Merge pull request #33 from momo5502/task/token-progress

Progress on tokens

src/windows-emulator/handles.hpp

@@ -16,6 +16,7 @@ struct handle_types
 		thread,
 		registry,
 		mutant,
+		token,
 	};
 };
 
@@ -353,6 +354,8 @@ constexpr auto CONSOLE_HANDLE = make_pseudo_handle(0x1, handle_types::file);
 constexpr auto STDOUT_HANDLE = make_pseudo_handle(0x2, handle_types::file);
 constexpr auto STDIN_HANDLE = make_pseudo_handle(0x3, handle_types::file);
 
+constexpr auto DUMMY_IMPERSONATION_TOKEN = make_pseudo_handle(0x1, handle_types::token);
+
 constexpr auto CURRENT_PROCESS = make_handle(~0ULL);
 constexpr auto CURRENT_THREAD = make_handle(~1ULL);
 

src/windows-emulator/syscalls.cpp

@@ -325,6 +325,19 @@ namespace
 			return STATUS_SUCCESS;
 		}
 
+		if (info_class == ThreadImpersonationToken)
+		{
+			if (thread_information_length != sizeof(handle))
+			{
+				return STATUS_BUFFER_OVERFLOW;
+			}
+
+			const emulator_object<handle> info{c.emu, thread_information};
+			info.write(DUMMY_IMPERSONATION_TOKEN);
+
+			return STATUS_SUCCESS;
+		}
+
 		if (info_class == ThreadZeroTlsCell)
 		{
 			if (thread_information_length != sizeof(ULONG))
@@ -2029,21 +2042,22 @@ namespace
 		if (token_handle != CURRENT_PROCESS_TOKEN
 			&& token_handle != CURRENT_THREAD_TOKEN
 			&& token_handle != CURRENT_THREAD_EFFECTIVE_TOKEN
+			&& token_handle != DUMMY_IMPERSONATION_TOKEN
 		)
 		{
 			return STATUS_NOT_SUPPORTED;
 		}
 
+		const uint8_t sid[] =
+		{
+			0x01, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00,
+			0x05, 0x15, 0x00, 0x00, 0x00, 0x84, 0x94,
+			0xD4, 0x04, 0x4B, 0x68, 0x42, 0x34, 0x23,
+			0xBE, 0x69, 0x4E, 0xE9, 0x03, 0x00, 0x00,
+		};
+
 		if (token_information_class == TokenUser)
 		{
-			const uint8_t sid[] =
-			{
-				0x01, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00,
-				0x05, 0x15, 0x00, 0x00, 0x00, 0x84, 0x94,
-				0xD4, 0x04, 0x4B, 0x68, 0x42, 0x34, 0x23,
-				0xBE, 0x69, 0x4E, 0xE9, 0x03, 0x00, 0x00,
-			};
-
 			constexpr auto required_size = sizeof(sid) + 0x10;
 			return_length.write(required_size);
 
@@ -2061,6 +2075,21 @@ namespace
 			return STATUS_SUCCESS;
 		}
 
+		if (token_information_class == TokenType)
+		{
+			constexpr auto required_size = sizeof(TOKEN_TYPE);
+			return_length.write(required_size);
+
+			if (required_size > token_information_length)
+			{
+				return STATUS_BUFFER_TOO_SMALL;
+			}
+
+			emulator_object<TOKEN_TYPE>{c.emu, token_information}.write(
+				token_handle == DUMMY_IMPERSONATION_TOKEN ? TokenImpersonation : TokenPrimary);
+			return STATUS_SUCCESS;
+		}
+
 		if (token_information_class == TokenSessionId)
 		{
 			constexpr auto required_size = sizeof(ULONG);
@@ -2151,6 +2180,25 @@ namespace
 			return STATUS_SUCCESS;
 		}
 
+		if (token_information_class == TokenIntegrityLevel)
+		{
+			constexpr auto required_size = sizeof(sid) + sizeof(TOKEN_MANDATORY_LABEL);
+			return_length.write(required_size);
+
+			if (required_size > token_information_length)
+			{
+				return STATUS_BUFFER_TOO_SMALL;
+			}
+
+			TOKEN_MANDATORY_LABEL label{};
+			label.Label.Attributes = 0;
+			label.Label.Sid = reinterpret_cast<void*>(token_information + sizeof(TOKEN_MANDATORY_LABEL));
+
+			emulator_object<TOKEN_MANDATORY_LABEL>{c.emu, token_information}.write(label);
+			c.emu.write_memory(token_information + sizeof(TOKEN_MANDATORY_LABEL), sid, sizeof(sid));
+			return STATUS_SUCCESS;
+		}
+
 		if (token_information_class == TokenBnoIsolation)
 		{
 			constexpr auto required_size = sizeof(TOKEN_BNO_ISOLATION_INFORMATION);

src/windows-emulator/windows_emulator.cpp

@@ -263,6 +263,10 @@ namespace
 			peb.HeapDeCommitFreeBlockThreshold = 0x0000000000001000;
 			peb.NumberOfHeaps = 0x00000000;
 			peb.MaximumNumberOfHeaps = 0x00000010;
+
+			peb.OSPlatformId = 2;
+			peb.OSMajorVersion = 0x0000000a;
+			peb.OSBuildNumber = 0x00006c51;
 		});
 	}