardinal(pointer(nil)^));
        end;
        LocalFree(dword(ptp));
      end;
    finally CloseHandle(c1) end;
end;
badhabit
Posts: 3
Joined: Mon Jun 05, 2006 10:09 am
Location: Aalborg, Denmark

Post by badhabit »

Hi!

...and thanks...

But I can't figure out how to make my compiler accept "CSeBackupPrivilege" and "CSeRestorePrivilege"...? Are my uses clause incomplete or?

Thanks!

/Thomas
badhabit
Posts: 3
Joined: Mon Jun 05, 2006 10:09 am
Location: Aalborg, Denmark

Post by badhabit »

madshi wrote:Try running the following code before you execute the madSecurity code. The code will simply enable all privileges your current user has. By default not all privileges are enabled, although you have them.

Code: Select all

procedure EnableAllPrivileges;
type TTokenPrivileges = record
       PrivilegeCount : dword;
       Privileges     : array [0..maxInt shr 4 - 1] of TLUIDAndAttributes;
     end;
var c1, c2 : dword;
    i1     : integer;
    ptp    : ^TTokenPrivileges;
    backup, restore : int64;
begin
  if OpenProcessToken(windows.GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, c1) then
    try
      c2 := 0;
      GetTokenInformation(c1, TokenPrivileges, nil, 0, c2);
      if c2 <> 0 then begin
        ptp := pointer(LocalAlloc(LPTR, c2 * 2));
        if GetTokenInformation(c1, TokenPrivileges, ptp, c2 * 2, c2) then begin
          // enabling backup/restore privileges breaks Explorer's Samba support
          if not LookupPrivilegeValue(nil, pchar(DecryptStr(CSeBackupPrivilege )), backup ) then backup  := 0;
          if not LookupPrivilegeValue(nil, pchar(DecryptStr(CSeRestorePrivilege)), restore) then restore := 0;
          for i1 := 0 to integer(ptp^.PrivilegeCount) - 1 do
            if (ptp^.Privileges[i1].Luid <> backup ) and
               (ptp^.Privileges[i1].Luid <> restore) then
              ptp^.Privileges[i1].Attributes := ptp^.Privileges[i1].Attributes or SE_PRIVILEGE_ENABLED;
          AdjustTokenPrivileges(c1, false, PTokenPrivileges(ptp)^, c2, PTokenPrivileges(nil)^, cardinal(pointer(nil)^));
        end;
        LocalFree(dword(ptp));
      end;
    finally CloseHandle(c1) end;
end;
If i change the code to the following where i removed the "DecryptStr()" and replaced the CSe* with a string of almost the same name(found the name in winnt.h)...:

Code: Select all

procedure EnableAllPrivileges;
type TTokenPrivileges = record
       PrivilegeCount : dword;
       Privileges     : array [0..maxInt shr 4 - 1] of TLUIDAndAttributes;
     end;
var c1, c2 : dword;
    i1     : integer;
    ptp    : ^TTokenPrivileges;
    backup, restore : int64;
begin
  if OpenProcessToken(windows.GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, c1) then
    try
      c2 := 0;
      GetTokenInformation(c1, TokenPrivileges, nil, 0, c2);
      if c2 <> 0 then begin
        ptp := pointer(LocalAlloc(LPTR, c2 * 2));
        if GetTokenInformation(c1, TokenPrivileges, ptp, c2 * 2, c2) then begin
          // enabling backup/restore privileges breaks Explorer's Samba support
          if not LookupPrivilegeValue(nil, pchar('SeBackupPrivilege'), backup ) then backup  := 0;
          if not LookupPrivilegeValue(nil, pchar('SeRestorePrivilege'), restore) then restore := 0;
          for i1 := 0 to integer(ptp^.PrivilegeCount) - 1 do
            if (ptp^.Privileges[i1].Luid <> backup ) and
               (ptp^.Privileges[i1].Luid <> restore) then
              ptp^.Privileges[i1].Attributes := ptp^.Privileges[i1].Attributes or SE_PRIVILEGE_ENABLED;
          AdjustTokenPrivileges(c1, false, PTokenPrivileges(ptp)^, c2, PTokenPrivileges(nil)^, cardinal(pointer(nil)^));
        end;
        LocalFree(dword(ptp));
      end;
    finally CloseHandle(c1) end;
end;
...it seems to be working!
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

Ah sorry, I copied this code from my internal units and forgot to remove the DecryptStr stuff.
Arksole Hoax
Posts: 211
Joined: Sat May 08, 2004 11:41 am

Post by Arksole Hoax »

@madshi

what is the purpose of encrypting the string?
does it get a false positive from av's or does it have its
own reason?
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

It's meant to make strings invisible in a hex editor.
Post Reply