TOKEN_USER and SECURITY_DESCRIPTOR struct

Index > Windows > TOKEN_USER and SECURITY_DESCRIPTOR struct

Author

Thread

Apolo

Joined: 18 Mar 2017
Posts: 23

Apolo 03 Apr 2017, 12:15

How to declare TOKEN_USER and SECURITY_DESCRIPTOR in 64-bit???

03 Apr 2017, 12:15

Apolo

Joined: 18 Mar 2017
Posts: 23

Apolo 03 Apr 2017, 15:43

Aaarrrggghhh! Ghhhrrr! I am having a hysterical attack now. I am being MAD!

03 Apr 2017, 15:43

Furs

Joined: 04 Mar 2016
Posts: 2022

Furs 03 Apr 2017, 23:24

Well: https://msdn.microsoft.com/en-us/library/windows/desktop/aa379561%28v=vs.85%29.aspx

Says:

Quote:

Because the internal format of a security descriptor can vary, we recommend that applications not modify the SECURITY_DESCRIPTOR structure directly. For creating and manipulating a security descriptor, use the functions listed in See Also.

So, nobody knows unless you 1) reverse-engineer it, or 2) work at Microsoft

Probably you can find some info online about (1) if someone has done it, but why? It won't be portable to different Windows versions.

EDIT: Btw if you want its "size" then I did with MinGW-w64 and it was like this:

Code:

sizeof(TOKEN_USER) = 16 bytes
sizeof(SECURITY_DESCRIPTOR) = 40 bytes

03 Apr 2017, 23:24

Apolo

Joined: 18 Mar 2017
Posts: 23

Apolo 04 Apr 2017, 08:18

No! I need know the members for those structures in 64 bit with QWORDs.

04 Apr 2017, 08:18

revolution
When all else fails, read the source

Joined: 24 Aug 2004
Posts: 19118
Location: In your JS exploiting you and your system

revolution 04 Apr 2017, 08:33

Apolo wrote:

Aaarrrggghhh! Ghhhrrr! I am having a hysterical attack now. I am being MAD!

These types of posts work against you. Demanding prompt answers from volunteers just makes people want to close the page and move on to other things.

04 Apr 2017, 08:33

Trinitek

Joined: 06 Nov 2011
Posts: 257

Trinitek 04 Apr 2017, 09:26

Apolo wrote:

No! I need know the members for those structures in 64 bit with QWORDs.

I think your temper is interfering with your reading comprehension. I'm not sure what's so hard to understand about "Nobody knows unless you 1) reverse-engineer it, or 2) work at Microsoft".

04 Apr 2017, 09:26

Apolo

Joined: 18 Mar 2017
Posts: 23

Apolo 04 Apr 2017, 09:48

Stop provoke me!
I am going mad!

04 Apr 2017, 09:48

Furs

Joined: 04 Mar 2016
Posts: 2022

Furs 04 Apr 2017, 10:58

If you really insist, here's the definition from MinGW, however there is no guarantee it is correct on your Windows version:

Code:

typedef struct _SECURITY_DESCRIPTOR {
    UCHAR Revision;
    UCHAR Sbz1;
    SECURITY_DESCRIPTOR_CONTROL Control;
    PSID Owner;
    PSID Group;
    PACL Sacl;
    PACL Dacl;
} SECURITY_DESCRIPTOR;

SECURITY_DESCRIPTOR_CONTROL seems to be a typedef for WORD, no idea about the others, if you are so inclined to do it, then download MinGW-w64 and look in the header files yourself. (you ask very low-level question so be prepared to do a lot of research, just saying)

All you can know probably is that its size is the same (if you need to allocate it).

04 Apr 2017, 10:58

< Last Thread | Next Thread >

Forum Rules:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum