New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
windows/certificates: Improve table's coverage of Personal certificates #5640
windows/certificates: Improve table's coverage of Personal certificates #5640
Commits on Jul 16, 2019
-
Make Personal certs visible for other users
They aren't returned by the cert enumeration APIs, but if we directly look into their %APPDATA%, we can find them. The files there are a custom file format, which we can parse to extract the actual encoded certificate. We can then forward that back to the winapi to extract info out of it. We can also proactively look for them on disk, regardless of the enumeration, which will guarantee that we will always be able to show Personal certs regardless of things like, e.g. login history. For example, if a user has never logged in on a system since boot, they may not appear in the registry, and thus the enumeration, so their Personal certs will not appear, even though they are available.
-
Do not fetch from disk if we didn't get a username
It would safely fail before with a file not found error, but this is more explicit.
-
-
-
-
-
Commits on Jul 22, 2019
Commits on Aug 1, 2019
Commits on Aug 5, 2019
-
-
-
-
Use more precise internal query
Similar to the user_groups table, we filter out some of the accounts we know will not have directories on disk for certificates
Commits on Aug 6, 2019
-
Use getUserHomeDir to construct Personal certs path
Previously, we assumed a certain path structure for where to find a user's Personal certificates. Now we reuse some functionality from the users table which checks the registry to retrieve the home directory.
-
Expand environment variables in home dir string
For system accounts (e.g. Local System) the home dir paths we get back from getUserHomeDir may contain environment variables. This expands them so we can now retrieve certificates within certificate directories for system accounts.
-