Leaderboard

Hi. I've been working on this for a while. I think now it's good enough to post it here. Functions to do most everything with the DACL and ownership on all types of objects: Files or folders, Registry keys, services, Kernel and WMI objects, etc. Here's a good example to test: #include 'Permissions.au3' _InitiatePermissionResources() FileWrite(@ScriptDir&'test.txt','Test') Local $TI = TimerInit() Local $ret = _DenyAllAccess(@ScriptDir&'test.txt',$SE_FILE_OBJECT,@UserName) Local $TD = TimerDiff($TI) MsgBox(0,'','Deny all access to test.txt and take ownership:'&@CRLF&@CRLF& _ '_DenyAllAccesss return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() $ret = _GrantReadAccess(@ScriptDir&'test.txt',$SE_FILE_OBJECT,'Administrators') $TD = TimerDiff($TI) MsgBox(0,'','Grant everyone read access, all access to admins and system, and set the owner: Admins group'&@CRLF&@CRLF& _ '_GrantReadAccesss return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() $ret = _GrantAllAccess(@ScriptDir&'test.txt') $TD = TimerDiff($TI) MsgBox(0,'','Grant everyone access'&@CRLF&@CRLF& _ '_GrantAllAccesss return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() $ret = _CopyFullDacl(@ScriptDir&'test.txt',$SE_FILE_OBJECT,@ScriptDir) $TD = TimerDiff($TI) MsgBox(0,'','Restore all inherited permissions'&@CRLF&@CRLF& _ '_CopyFullDacl return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() Local $aPerm[2][3] = [['Restricted',1,$GENERIC_ALL],['Users',1,$GENERIC_ALL]] $ret = _EditObjectPermissions(@ScriptDir&'test.txt',$aPerm) $TD = TimerDiff($TI) MsgBox(0,'','Add two granted access aces: Restricted and Users'&@CRLF&@CRLF& _ '_EditObjectPermissions return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() Dim $aPerm[2][3] = [['Restricted',1,$GENERIC_READ],['Users',1,$GENERIC_READ]] $ret = _EditObjectPermissions(@ScriptDir&'test.txt',$aPerm) $TD = TimerDiff($TI) MsgBox(0,'','Give only read access to the Restricted and Users groups'&@CRLF&@CRLF& _ '_EditObjectPermissions return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() Dim $aPerm[2][3] = [['Restricted',0,$GENERIC_ALL],['Users',0,$GENERIC_ALL]] $ret = _EditObjectPermissions(@ScriptDir&'test.txt',$aPerm) $TD = TimerDiff($TI) MsgBox(0,'','Deny access to the Restricted and Users groups'&@CRLF&@CRLF& _ '_EditObjectPermissions return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() Local $Hndl = _Permissions_OpenProcess(@AutoItPID) Local $SDBefore = _GetObjectStringSecurityDescriptor($Hndl,$SE_KERNEL_OBJECT) Local $CODRet = _ClearObjectDacl($Hndl,$SE_KERNEL_OBJECT) Local $DARet = _DenyAllAccess($Hndl,$SE_KERNEL_OBJECT) Local $SDAfter = _GetObjectStringSecurityDescriptor($Hndl,$SE_KERNEL_OBJECT) $TD = Round(TimerDiff($TI),2) MsgBox(0,'', 'Deny everyone access to the current process:'&@CRLF&@CRLF& _ '@AutoItPID original security descriptor: '&@CRLF&$SDBefore&@CRLF&@CRLF& _ '_ClearObjectDacl return value: '&$CODRet&@CRLF&@CRLF& _ '_DenyAllAccess_ return value: '&$DARet&@CRLF&@CRLF& _ 'New @AutoItPID security descriptor: '&@CRLF& _ $SDAfter&@CRLF&@CRLF& 'Time taken: '&$TD&' miliseconds.') _Permissions_CloseHandle($Hndl) FileDelete(@ScriptDir&'test.txt') _ClosePermissionResources()I'm planning to add functions to deal with the Sacl in the future, even though I don't think it's very important. Edit: Let me know if you need an example for the registry. Updated: Fixed a bug in the _ClearObjectDacl function. I thought that adding a null DACL would work fine, but it causes problems later when adding a new DACL. Those who have downloaded, please update. Shoot! Now it wasn't clearing the DACL at all. Updated again. I think it's fixed now. Updated 9/11/2011 - Added the security descriptor functions and removed unnecessary constants. Updated 10/11/2011 - There were some functions missing in the index, and some parameters in the comments. Also removed the "MustDeclareVars" option. (About 50 total downloads before) Update 12/12/2011 - Added more functions: New Update 12/12/2011 - Missing declaration keywords in 3 constants. Sorry Update 16/12/2011 - Added support for all object types, including window and process handles. Added more functions, modified most of them, and removed one. Here's the new function list: Updated 22/2/2012.. This time I'm including SecurityConstants.au3 and FileConstants.au3 to prevent constants conflicts. Added a few more functions and fixed a few bugs. Also added the ability to include the inherited aces in the _EditObjectPermissions function. Now the permissions array can have four elements (optional). It will still work with three elements arrays though. The fourth element is intended to have the inheritance flag for the corresponding ace. Here's the new list of functions: 400 previous downloads Permissions.au3

