def dump_token(th):
    token_type=win32security.GetTokenInformation(th, win32security.TokenType)
    print('TokenType:', token_type, TOKEN_TYPE.lookup_name(token_type))
    if token_type==win32security.TokenImpersonation:
        imp_lvl=win32security.GetTokenInformation(th, win32security.TokenImpersonationLevel)
        print('TokenImpersonationLevel:', imp_lvl, SECURITY_IMPERSONATION_LEVEL.lookup_name(imp_lvl))

    print('TokenSessionId:', win32security.GetTokenInformation(th, win32security.TokenSessionId))

    privs=win32security.GetTokenInformation(th,win32security.TokenPrivileges)
    print('TokenPrivileges:')
    for priv_luid, priv_flags in privs:
        flag_names, unk=TOKEN_PRIVILEGE_ATTRIBUTES.lookup_flags(priv_flags)
        flag_desc = ' '.join(flag_names)
        if (unk):
            flag_desc += '(' + str(unk) + ')'

        priv_name=win32security.LookupPrivilegeName('',priv_luid)
        priv_desc=win32security.LookupPrivilegeDisplayName('',priv_name)
        print('\t', priv_name, priv_desc, priv_flags, flag_desc)

    print('TokenGroups:')
    groups=win32security.GetTokenInformation(th,win32security.TokenGroups)
    for group_sid, group_attr in groups:
        flag_names, unk=TOKEN_GROUP_ATTRIBUTES.lookup_flags(group_attr)
        flag_desc = ' '.join(flag_names)
        if (unk):
            flag_desc += '(' + str(unk) + ')'
        if group_attr & TOKEN_GROUP_ATTRIBUTES.SE_GROUP_LOGON_ID:
            sid_desc = 'Logon sid'
        else:
            sid_desc=win32security.LookupAccountSid('',group_sid)
        print('\t',group_sid, sid_desc, group_attr, flag_desc)

    ## Vista token information types, will throw (87, 'GetTokenInformation', 'The parameter is incorrect.') on earier OS
    try:
        is_elevated=win32security.GetTokenInformation(th, win32security.TokenElevation)
        print('TokenElevation:', is_elevated)
    except pywintypes.error as details:
        if details.winerror != winerror.ERROR_INVALID_PARAMETER:
            raise
        return None
    print('TokenHasRestrictions:', win32security.GetTokenInformation(th, win32security.TokenHasRestrictions))
    print('TokenMandatoryPolicy', win32security.GetTokenInformation(th, win32security.TokenMandatoryPolicy))   
    print('TokenVirtualizationAllowed:', win32security.GetTokenInformation(th, win32security.TokenVirtualizationAllowed))
    print('TokenVirtualizationEnabled:', win32security.GetTokenInformation(th, win32security.TokenVirtualizationEnabled))

    elevation_type = win32security.GetTokenInformation(th, win32security.TokenElevationType)        
    print('TokenElevationType:', elevation_type, TOKEN_ELEVATION_TYPE.lookup_name(elevation_type))
    if elevation_type!=win32security.TokenElevationTypeDefault:
        lt=win32security.GetTokenInformation(th, win32security.TokenLinkedToken)
        print('TokenLinkedToken:', lt)
    else:
        lt=None
    return lt
Exemple #2
0
def dump_token(th):
    token_type = win32security.GetTokenInformation(th, win32security.TokenType)
    print 'TokenType:', token_type, TOKEN_TYPE.lookup_name(token_type)
    if token_type == win32security.TokenImpersonation:
        imp_lvl = win32security.GetTokenInformation(
            th, win32security.TokenImpersonationLevel)
        print 'TokenImpersonationLevel:', imp_lvl, SECURITY_IMPERSONATION_LEVEL.lookup_name(
            imp_lvl)

    print 'TokenSessionId:', win32security.GetTokenInformation(
        th, win32security.TokenSessionId)

    privs = win32security.GetTokenInformation(th,
                                              win32security.TokenPrivileges)
    print 'TokenPrivileges:'
    for priv_luid, priv_flags in privs:
        flag_names, unk = TOKEN_PRIVILEGE_ATTRIBUTES.lookup_flags(priv_flags)
        flag_desc = ' '.join(flag_names)
        if (unk):
            flag_desc += '(' + str(unk) + ')'

        priv_name = win32security.LookupPrivilegeName('', priv_luid)
        priv_desc = win32security.LookupPrivilegeDisplayName('', priv_name)
        print '\t', priv_name, priv_desc, priv_flags, flag_desc

    print 'TokenGroups:'
    groups = win32security.GetTokenInformation(th, win32security.TokenGroups)
    for group_sid, group_attr in groups:
        flag_names, unk = TOKEN_GROUP_ATTRIBUTES.lookup_flags(group_attr)
        flag_desc = ' '.join(flag_names)
        if (unk):
            flag_desc += '(' + str(unk) + ')'
        if group_attr & TOKEN_GROUP_ATTRIBUTES.SE_GROUP_LOGON_ID:
            sid_desc = 'Logon sid'
        else:
            sid_desc = win32security.LookupAccountSid('', group_sid)
        print '\t', group_sid, sid_desc, group_attr, flag_desc

