15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "sandbox/win/src/restricted_token_utils.h" 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "sandbox/win/tools/finder/finder.h" 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define PARAM_IS(y) (argc > i) && (_wcsicmp(argv[i], y) == 0) 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void PrintUsage(wchar_t *application_name) { 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wprintf(L"\n\nUsage: \n %ls --token type --object ob1 [ob2 ob3] " 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) L"--access ac1 [ac2 ac3] [--log filename]", application_name); 135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wprintf(L"\n\n Token Types : \n\tLOCKDOWN \n\tRESTRICTED " 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) L"\n\tLIMITED_USER \n\tINTERACTIVE_USER \n\tNON_ADMIN \n\tUNPROTECTED"); 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wprintf(L"\n Object Types: \n\tREG \n\tFILE \n\tKERNEL"); 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wprintf(L"\n Access Types: \n\tR \n\tW \n\tALL"); 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wprintf(L"\n\nSample: \n %ls --token LOCKDOWN --object REG FILE KERNEL " 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) L"--access R W ALL", application_name); 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)int wmain(int argc, wchar_t* argv[]) { 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Extract the filename from the path. 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wchar_t *app_name = wcsrchr(argv[0], L'\\'); 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!app_name) { 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) app_name = argv[0]; 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) app_name++; 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // parameters to read 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ATL::CString log_file; 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) sandbox::TokenLevel token_type = sandbox::USER_LOCKDOWN; 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DWORD object_type = 0; 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DWORD access_type = 0; 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // no arguments 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (argc == 1) { 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrintUsage(app_name); 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return -1; 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // parse command line. 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) for (int i = 1; i < argc; ++i) { 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (PARAM_IS(L"--token")) { 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) i++; 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (argc > i) { 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (PARAM_IS(L"LOCKDOWN")) { 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) token_type = sandbox::USER_LOCKDOWN; 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"RESTRICTED")) { 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) token_type = sandbox::USER_RESTRICTED; 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"LIMITED_USER")) { 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) token_type = sandbox::USER_LIMITED; 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"INTERACTIVE_USER")) { 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) token_type = sandbox::USER_INTERACTIVE; 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"NON_ADMIN")) { 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) token_type = sandbox::USER_NON_ADMIN; 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"USER_RESTRICTED_SAME_ACCESS")) { 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) token_type = sandbox::USER_RESTRICTED_SAME_ACCESS; 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"UNPROTECTED")) { 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) token_type = sandbox::USER_UNPROTECTED; 615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wprintf(L"\nAbord. Invalid token type \"%ls\"", argv[i]); 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrintUsage(app_name); 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return -1; 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"--object")) { 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool is_object = true; 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) do { 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) i++; 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (PARAM_IS(L"REG")) { 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) object_type |= kScanRegistry; 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"FILE")) { 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) object_type |= kScanFileSystem; 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"KERNEL")) { 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) object_type |= kScanKernelObjects; 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) is_object = false; 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } while(is_object); 815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) i--; 825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"--access")) { 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool is_access = true; 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) do { 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) i++; 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (PARAM_IS(L"R")) { 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) access_type |= kTestForRead; 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"W")) { 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) access_type |= kTestForWrite; 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"ALL")) { 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) access_type |= kTestForAll; 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) is_access = false; 945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } while(is_access); 965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) i--; 975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (PARAM_IS(L"--log")) { 985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) i++; 995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (argc > i) { 1005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) log_file = argv[i]; 1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) else { 1035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wprintf(L"\nAbord. No log file specified"); 1045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrintUsage(app_name); 1055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return -1; 1065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wprintf(L"\nAbord. Unrecognized parameter \"%ls\"", argv[i]); 1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrintUsage(app_name); 1105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return -1; 1115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // validate parameters 1155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (0 == access_type) { 1165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wprintf(L"\nAbord, Access type not specified"); 1175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrintUsage(app_name); 1185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return -1; 1195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (0 == object_type) { 1225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wprintf(L"\nAbord, Object type not specified"); 1235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrintUsage(app_name); 1245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return -1; 1255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Open log file 1295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) FILE * file_output; 1305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (log_file.GetLength()) { 1315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) errno_t err = _wfopen_s(&file_output, log_file, L"w"); 1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (err) { 1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wprintf(L"\nAbord, Cannot open file \"%ls\"", log_file.GetBuffer()); 1345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return -1; 1355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 1375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) file_output = stdout; 1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Finder finder_obj; 1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) finder_obj.Init(token_type, object_type, access_type, file_output); 1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) finder_obj.Scan(); 1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) fclose(file_output); 1455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return 0; 1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 148