With _>ProcessGetPathEx, you can get the real full path of your running process. There is probably something easier... #include <Security.au3> #include <WinAPI.au3> #include <WinAPIInternals.au3> ; _SetDebugPriv() ; seems not necessary here $OldName = @AutoItExe While 1 $sProcessPath = _ProcessGetPathEx( @AutoItPID) If $OldName <> $sProcessPath Then MsgBox(0, "The program has been renamed", "The new name: " & $sProcessPath) $OldName = $sProcessPath EndIf Sleep(1000) WEnd Func _SetDebugPriv() Local $h_curproc = _WinAPI_GetCurrentProcess() Local $h_token = _Security__OpenProcessToken($h_curproc, _ BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY)) If Not $h_token Then Return SetError(2, 0, 0) EndIf Local $n_sdn = _Security__LookupPrivilegeValue("", $SE_DEBUG_NAME) Local $t_tokenpriv = DllStructCreate("dword;dword;long;dword") Local $p_tokenpriv = DllStructGetPtr($t_tokenpriv) DLLStructSetData($t_tokenpriv, 1, 1) DLLStructSetData($t_tokenpriv, 2, $n_sdn) DLLStructSetData($t_tokenpriv, 3, 0) DLLStructSetData($t_tokenpriv, 4, $SE_PRIVILEGE_ENABLED) Local $n_tokensize = DllStructGetSize($t_tokenpriv) Local $b_ret = _Security__AdjustTokenPrivileges($h_token, False, _ $p_tokenpriv, $n_tokensize) _WinAPI_CloseHandle($h_token) Return SetError(Not $b_ret, 0, $b_ret) EndFunc ; @param1 = process name or pid ; @param2 = default 0 = drive\etc format ; true = native system path format Func _ProcessGetPathEx($v_process, $b_native = 0) Local $i_pid = ProcessExists($v_process) If Not $i_pid Then ; process does not exist Return SetError(1, 0, "") EndIf Local $sz_filepath = "" ; are we working with anything less than vista? If __WINVER() < 0x0600 Then ; _WinAPI_GetProcessFileName seems misleading $sz_filepath = _WinAPI_GetProcessFileName($i_pid) Return SetError(@error, @extended, $sz_filepath) EndIf ; vista and above, should help with possible 64bit issues as well Local $h_k32 = DllOpen("Kernel32.dll") If @error Or Not $h_k32 Then ; could not open kernel32.dll Return SetError(2, 0, 0) EndIf Local Const $pgp_PROCESS_QUERY_LIMITED_INFORMATION = 0x1000 Local Const $pgp_PROCESS_QUERY_INFORMATION = 0x0400 Local Const $pgp_PROCESS_NAME_NATIVE = 0x00000001 ; open process with query info only Local $a_openprocess = DllCall($h_k32, "handle", "OpenProcess", _ "long", BitOR($pgp_PROCESS_QUERY_INFORMATION, _ $pgp_PROCESS_QUERY_LIMITED_INFORMATION), _ "int", 0, "long", $i_pid) Local $i_err = @error If $i_err Or Not IsArray($a_openprocess) Then DllClose($h_k32) ; error code from dllcall sent as extended Return SetError(3, $i_err, 0) EndIf Local $h_openproc = $a_openprocess[0] Local $n_native = $b_native ? $pgp_PROCESS_NAME_NATIVE : 0 Local $a_query = DllCall($h_k32, "bool", "QueryFullProcessImageNameW", _ "handle", $h_openproc, "dword", $n_native, "wstr", "", "int*", 4096) $i_err = @error If $i_err Or Not IsArray($a_query) Then DllClose($h_k32) ; error code from dllcall sent as extended Return SetError(4, $i_err, 0) EndIf _WinAPI_CloseHandle($h_openproc) DllClose($h_k32) ; return string length as extended Return SetError(0, $a_query[4], $a_query[3]) EndFunc

