windows核心编程-windows完整性机制
来源:互联网 发布:对讲机写频软件 编辑:程序博客网 时间:2024/06/01 09:35
进程的内核对象是等着别人拿着令牌访问我们的
令牌是我们拿着令牌区访问别人的内核对象的,与别的安全描述符权限比较
windows完整性机制:是对windows安全授权的一个补充
安全模块在拿token和安全描述符SECURITY_DESCRIPTOR比照之前,还会做一个完整性检查的工作
完整性等级低的不能访问完整性等级高的,如果没有设置,内核对象会设置默认的完整性等级medium。
让进程在一个低完整性等级下运行。
BOOL GetProcessIntegrityLevel(HANDLE hProcess, PDWORD pIntegrityLevel,
PDWORD pPolicy, PDWORD pResourceIntegrityLevel, PDWORD pResourcePolicy){}
pIntegrityLevel:完整性等级,高的完整性等级是3000,中的是2000......
pPolicy:策略等级
- TOKEN_MANDATORY_POLICY_OFF
- 0x0
No mandatory integrity policy is enforced for the token.
- TOKEN_MANDATORY_POLICY_NO_WRITE_UP
- 0x1
A process associated with the token cannot write to objects that have a greater mandatory integrity level.
- TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN
- 0x2
A process created with the token has an integrity level that is the lesser of the parent-process integrity level and the executable-file integrity level.
- TOKEN_MANDATORY_POLICY_VALID_MASK
- 0x3
A combination of TOKEN_MANDATORY_POLICY_NO_WRITE_UP andTOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN.
#include<windows.h>#include<tchar.h>#include"Aclapi.h"BOOL GetProcessIntegrityLevel(HANDLE hProcess, PDWORD pIntegrityLevel,PDWORD pPolicy, PDWORD pResourceIntegrityLevel, PDWORD pResourcePolicy) {HANDLE hToken = NULL;if (!OpenProcessToken(hProcess, TOKEN_READ, &hToken)) {return(FALSE);}BOOL bReturn = FALSE;// First, compute the size of the buffer to get the Integrity levelDWORD dwNeededSize = 0;if (!GetTokenInformation(hToken, TokenIntegrityLevel, NULL, 0, &dwNeededSize)) {PTOKEN_MANDATORY_LABEL pTokenInfo = NULL;if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) {// Second, allocate a memory block with the the required size pTokenInfo = (PTOKEN_MANDATORY_LABEL)LocalAlloc(0, dwNeededSize);if (pTokenInfo != NULL) {// And finally, ask for the integrity levelif (GetTokenInformation(hToken, TokenIntegrityLevel, pTokenInfo,dwNeededSize, &dwNeededSize)) {*pIntegrityLevel =*GetSidSubAuthority(pTokenInfo->Label.Sid,(*GetSidSubAuthorityCount(pTokenInfo->Label.Sid) - 1));bReturn = TRUE;}// Don't forget to free the memoryLocalFree(pTokenInfo);}}}// Try to get the policy if the integrity level was availableif (bReturn) {*pPolicy = TOKEN_MANDATORY_POLICY_OFF;dwNeededSize = sizeof(DWORD);GetTokenInformation(hToken, TokenMandatoryPolicy, pPolicy,dwNeededSize, &dwNeededSize);}// Look for the resource policy*pResourceIntegrityLevel = 0; // 0 means none explicitely set*pResourcePolicy = 0;PACL pSACL = NULL;PSECURITY_DESCRIPTOR pSD = NULL;DWORD dwResult = ERROR_SUCCESS;// Look for the no-read-up/no-write-up policy in the SACLif (hToken != NULL) {dwResult =GetSecurityInfo(hProcess, SE_KERNEL_OBJECT,LABEL_SECURITY_INFORMATION,NULL, NULL, NULL,&pSACL, &pSD);if (dwResult == ERROR_SUCCESS) {if (pSACL != NULL) {SYSTEM_MANDATORY_LABEL_ACE* pACE = NULL;if ((pSACL->AceCount > 0) && (GetAce(pSACL, 0, (PVOID*)&pACE))) {if (pACE != NULL) {SID* pSID = (SID*)(&pACE->SidStart);*pResourceIntegrityLevel = pSID->SubAuthority[0];*pResourcePolicy = pACE->Mask;}}}}// Cleanup memory allocated on our behalfif (pSD != NULL) LocalFree(pSD);}// Don't forget to close the token handle.CloseHandle(hToken);return(bReturn);}int _tmain(){DWORD IntergrityLevel,Policy,ResourceIntegrityLevel,ResourcePolicy;/*第一个参数,是进程句柄第二到第五个参数,是四个DWORD类型的指针*/GetProcessIntegrityLevel(GetCurrentProcess(),&IntergrityLevel,&Policy,&ResourceIntegrityLevel,&ResourcePolicy);_tprintf(L"IntegrityLevel=%0x\n", IntergrityLevel);_tprintf(L"Policy=%0x\n", Policy);_tprintf(L"ResourceIntegrityLevel=%0x\n", ResourceIntegrityLevel);_tprintf(L"ResourcePolicy=%0x\n", ResourcePolicy);_gettchar();return 0;}
完整性等级为medium,策略等级是3
- windows核心编程-windows完整性机制
- windows核心编程心解--错误机制
- [Windows核心编程] 谈谈Windows中的错误处理机制
- 【Windows 核心编程】Windows 核心编程 -- 进程
- 【Windows核心编程】Windows核心编程 -- 作业
- 《Windows核心编程》---Windows服务
- 《Windows核心编程》---Windows服务
- 《Windows核心编程》---Windows服务
- Windows核心编程(三)
- windows核心编程--字符集
- windows核心编程--进程
- windows核心编程--作业
- windows核心编程--线程
- windows核心编程--纤程
- windows核心编程--精华
- windows核心编程--纤程
- windows核心编程 十年磨剑
- windows 核心编程 线程
- Java使用uploadify文件上传出现HTTP404
- hadoop一些入门小知识点儿(命令)
- 山寨新闻网之使用Python爬取网易科技
- LeetCode-Q1-TwoSum
- UML学习(一)-----用例图
- windows核心编程-windows完整性机制
- Hibernate
- 异步与回调
- 训练Cifar10网络时,遇到训练结果始终Accuracy不变,Loss=87.33的情况
- [__NSCFNumber length]: unrecognized selector sent to instance
- order by 和 group by的区别
- QT5.7在VS2015中的使用(1)
- PHP生成一张含有二维码的图片(文章末尾附代码下载链接)
- [生存志] 第54节 武经七书司马法