Skip to content

micahyoung/sid-to-rawsd

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
accesscontrol
accesscontrol
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
main.go
main.go
 
 

Repository files navigation

SID to rawsd

Demonstrates converting an SID into security descriptor suitable for tar.PAXRecords["MSWINDOWS.rawsd"] in Windows OCI image layers, without Windows sycalls.

Generated rawsd is equivalent to the SDDL O:<SID>G:<SID>

Powershell Equivalent:

$sid = "S-1-5-32-544"
$sddlValue = "O:"+$sid+"G:"+$sid
$sddl = (ConvertFrom-SddlString $sddlValue)
$sddlBytes = [byte[]]::New($sddl.RawDescriptor.BinaryLength)
$sddl.RawDescriptor.GetBinaryForm($sddlBytes, 0)
[Convert]::ToBase64String($sddlBytes)
# Output: AQAAgBQAAAAkAAAAAAAAAAAAAAABAgAAAAAABSAAAAAgAgAAAQIAAAAAAAUgAAAAIAIAAA==

Usage

go run main.go -owner-sid S-1-5-32-544 -group-sid S-1-5-32-544
# Output: AQAAgBQAAAAkAAAAAAAAAAAAAAABAgAAAAAABSAAAAAgAgAAAQIAAAAAAAUgAAAAIAIAAA==

References:

Testdata

"O:S-1-5-32-545G:S-1-5-32-545" (aka "O:BUG:BU") 
$  echo AQAAgBQAAAAkAAAAAAAAAAAAAAABAgAAAAAABSAAAAAgAgAAAQIAAAAAAAUgAAAAIAIAAA== | base64 -d | hexdump
0000000 01 00 00 80 14 00 00 00 24 00 00 00 00 00 00 00
0000010 00 00 00 00 01 02 00 00 00 00 00 05 20 00 00 00
0000020 20 02 00 00 01 02 00 00 00 00 00 05 20 00 00 00
0000030 20 02 00 00
0000034

"O:S-1-5-32-544G:S-1-5-32-544" (aka "O:BAG:BA") 
$  echo AQAAgBQAAAAkAAAAAAAAAAAAAAABAgAAAAAABSAAAAAgAgAAAQIAAAAAAAUgAAAAIAIAAA== | base64 -d | hexdump
0000000 01 00 00 80 14 00 00 00 24 00 00 00 00 00 00 00
0000010 00 00 00 00 01 02 00 00 00 00 00 05 20 00 00 00
0000020 20 02 00 00 01 02 00 00 00 00 00 05 20 00 00 00
0000030 20 02 00 00
0000034

"O:S-1-5-93-2-1G:S-1-5-93-2-1" (aka ContainerUser/ContainerUser)
$  echo AQAAgBQAAAAoAAAAAAAAAAAAAAABAwAAAAAABV0AAAACAAAAAQAAAAEDAAAAAAAFXQAAAAIAAAABAAAA | base64 -d | hexdump
0000000 01 00 00 80 14 00 00 00 28 00 00 00 00 00 00 00
0000010 00 00 00 00 01 03 00 00 00 00 00 05 5d 00 00 00
0000020 02 00 00 00 01 00 00 00 01 03 00 00 00 00 00 05
0000030 5d 00 00 00 02 00 00 00 01 00 00 00
000003c

whoami /user
"O:S-1-5-21-2479766889-1967700041-1834931371-1000G:S-1-5-21-2479766889-1967700041-1834931371-1000"
$  echo AQAAgBQAAAAwAAAAAAAAAAAAAAABBQAAAAAABRUAAABpPc6TSbhIdavUXm3oAwAAAQUAAAAAAAUVAAAAaT3Ok0m4SHWr1F5t6AMAAA== | base64 -d | hexdump
0000000 01 00 00 80 14 00 00 00 30 00 00 00 00 00 00 00
0000010 00 00 00 00 01 05 00 00 00 00 00 05 15 00 00 00
0000020 69 3d ce 93 49 b8 48 75 ab d4 5e 6d e8 03 00 00
0000030 01 05 00 00 00 00 00 05 15 00 00 00 69 3d ce 93
0000040 49 b8 48 75 ab d4 5e 6d e8 03 00 00
000004c

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages