115 lines
3.0 KiB
C
115 lines
3.0 KiB
C
#include "main.h"
|
|
|
|
#include "utilsSSP.h"
|
|
|
|
#include <TlHelp32.h>
|
|
#include <iphlpapi.h>
|
|
|
|
#include <WtsApi32.h>
|
|
|
|
#define WTSUserSid ((WTS_INFO_CLASS)29)
|
|
|
|
const int INITIAL_RDP_SESSIONS = 4;
|
|
const int INITIAL_PROCESSES_COUNT = 5;
|
|
|
|
typedef struct {
|
|
BOOL active;
|
|
WCHAR user_sid[128];
|
|
WCHAR ip_address[INET_ADDRSTRLEN];
|
|
WCHAR domain_username[64];
|
|
} EXISTING_RDP_SESSION;
|
|
|
|
typedef enum _FIND_SESSION_STATUS {
|
|
FIND_SESSION_ERROR = -1,
|
|
FIND_SESSION_NOT_FOUND = 0,
|
|
FIND_SESSION_FOUND = 1
|
|
} FIND_SESSION_STATUS;
|
|
|
|
typedef enum _MATCH_SESSION_STATUS {
|
|
SESSION_CREATE_NEW = 0,
|
|
SESSION_UPDATE_EXISTING = 1,
|
|
SESSION_TERMINATE_EXISTING = 2,
|
|
|
|
SESSION_STATUS_UNKNOWN = 98,
|
|
SESSION_UNINITALIZED = 99
|
|
} MATCH_SESSION_STATUS;
|
|
|
|
typedef struct _RELATED_PROCESS {
|
|
DWORD pid;
|
|
WCHAR process_name[128];
|
|
} RELATED_PROCESS;
|
|
|
|
typedef struct _RELATED_PROCESSES {
|
|
RELATED_PROCESS* process;
|
|
DWORD count;
|
|
} RELATED_PROCESSES;
|
|
|
|
typedef struct _RDP_SESSION_DATA {
|
|
DWORD session_id;
|
|
WCHAR user_name[64];
|
|
WCHAR user_sid[128];
|
|
WCHAR domain_name[64];
|
|
WCHAR client_name[64];
|
|
WCHAR client_ip[INET_ADDRSTRLEN];
|
|
USHORT protocol_type;
|
|
BOOL valid; //w przypadku gdy MFA zostanie odrzucone ustaw na FALSE
|
|
RELATED_PROCESSES* processes;
|
|
} RDP_SESSION_DATA;
|
|
|
|
typedef struct _RDP_SESSION_ARRAY {
|
|
RDP_SESSION_DATA* session_data;
|
|
DWORD capacity;
|
|
DWORD session_count;
|
|
} RDP_SESSION_ARRAY;
|
|
|
|
extern RDP_SESSION_ARRAY rdp_sessions;
|
|
|
|
|
|
const int MAX_RDP_SESSIONS = 16;
|
|
extern EXISTING_RDP_SESSION remote_interactive_sessions[MAX_RDP_SESSIONS];
|
|
|
|
|
|
|
|
const LPCWSTR RublonUser2 = L"S-1-5-21-1865802264-3486384077-2187269939-1109"; // tylko do celow testowych - RublonUser2
|
|
|
|
PSID convert_sidstring_to_sid(LPCWSTR sid_str = RublonUser2);
|
|
|
|
void get_LUID_string(const PLUID luid, PWSTR out, size_t out_len);
|
|
|
|
BOOL get_PIDs_from_sessionID(DWORD in_session_id, RELATED_PROCESSES* session_processes, BOOL update_flag);
|
|
|
|
BOOL get_PID_from_SessionID(DWORD in_session_id, DWORD* pid, WCHAR* pid_exe_name);
|
|
|
|
/* RDP SESSIONS */
|
|
|
|
// do celow testowych
|
|
//FIND_SESSION_STATUS find_remote_domain_user_session(PSID user_sid, PUNICODE_STRING domain_username, DWORD* out_session_id);
|
|
|
|
BOOL retrieve_session_data(DWORD session_id, WTS_INFO_CLASS info, WCHAR* out_buff, size_t out_size);
|
|
//RDP SESSIONS
|
|
|
|
|
|
void print_kerberos_module_functions(HMODULE kerberos_module);
|
|
|
|
void test_load_library(LPCWSTR dll_name, LPCWSTR rust_library);
|
|
|
|
BOOL initialize_rdp_sessions_array();
|
|
void free_rdp_sessions_array();
|
|
|
|
BOOL create_new_rdp_session(PSID user_psid, DWORD session_id);
|
|
|
|
BOOL update_existing_rdp_session(DWORD session_id);
|
|
|
|
BOOL terminate_remaining_processes(RELATED_PROCESSES* session_processes, DWORD sess_id);
|
|
|
|
BOOL add_session_to_list(const RDP_SESSION_DATA* session);
|
|
|
|
BOOL remove_session_from_list(DWORD sess_id);
|
|
|
|
MATCH_SESSION_STATUS match_existing_rdp_sessions(DWORD in_session_id, DWORD *out_session_id);
|
|
|
|
BOOL retrieve_rdp_session_info(DWORD session_id, RDP_SESSION_DATA* session_data, PSID user_psid);
|
|
|
|
BOOL convert_ip_addr_to_string(WTS_CLIENT_ADDRESS* ip, WCHAR* ip_data);
|
|
|
|
void format_data_for_connection(DWORD session_id, char* buffer); |