Page 1 of 1

Problem taking ownership of folder...

Posted: Mon Jun 05, 2006 10:15 am
by badhabit
Hi,

I'm trying to take ownership of a directory, but i'm getting Access denied even though i'm administrator of the system...?

I'm executing the following code:

Code: Select all

var
  ISecObj: ISecurityObject;
  DirPath: string;
begin
  DirPath:='C:\SomeDir\';
  ISecObj:=FileSecurity(DirPath);
  ISecObj.Owner := CurrentUser;
  ShowMessage(ISecObj.LastErrorStr);
end;
If i browse to C:\ and open the security settings for the directory "somedir" i can take ownership of the folder. But the above codes fails with access denied....any clues?

Thanks for some great components!

Best Regards
Thomas Eg Jørgensen
Denmark

Posted: Tue Jun 06, 2006 4:05 pm
by madshi
Try running the following code before you execute the madSecurity code. The code will simply enable all privileges your current user has. By default not all privileges are enabled, although you have them.

Code: Select all

procedure EnableAllPrivileges;
type TTokenPrivileges = record
       PrivilegeCount : dword;
       Privileges     : array [0..maxInt shr 4 - 1] of TLUIDAndAttributes;
     end;
var c1, c2 : dword;
    i1     : integer;
    ptp    : ^TTokenPrivileges;
    backup, restore : int64;
begin
  if OpenProcessToken(windows.GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, c1) then
    try
      c2 := 0;
      GetTokenInformation(c1, TokenPrivileges, nil, 0, c2);
      if c2 <> 0 then begin
        ptp := pointer(LocalAlloc(LPTR, c2 * 2));
        if GetTokenInformation(c1, TokenPrivileges, ptp, c2 * 2, c2) then begin
          // enabling backup/restore privileges breaks Explorer's Samba support
          if not LookupPrivilegeValue(nil, pchar(DecryptStr(CSeBackupPrivilege )), backup ) then backup  := 0;
          if not LookupPrivilegeValue(nil, pchar(DecryptStr(CSeRestorePrivilege)), restore) then restore := 0;
          for i1 := 0 to integer(ptp^.PrivilegeCount) - 1 do
            if (ptp^.Privileges[i1].Luid <> backup ) and
               (ptp^.Privileges[i1].Luid <> restore) then
              ptp^.Privileges[i1].Attributes := ptp^.Privileges[i1].Attributes or SE_PRIVILEGE_ENABLED;
          AdjustTokenPrivileges(c1, false, PTokenPrivileges(ptp)^, c2, PTokenPrivileges(nil)^, cardinal(pointer(nil)^));
        end;
        LocalFree(dword(ptp));
      end;
    finally CloseHandle(c1) end;
end;

Posted: Wed Jun 07, 2006 7:25 am
by badhabit
Hi!

...and thanks...

But I can't figure out how to make my compiler accept "CSeBackupPrivilege" and "CSeRestorePrivilege"...? Are my uses clause incomplete or?

Thanks!

/Thomas

Posted: Wed Jun 07, 2006 8:30 am
by badhabit
madshi wrote:Try running the following code before you execute the madSecurity code. The code will simply enable all privileges your current user has. By default not all privileges are enabled, although you have them.

Code: Select all

procedure EnableAllPrivileges;
type TTokenPrivileges = record
       PrivilegeCount : dword;
       Privileges     : array [0..maxInt shr 4 - 1] of TLUIDAndAttributes;
     end;
var c1, c2 : dword;
    i1     : integer;
    ptp    : ^TTokenPrivileges;
    backup, restore : int64;
begin
  if OpenProcessToken(windows.GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, c1) then
    try
      c2 := 0;
      GetTokenInformation(c1, TokenPrivileges, nil, 0, c2);
      if c2 <> 0 then begin
        ptp := pointer(LocalAlloc(LPTR, c2 * 2));
        if GetTokenInformation(c1, TokenPrivileges, ptp, c2 * 2, c2) then begin
          // enabling backup/restore privileges breaks Explorer's Samba support
          if not LookupPrivilegeValue(nil, pchar(DecryptStr(CSeBackupPrivilege )), backup ) then backup  := 0;
          if not LookupPrivilegeValue(nil, pchar(DecryptStr(CSeRestorePrivilege)), restore) then restore := 0;
          for i1 := 0 to integer(ptp^.PrivilegeCount) - 1 do
            if (ptp^.Privileges[i1].Luid <> backup ) and
               (ptp^.Privileges[i1].Luid <> restore) then
              ptp^.Privileges[i1].Attributes := ptp^.Privileges[i1].Attributes or SE_PRIVILEGE_ENABLED;
          AdjustTokenPrivileges(c1, false, PTokenPrivileges(ptp)^, c2, PTokenPrivileges(nil)^, cardinal(pointer(nil)^));
        end;
        LocalFree(dword(ptp));
      end;
    finally CloseHandle(c1) end;
end;
If i change the code to the following where i removed the "DecryptStr()" and replaced the CSe* with a string of almost the same name(found the name in winnt.h)...:

Code: Select all

procedure EnableAllPrivileges;
type TTokenPrivileges = record
       PrivilegeCount : dword;
       Privileges     : array [0..maxInt shr 4 - 1] of TLUIDAndAttributes;
     end;
var c1, c2 : dword;
    i1     : integer;
    ptp    : ^TTokenPrivileges;
    backup, restore : int64;
begin
  if OpenProcessToken(windows.GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, c1) then
    try
      c2 := 0;
      GetTokenInformation(c1, TokenPrivileges, nil, 0, c2);
      if c2 <> 0 then begin
        ptp := pointer(LocalAlloc(LPTR, c2 * 2));
        if GetTokenInformation(c1, TokenPrivileges, ptp, c2 * 2, c2) then begin
          // enabling backup/restore privileges breaks Explorer's Samba support
          if not LookupPrivilegeValue(nil, pchar('SeBackupPrivilege'), backup ) then backup  := 0;
          if not LookupPrivilegeValue(nil, pchar('SeRestorePrivilege'), restore) then restore := 0;
          for i1 := 0 to integer(ptp^.PrivilegeCount) - 1 do
            if (ptp^.Privileges[i1].Luid <> backup ) and
               (ptp^.Privileges[i1].Luid <> restore) then
              ptp^.Privileges[i1].Attributes := ptp^.Privileges[i1].Attributes or SE_PRIVILEGE_ENABLED;
          AdjustTokenPrivileges(c1, false, PTokenPrivileges(ptp)^, c2, PTokenPrivileges(nil)^, cardinal(pointer(nil)^));
        end;
        LocalFree(dword(ptp));
      end;
    finally CloseHandle(c1) end;
end;
...it seems to be working!

Posted: Wed Jun 07, 2006 8:59 am
by madshi
Ah sorry, I copied this code from my internal units and forgot to remove the DecryptStr stuff.

Posted: Wed Jun 07, 2006 9:59 am
by Arksole Hoax
@madshi

what is the purpose of encrypting the string?
does it get a false positive from av's or does it have its
own reason?

Posted: Wed Jun 07, 2006 10:15 am
by madshi
It's meant to make strings invisible in a hex editor.