Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use localized group name to determine administrator status #378

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

use localized group name to determine administrator status #378

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 56 additions & 3 deletions eg/WinApi/User.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,62 @@
# You should have received a copy of the GNU General Public License along
# with EventGhost. If not, see <http://www.gnu.org/licenses/>.

import platform

import ntsecuritycon
import pywintypes
import win32api
import win32net
import platform
from win32net import NetUserModalsGet
from win32security import LookupAccountSid


# -------------------------------------------------------------------
# `LookupAliasFromRid` and `LookupUserGroupFromRid` from
# https://github.com/mhammond/pywin32/blob/master/win32/Demos/security/localized_names.py

def lookup_alias_from_rid(TargetComputer, Rid):
# Sid is the same regardless of machine, since the well-known
# BUILTIN domain is referenced.
sid = pywintypes.SID()
sid.Initialize(ntsecuritycon.SECURITY_NT_AUTHORITY, 2)

for i, r in enumerate((ntsecuritycon.SECURITY_BUILTIN_DOMAIN_RID, Rid)):
sid.SetSubAuthority(i, r)

name, domain, typ = LookupAccountSid(TargetComputer, sid)
return name


def lookup_user_group_from_rid(TargetComputer, Rid):
# get the account domain Sid on the target machine
# note: if you were looking up multiple sids based on the same
# account domain, only need to call this once.
umi2 = NetUserModalsGet(TargetComputer, 2)
domain_sid = umi2['domain_id']

sub_authority_count = domain_sid.GetSubAuthorityCount()

# create and init new sid with acct domain Sid + acct Rid
sid = pywintypes.SID()
sid.Initialize(domain_sid.GetSidIdentifierAuthority(),
sub_authority_count + 1)

# copy existing subauthorities from account domain Sid into
# new Sid
for i in range(sub_authority_count):
sid.SetSubAuthority(i, domain_sid.GetSubAuthority(i))

# append Rid to new Sid
sid.SetSubAuthority(sub_authority_count, Rid)

name, domain, typ = LookupAccountSid(TargetComputer, sid)
return name


# -------------------------------------------------------------------

ADMIN_GROUP_NAME = lookup_alias_from_rid(None, ntsecuritycon.DOMAIN_ALIAS_RID_ADMINS)


def NameSamCompatible():
Expand Down Expand Up @@ -77,7 +130,7 @@ def IsLocalAdmin():

:rtype: bool
"""
return 'Administrators' in Groups()
return ADMIN_GROUP_NAME in Groups()


def IsDomainAdmin():
Expand All @@ -93,7 +146,7 @@ def IsDomainAdmin():
return False
else:
try:
return 'Administrators' in Groups(server=Domain())
return ADMIN_GROUP_NAME in Groups(server=Domain())
except win32net.error as err:
if err[0] == 1722:
return False
Expand Down