There are directory monitors on the forum that should suffice. Here's one: '?do=embed' frameborder='0' data-embedContent>>

Just tried and it is easily possible to rename an Exe while it is running. Though you can't delete the Exe while it is being executed.

TheAutomator, Interesting - it appears that you need to have an actionable control in the GUI for ESC to close it. I will investigate further. M23

So you have a method for doing it by hand? Can you list the steps involved? That might help us to better understand the problem and layout a general algorithm.

czardas, Not my intention to confuse. I just wanted to see the script response to an impossible request. I did write some code to make your code user friendly to someone wanting to generate perhaps lottery tickets. This works for me: #include <Array.au3> $num = InputBox ("Number of Integers", "How many unique random numbers do you want to generate?") $min = InputBox ("Minimum number", "What is the minimum random number to generate?") $max = InputBox ("Maximum number", "What is the maximum random number to generate?") If $max - $min +1 < $num Then MsgBox (1, "Impossible", "One cannot generate " & $num & " unique numbers between " & $min & " and " & $max) Exit EndIf Global $gaRandom = _RandomToArray($num, $min, $max); _RandomToArray(number of generated integers, minimum integer, maximum integer) _ArrayDisplay($gaRandom) ; Access the array elements. For $i = 0 to UBound($gaRandom) -1 ConsoleWrite($gaRandom[$i] & @CRLF) Next Func _RandomToArray($iCount, $iMin, $iMax) If $iCount < 1 Or $iMin > $iMax Then Return SetError(1, 0, 0) Local $iBound = $iMax - $iMin + 1 If $iBound < $iCount Then Return SetError(2, 0, 0) Local $aArray[$iBound] For $i = 0 to $iBound - 1 $aArray[$i] = $iMin + $i Next _ArrayShuffle($aArray) ReDim $aArray[$iCount] Return $aArray EndFunc Again, many thanks. I love the fact that I can come to this forum with a question and get it answered, or just to look around at the threads and pick up good ideas for current or future use. _aleph_

Just ran czardas's code from the trak ticket, I see it now... Again, thanks for your patience... kylomas

i still keep a copy of AutoIt 3.3.8.1 + full SciTE package, because there is a (luckily decreasing) number of scripts which i need to maintain Windows 2000 support for (3.3.8.1 was the last formal release to support Windows 2000 & Obfuscator). i'm totally with Jos here about compatibility issues, so i take great care in migrating my scripts to newer AutoIt version, and i will not upload the older versions to the forum. but i do have the installation packages, so, JFX, contact me by PM if you want it.