当前位置: 文江博客话题详情

如何冒充其他用户?

发布于 2024-08-21 21:46:04 字数 480 浏览 8 评论 0原文

我正在开发一个 ASP.net 应用程序,我正在尝试模拟一个用户,

我正在使用一个令牌创建一个 windowsIdentity,

WindowsIdentity winId = new WindowsIdenty( token );

该令牌是通过调用非托管代码获得的,

[DllImport("advapi32.dll")]
public static extern int LogonUserA(String lpszUserName, 
    String lpszDomain,
    String lpszPassword,
    int dwLogonType, 
    int dwLogonProvider,
    ref IntPtr phToken);

是否有其他方法可以在不使用此令牌的情况下获取令牌advapi32.dll 非托管代码?

tks

原文

I'm working on an ASP.net app and i'm trying to impersonate a user

I'm creating a windowsIdentity with a token

WindowsIdentity winId = new WindowsIdenty( token );

this token was got by calling the un managed code

[DllImport("advapi32.dll")]
public static extern int LogonUserA(String lpszUserName, 
    String lpszDomain,
    String lpszPassword,
    int dwLogonType, 
    int dwLogonProvider,
    ref IntPtr phToken);

is there any other way to get a token without using this advapi32.dll unmanaged code?

tks

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

余厌 2024-08-28 21:46:04

就我个人而言,我更喜欢 包装类 来处理此模拟。

因此,您将使用非托管代码,但据我所知,无法直接使用托管代码来执行此操作。

Personally, I prefer a wrapper class to handle this Impersonation.

So, you will be working with unmanaged code, but AFAIK there is no way to do this with managed code directly.

回复 原文
神魇的王 2024-08-28 21:46:04

构建一个类:Impersonate.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web.Security;
using System.Security.Principal;
using System.Runtime.InteropServices;
using System.IO;
using System.Text;

using System.Web;

// you must change the YourProgramName 

namespace [YourProgramName]
{
    public class Impersonate
    {

        [DllImport("advapi32.dll", SetLastError = true)]
        private static extern int LogonUser(string lpszUsername, string lpszDomain, string lpszPassword,
                                            int dwLogonType, int dwLogonProvider, out int phToken);

        [DllImport("kernel32.dll")]
        private static extern int FormatMessage(int dwFlags, string lpSource, int dwMessageId, int dwLanguageId,
                                                StringBuilder lpBuffer, int nSize, string[] Arguments);


        private const int LOGON32_LOGON_NETWORK_CLEARTEXT = 8;
        private const int LOGON32_PROVIDER_DEFAULT = 0;
        private const int FORMAT_MESSAGE_FROM_SYSTEM = 0x1000;

        private static WindowsImpersonationContext winImpersonationContext = null;

        public static void ImpersonateUser(string domain, string userName, string password)
        {

            //Benutzer einloggen
            int userToken = 0;

            bool loggedOn = (LogonUser(userName, domain, password, LOGON32_LOGON_NETWORK_CLEARTEXT,
                                        LOGON32_PROVIDER_DEFAULT, out userToken) != 0);

            if (loggedOn == false)
            {
                int apiError = Marshal.GetLastWin32Error();
                StringBuilder errorMessage = new StringBuilder(1024);
                FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, null, apiError, 0, errorMessage, 1024, null);
                throw new Exception(errorMessage.ToString());
            }

            WindowsIdentity identity = new WindowsIdentity((IntPtr)userToken);
            winImpersonationContext = identity.Impersonate();

        }

        public static void UndoImpersonation()
        {
            if (winImpersonationContext != null)
            {
                winImpersonationContext.Undo();
            }
        }

    }
}

在您的程序中使用:

Impersonate.ImpersonateUser("Domain", "Username", "UserPassword");

                     //Your Code as the new User

                Impersonate.UndoImpersonation();

Built a class: Impersonate.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web.Security;
using System.Security.Principal;
using System.Runtime.InteropServices;
using System.IO;
using System.Text;

using System.Web;

// you must change the YourProgramName 

namespace [YourProgramName]
{
    public class Impersonate
    {

        [DllImport("advapi32.dll", SetLastError = true)]
        private static extern int LogonUser(string lpszUsername, string lpszDomain, string lpszPassword,
                                            int dwLogonType, int dwLogonProvider, out int phToken);

        [DllImport("kernel32.dll")]
        private static extern int FormatMessage(int dwFlags, string lpSource, int dwMessageId, int dwLanguageId,
                                                StringBuilder lpBuffer, int nSize, string[] Arguments);


        private const int LOGON32_LOGON_NETWORK_CLEARTEXT = 8;
        private const int LOGON32_PROVIDER_DEFAULT = 0;
        private const int FORMAT_MESSAGE_FROM_SYSTEM = 0x1000;

        private static WindowsImpersonationContext winImpersonationContext = null;

        public static void ImpersonateUser(string domain, string userName, string password)
        {

            //Benutzer einloggen
            int userToken = 0;

            bool loggedOn = (LogonUser(userName, domain, password, LOGON32_LOGON_NETWORK_CLEARTEXT,
                                        LOGON32_PROVIDER_DEFAULT, out userToken) != 0);

            if (loggedOn == false)
            {
                int apiError = Marshal.GetLastWin32Error();
                StringBuilder errorMessage = new StringBuilder(1024);
                FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, null, apiError, 0, errorMessage, 1024, null);
                throw new Exception(errorMessage.ToString());
            }

            WindowsIdentity identity = new WindowsIdentity((IntPtr)userToken);
            winImpersonationContext = identity.Impersonate();

        }

        public static void UndoImpersonation()
        {
            if (winImpersonationContext != null)
            {
                winImpersonationContext.Undo();
            }
        }

    }
}

Use in Your Program:

Impersonate.ImpersonateUser("Domain", "Username", "UserPassword");

                     //Your Code as the new User

                Impersonate.UndoImpersonation();
回复 原文
~没有更多了~

关于作者

蝶…霜飞

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

離殇

文章 0 评论 0

小姐丶请自重

文章 0 评论 0

Aik

文章 0 评论 0

国产ˉ祖宗

文章 0 评论 0

猥琐帝

文章 0 评论 0

半仙

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文