MalwareSourceCode/MSIL/Virus/Win32/E/Virus.Win32.Expiro.w-f8f9f26e940480624825f6bddbea86e70fc4aa746c4dd8efa7d98dcb477000ed/Microsoft/InfoCards/UIAgentRequest.cs

139 lines
5.0 KiB
C#
Raw Normal View History

2022-08-18 11:28:56 +00:00
// Decompiled with JetBrains decompiler
// Type: Microsoft.InfoCards.UIAgentRequest
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
// MVID: 1D4D5564-A025-490C-AF1D-DF4FBB709D1F
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-f8f9f26e940480624825f6bddbea86e70fc4aa746c4dd8efa7d98dcb477000ed.exe
using Microsoft.InfoCards.Diagnostics;
using Microsoft.Win32.SafeHandles;
using System;
using System.ComponentModel;
using System.IO;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Principal;
namespace Microsoft.InfoCards
{
internal abstract class UIAgentRequest : Request
{
private ClientUIRequest m_parentRequest;
public UIAgentRequest(IntPtr rpcHandle, Stream inArgs, Stream outArgs, ClientUIRequest parent)
: this(rpcHandle, inArgs, outArgs, parent, ExceptionList.Empty)
{
}
public UIAgentRequest(
IntPtr rpcHandle,
Stream inArgs,
Stream outArgs,
ClientUIRequest parent,
ExceptionList exceptionList)
: base(rpcHandle, inArgs, outArgs, exceptionList)
{
this.m_parentRequest = parent;
}
public ClientUIRequest ParentRequest => this.m_parentRequest;
protected InfoCardUIAgent UIAgent => this.ParentRequest != null ? this.ParentRequest.UIAgent : (InfoCardUIAgent) null;
public static uint Authorize(IntPtr rpcIfHandle, IntPtr context)
{
uint num = 5;
if (IntPtr.Zero == rpcIfHandle)
throw InfoCardTrace.ThrowHelperArgumentNull(nameof (rpcIfHandle));
if (IntPtr.Zero == context)
throw InfoCardTrace.ThrowHelperArgumentNull(nameof (context));
try
{
WindowsIdentity windowsIdentity = Utility.GetWindowsIdentity(context);
try
{
NativeMcppMethods.CheckSIDAgainstCurrentRpcUser((InfoCardUIAgent.FindByPid(Utility.GetRpcClientPid(context)) ?? throw InfoCardTrace.ThrowHelperError((Exception) new SecurityException())).TrustedUserSid);
num = 0U;
}
finally
{
windowsIdentity.Dispose();
}
}
catch (SecurityException ex)
{
InfoCardTrace.Assert(5U == num, "Unexpected value for err!");
}
catch (Exception ex)
{
InfoCardService.Crash(ex);
}
return num;
}
public static void BindToService(
IntPtr uiagentRpcHandle,
IntPtr nativeDesktopName,
int cbUserSid,
IntPtr pUserSid,
int cbTrustedSid,
IntPtr pTrustedSid,
out IntPtr nativeStartEventHandle,
out IntPtr nativeCompleteEventHandle,
out RpcUIAgentGetWorkCallback callback)
{
string stringUni = Marshal.PtrToStringUni(nativeDesktopName);
callback = (RpcUIAgentGetWorkCallback) null;
nativeStartEventHandle = IntPtr.Zero;
nativeCompleteEventHandle = IntPtr.Zero;
using (WindowsIdentity windowsIdentity = Utility.GetWindowsIdentity(uiagentRpcHandle))
{
WindowsImpersonationContext impersonationContext = windowsIdentity.Impersonate();
try
{
uint pid;
if (NativeMethods.I_RpcBindingInqLocalClientPID(uiagentRpcHandle, out pid) != 0U)
throw InfoCardTrace.ThrowHelperError((Exception) new CommunicationException(SR.GetString("FailedToBindToService")));
InfoCardUIAgent byPid = InfoCardUIAgent.FindByPid(pid);
if (byPid == null)
return;
SecurityIdentifier userSid;
SafeWaitHandle hStartEvent;
SafeWaitHandle hCompleteEvent;
callback = byPid.Bind(stringUni, out userSid, out hStartEvent, out hCompleteEvent);
byte[] numArray = new byte[Math.Max(cbUserSid, cbTrustedSid)];
windowsIdentity.User.GetBinaryForm(numArray, 0);
Marshal.Copy(numArray, 0, pUserSid, cbUserSid);
userSid.GetBinaryForm(numArray, 0);
Marshal.Copy(numArray, 0, pTrustedSid, cbTrustedSid);
nativeStartEventHandle = hStartEvent.DangerousGetHandle();
nativeCompleteEventHandle = hCompleteEvent.DangerousGetHandle();
}
finally
{
impersonationContext.Undo();
}
}
}
public override WindowsIdentity RequestorIdentity => this.ParentRequest.RequestorIdentity;
protected override void OnInitializeAsSystem()
{
try
{
NativeMcppMethods.CheckSIDAgainstCurrentRpcUser(this.ParentRequest.UIAgentLogonSid);
}
catch (Win32Exception ex)
{
throw InfoCardTrace.ThrowHelperError((Exception) new InfoCardArgumentException(SR.GetString("UnableToAuthenticateUIAgent"), (Exception) ex));
}
catch (SecurityException ex)
{
throw InfoCardTrace.ThrowHelperError((Exception) new InfoCardArgumentException(SR.GetString("UnableToAuthenticateUIAgent"), (Exception) ex));
}
}
protected InfoCardPolicy GetPolicy() => !(this.ParentRequest is GetTokenRequest parentRequest) ? (InfoCardPolicy) null : parentRequest.Policy;
}
}