    ## Vista token information types, will throw (87, 'GetTokenInformation', 'The parameter is incorrect.') on earier OS
    try:
        is_elevated = win32security.GetTokenInformation(
            th, win32security.TokenElevation)
        print 'TokenElevation:', is_elevated
    except pywintypes.error, details:
        if details.winerror != winerror.ERROR_INVALID_PARAMETER:
            raise
        return None
def dump_token(th):
    token_type=win32security.GetTokenInformation(th, win32security.TokenType)
    print 'TokenType:', token_type, TOKEN_TYPE.lookup_name(token_type)
    if token_type==win32security.TokenImpersonation:
        imp_lvl=win32security.GetTokenInformation(th, win32security.TokenImpersonationLevel)
        print 'TokenImpersonationLevel:', imp_lvl, SECURITY_IMPERSONATION_LEVEL.lookup_name(imp_lvl)

    print 'TokenSessionId:', win32security.GetTokenInformation(th, win32security.TokenSessionId)

    privs=win32security.GetTokenInformation(th,win32security.TokenPrivileges)
    print 'TokenPrivileges:'
    for priv_luid, priv_flags in privs:
        flag_names, unk=TOKEN_PRIVILEGE_ATTRIBUTES.lookup_flags(priv_flags)
        flag_desc = ' '.join(flag_names)
        if (unk):
            flag_desc += '(' + str(unk) + ')'

        priv_name=win32security.LookupPrivilegeName('',priv_luid)
        priv_desc=win32security.LookupPrivilegeDisplayName('',priv_name)
        print '\t', priv_name, priv_desc, priv_flags, flag_desc

    print 'TokenGroups:'
    groups=win32security.GetTokenInformation(th,win32security.TokenGroups)
    for group_sid, group_attr in groups:
        flag_names, unk=TOKEN_GROUP_ATTRIBUTES.lookup_flags(group_attr)
        flag_desc = ' '.join(flag_names)
        if (unk):
            flag_desc += '(' + str(unk) + ')'
        if group_attr & TOKEN_GROUP_ATTRIBUTES.SE_GROUP_LOGON_ID:
            sid_desc = 'Logon sid'
        else:
            sid_desc=win32security.LookupAccountSid('',group_sid)
        print '\t',group_sid, sid_desc, group_attr, flag_desc

    ## Vista token information types, will throw (87, 'GetTokenInformation', 'The parameter is incorrect.') on earier OS
    try:
        is_elevated=win32security.GetTokenInformation(th, win32security.TokenElevation)
        print 'TokenElevation:', is_elevated
    except pywintypes.error, details:
        if details.winerror != winerror.ERROR_INVALID_PARAMETER:
            raise
        return None
def dump_token(th):
    token_type = win32security.GetTokenInformation(th, win32security.TokenType)
    print('TokenType:', token_type, TOKEN_TYPE.lookup_name(token_type))
    if token_type == win32security.TokenImpersonation:
        imp_lvl = win32security.GetTokenInformation(
            th, win32security.TokenImpersonationLevel)
        print('TokenImpersonationLevel:', imp_lvl,
              SECURITY_IMPERSONATION_LEVEL.lookup_name(imp_lvl))

    print('TokenSessionId:',
          win32security.GetTokenInformation(th, win32security.TokenSessionId))

    privs = win32security.GetTokenInformation(th,
                                              win32security.TokenPrivileges)
    print('TokenPrivileges:')
    for priv_luid, priv_flags in privs:
        flag_names, unk = TOKEN_PRIVILEGE_ATTRIBUTES.lookup_flags(priv_flags)
        flag_desc = ' '.join(flag_names)
        if (unk):
            flag_desc += '(' + str(unk) + ')'

        priv_name = win32security.LookupPrivilegeName('', priv_luid)
        priv_desc = win32security.LookupPrivilegeDisplayName('', priv_name)
        print('\t', priv_name, priv_desc, priv_flags, flag_desc)

    print('TokenGroups:')
    groups = win32security.GetTokenInformation(th, win32security.TokenGroups)
    for group_sid, group_attr in groups:
        flag_names, unk = TOKEN_GROUP_ATTRIBUTES.lookup_flags(group_attr)
        flag_desc = ' '.join(flag_names)
        if (unk):
            flag_desc += '(' + str(unk) + ')'
        if group_attr & TOKEN_GROUP_ATTRIBUTES.SE_GROUP_LOGON_ID:
            sid_desc = 'Logon sid'
        else:
            sid_desc = win32security.LookupAccountSid('', group_sid)
        print('\t', group_sid, sid_desc, group_attr, flag_desc)

    ## Vista token information types, will throw (87, 'GetTokenInformation', 'The parameter is incorrect.') on earier OS
    try:
        is_elevated = win32security.GetTokenInformation(
            th, win32security.TokenElevation)
        print('TokenElevation:', is_elevated)
    except pywintypes.error as details:
        if details.winerror != winerror.ERROR_INVALID_PARAMETER:
            raise
        return None
    print(
        'TokenHasRestrictions:',
        win32security.GetTokenInformation(th,
                                          win32security.TokenHasRestrictions))
    print(
        'TokenMandatoryPolicy',
        win32security.GetTokenInformation(th,
                                          win32security.TokenMandatoryPolicy))
    print(
        'TokenVirtualizationAllowed:',
        win32security.GetTokenInformation(
            th, win32security.TokenVirtualizationAllowed))
    print(
        'TokenVirtualizationEnabled:',
        win32security.GetTokenInformation(
            th, win32security.TokenVirtualizationEnabled))

    elevation_type = win32security.GetTokenInformation(
        th, win32security.TokenElevationType)
    print('TokenElevationType:', elevation_type,
          TOKEN_ELEVATION_TYPE.lookup_name(elevation_type))
    if elevation_type != win32security.TokenElevationTypeDefault:
        lt = win32security.GetTokenInformation(th,
                                               win32security.TokenLinkedToken)
        print('TokenLinkedToken:', lt)
    else:
        lt = None
    return lt