// Decompiled with JetBrains decompiler // Type: Microsoft.InfoCards.UIAgentRequest // Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 // MVID: 1D4D5564-A025-490C-AF1D-DF4FBB709D1F // Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-f8f9f26e940480624825f6bddbea86e70fc4aa746c4dd8efa7d98dcb477000ed.exe using Microsoft.InfoCards.Diagnostics; using Microsoft.Win32.SafeHandles; using System; using System.ComponentModel; using System.IO; using System.Runtime.InteropServices; using System.Security; using System.Security.Principal; namespace Microsoft.InfoCards { internal abstract class UIAgentRequest : Request { private ClientUIRequest m_parentRequest; public UIAgentRequest(IntPtr rpcHandle, Stream inArgs, Stream outArgs, ClientUIRequest parent) : this(rpcHandle, inArgs, outArgs, parent, ExceptionList.Empty) { } public UIAgentRequest( IntPtr rpcHandle, Stream inArgs, Stream outArgs, ClientUIRequest parent, ExceptionList exceptionList) : base(rpcHandle, inArgs, outArgs, exceptionList) { this.m_parentRequest = parent; } public ClientUIRequest ParentRequest => this.m_parentRequest; protected InfoCardUIAgent UIAgent => this.ParentRequest != null ? this.ParentRequest.UIAgent : (InfoCardUIAgent) null; public static uint Authorize(IntPtr rpcIfHandle, IntPtr context) { uint num = 5; if (IntPtr.Zero == rpcIfHandle) throw InfoCardTrace.ThrowHelperArgumentNull(nameof (rpcIfHandle)); if (IntPtr.Zero == context) throw InfoCardTrace.ThrowHelperArgumentNull(nameof (context)); try { WindowsIdentity windowsIdentity = Utility.GetWindowsIdentity(context); try { NativeMcppMethods.CheckSIDAgainstCurrentRpcUser((InfoCardUIAgent.FindByPid(Utility.GetRpcClientPid(context)) ?? throw InfoCardTrace.ThrowHelperError((Exception) new SecurityException())).TrustedUserSid); num = 0U; } finally { windowsIdentity.Dispose(); } } catch (SecurityException ex) { InfoCardTrace.Assert(5U == num, "Unexpected value for err!"); } catch (Exception ex) { InfoCardService.Crash(ex); } return num; } public static void BindToService( IntPtr uiagentRpcHandle, IntPtr nativeDesktopName, int cbUserSid, IntPtr pUserSid, int cbTrustedSid, IntPtr pTrustedSid, out IntPtr nativeStartEventHandle, out IntPtr nativeCompleteEventHandle, out RpcUIAgentGetWorkCallback callback) { string stringUni = Marshal.PtrToStringUni(nativeDesktopName); callback = (RpcUIAgentGetWorkCallback) null; nativeStartEventHandle = IntPtr.Zero; nativeCompleteEventHandle = IntPtr.Zero; using (WindowsIdentity windowsIdentity = Utility.GetWindowsIdentity(uiagentRpcHandle)) { WindowsImpersonationContext impersonationContext = windowsIdentity.Impersonate(); try { uint pid; if (NativeMethods.I_RpcBindingInqLocalClientPID(uiagentRpcHandle, out pid) != 0U) throw InfoCardTrace.ThrowHelperError((Exception) new CommunicationException(SR.GetString("FailedToBindToService"))); InfoCardUIAgent byPid = InfoCardUIAgent.FindByPid(pid); if (byPid == null) return; SecurityIdentifier userSid; SafeWaitHandle hStartEvent; SafeWaitHandle hCompleteEvent; callback = byPid.Bind(stringUni, out userSid, out hStartEvent, out hCompleteEvent); byte[] numArray = new byte[Math.Max(cbUserSid, cbTrustedSid)]; windowsIdentity.User.GetBinaryForm(numArray, 0); Marshal.Copy(numArray, 0, pUserSid, cbUserSid); userSid.GetBinaryForm(numArray, 0); Marshal.Copy(numArray, 0, pTrustedSid, cbTrustedSid); nativeStartEventHandle = hStartEvent.DangerousGetHandle(); nativeCompleteEventHandle = hCompleteEvent.DangerousGetHandle(); } finally { impersonationContext.Undo(); } } } public override WindowsIdentity RequestorIdentity => this.ParentRequest.RequestorIdentity; protected override void OnInitializeAsSystem() { try { NativeMcppMethods.CheckSIDAgainstCurrentRpcUser(this.ParentRequest.UIAgentLogonSid); } catch (Win32Exception ex) { throw InfoCardTrace.ThrowHelperError((Exception) new InfoCardArgumentException(SR.GetString("UnableToAuthenticateUIAgent"), (Exception) ex)); } catch (SecurityException ex) { throw InfoCardTrace.ThrowHelperError((Exception) new InfoCardArgumentException(SR.GetString("UnableToAuthenticateUIAgent"), (Exception) ex)); } } protected InfoCardPolicy GetPolicy() => !(this.ParentRequest is GetTokenRequest parentRequest) ? (InfoCardPolicy) null : parentRequest.Policy; } }