This source file includes following definitions.
- PrintUsage
- wmain
#include "sandbox/win/src/restricted_token_utils.h"
#include "sandbox/win/tools/finder/finder.h"
#define PARAM_IS(y) (argc > i) && (_wcsicmp(argv[i], y) == 0)
void PrintUsage(wchar_t *application_name) {
wprintf(L"\n\nUsage: \n %ls --token type --object ob1 [ob2 ob3] "
L"--access ac1 [ac2 ac3] [--log filename]", application_name);
wprintf(L"\n\n Token Types : \n\tLOCKDOWN \n\tRESTRICTED "
L"\n\tLIMITED_USER \n\tINTERACTIVE_USER \n\tNON_ADMIN \n\tUNPROTECTED");
wprintf(L"\n Object Types: \n\tREG \n\tFILE \n\tKERNEL");
wprintf(L"\n Access Types: \n\tR \n\tW \n\tALL");
wprintf(L"\n\nSample: \n %ls --token LOCKDOWN --object REG FILE KERNEL "
L"--access R W ALL", application_name);
}
int wmain(int argc, wchar_t* argv[]) {
wchar_t *app_name = wcsrchr(argv[0], L'\\');
if (!app_name) {
app_name = argv[0];
} else {
app_name++;
}
ATL::CString log_file;
sandbox::TokenLevel token_type = sandbox::USER_LOCKDOWN;
DWORD object_type = 0;
DWORD access_type = 0;
if (argc == 1) {
PrintUsage(app_name);
return -1;
}
for (int i = 1; i < argc; ++i) {
if (PARAM_IS(L"--token")) {
i++;
if (argc > i) {
if (PARAM_IS(L"LOCKDOWN")) {
token_type = sandbox::USER_LOCKDOWN;
} else if (PARAM_IS(L"RESTRICTED")) {
token_type = sandbox::USER_RESTRICTED;
} else if (PARAM_IS(L"LIMITED_USER")) {
token_type = sandbox::USER_LIMITED;
} else if (PARAM_IS(L"INTERACTIVE_USER")) {
token_type = sandbox::USER_INTERACTIVE;
} else if (PARAM_IS(L"NON_ADMIN")) {
token_type = sandbox::USER_NON_ADMIN;
} else if (PARAM_IS(L"USER_RESTRICTED_SAME_ACCESS")) {
token_type = sandbox::USER_RESTRICTED_SAME_ACCESS;
} else if (PARAM_IS(L"UNPROTECTED")) {
token_type = sandbox::USER_UNPROTECTED;
} else {
wprintf(L"\nAbord. Invalid token type \"%ls\"", argv[i]);
PrintUsage(app_name);
return -1;
}
}
} else if (PARAM_IS(L"--object")) {
bool is_object = true;
do {
i++;
if (PARAM_IS(L"REG")) {
object_type |= kScanRegistry;
} else if (PARAM_IS(L"FILE")) {
object_type |= kScanFileSystem;
} else if (PARAM_IS(L"KERNEL")) {
object_type |= kScanKernelObjects;
} else {
is_object = false;
}
} while(is_object);
i--;
} else if (PARAM_IS(L"--access")) {
bool is_access = true;
do {
i++;
if (PARAM_IS(L"R")) {
access_type |= kTestForRead;
} else if (PARAM_IS(L"W")) {
access_type |= kTestForWrite;
} else if (PARAM_IS(L"ALL")) {
access_type |= kTestForAll;
} else {
is_access = false;
}
} while(is_access);
i--;
} else if (PARAM_IS(L"--log")) {
i++;
if (argc > i) {
log_file = argv[i];
}
else {
wprintf(L"\nAbord. No log file specified");
PrintUsage(app_name);
return -1;
}
} else {
wprintf(L"\nAbord. Unrecognized parameter \"%ls\"", argv[i]);
PrintUsage(app_name);
return -1;
}
}
if (0 == access_type) {
wprintf(L"\nAbord, Access type not specified");
PrintUsage(app_name);
return -1;
}
if (0 == object_type) {
wprintf(L"\nAbord, Object type not specified");
PrintUsage(app_name);
return -1;
}
FILE * file_output;
if (log_file.GetLength()) {
errno_t err = _wfopen_s(&file_output, log_file, L"w");
if (err) {
wprintf(L"\nAbord, Cannot open file \"%ls\"", log_file.GetBuffer());
return -1;
}
} else {
file_output = stdout;
}
Finder finder_obj;
finder_obj.Init(token_type, object_type, access_type, file_output);
finder_obj.Scan();
fclose(file_output);
return 0;
}