c# - Prevent WNetAddConnection2 class which allows prohibited user to access shared folder -

-

i had developed c# windows application. os windows 7

requirement: access network shared folder ‘test’ using code credentials using wnetaddconnection2 class.

restriction: users has access of shared folder ‘test’, other user,‘deny’ sharing permission set.

in code wnetaddconnection2 validates wrong username/password, give me error.

for example

‘user a’ lan trying access shared folder ‘test’ using run command, not able access ‘access denied’ because has not permission.

but issue wnetaddconnection2 class allows ‘user a’ establish network connection successfully. infect “wnetaddconnection2 allows users domain”. class validating access rights.

code is

private void btnvalidate_click(object sender, eventargs e)      {          bool valid = false;          try          {                            networkcredential nc = new networkcredential(txtusername.text.trim(), txtpassword.text.trim());             }          catch (exception ex)          {              messagebox.show(ex.message.tostring());          }      }  public class networkconnection : idisposable  {      string _networkname;      uint dwflags;      public networkconnection(string networkname, networkcredential credentials)      {          _networkname = networkname;           var netresource = new netresource()          {              scope = resourcescope.globalnetwork,              resourcetype = resourcetype.disk,              displaytype = resourcedisplaytype.share,              remotename = networkname          };           var username = string.isnullorempty(credentials.domain)              ? credentials.username              : string.format(@"{0}\{1}", credentials.domain, credentials.username);           var result = wnetaddconnection2(netresource,"","",0x00000008 | 0x00000010);           if (result != 0)          {              string strerrmsg = "";              if (result == 67)              {                  strerrmsg = "the network name cannot found.";              }              if (result == 86)              {                  strerrmsg = "invalid username or password probiz server";              }              else if (result == 1219)              {                  strerrmsg = "multiple connections server or shared resource same user, using more 1 user name, not allowed.close application disconnect previous connections server or shared resource , try again.";              }               throw new win32exception(result, "error connecting "+networkname+" remote share.error code:"+result.tostring()+"."+strerrmsg);          }          else          {              messagebox.show("test connection successful "+ networkname);          }      }       ~networkconnection()      {          dispose(false);      }       public void dispose()      {          dispose(true);          gc.suppressfinalize(this);      }       protected virtual void dispose(bool disposing)      {          wnetcancelconnection2(_networkname,  1, true  );          var command = "net use  /delete *";          executecommand(command, 5000);       }      public static int executecommand(string command, int timeout)      {          var processinfo = new processstartinfo("cmd.exe", "/c " + command)          {              createnowindow = true,              useshellexecute = false,              workingdirectory = "c:\\",          };           var process = process.start(processinfo);          process.waitforexit(timeout);          var exitcode = process.exitcode;          process.close();          return exitcode;      }        [dllimport("mpr.dll")]      private static extern int wnetaddconnection2(netresource netresource,          string password, string username, int flags);       [dllimport("mpr.dll")]      private static extern int wnetcancelconnection2(string name, int flags,          bool force);  }   [structlayout(layoutkind.sequential)]  public class netresource  {      public resourcescope scope;      public resourcetype resourcetype;      public resourcedisplaytype displaytype;      public int usage;      public string localname;      public string remotename;      public string comment;      public string provider;  }   public enum resourcescope : int  {      connected = 1,      globalnetwork,      remembered,      recent,      context  };   public enum resourcetype : int  {      = 0,      disk = 1,      print = 2,      reserved = 8,  }   public enum resourcedisplaytype : int  {      generic = 0x0,      domain = 0x01,      server = 0x02,      share = 0x03,      file = 0x04,      group = 0x05,      network = 0x06,      root = 0x07,      shareadmin = 0x08,      directory = 0x09,      tree = 0x0a,      ndscontainer = 0x0b  }

by design, connecting share requires access to share - not require access root directory of share.

opening share via run box opens root directory of share, requires @ least read access directory share. wnetaddconnection2() api, comparison requires access share.

it has work way, because desirable give access subdirectories, not root directory. if connecting share required access root directory not possible.

after connecting share, can test access root directory attempting enumerate files. if access denied exception, user not have access.


Comments

Post a Comment

Popular posts from this blog

how to insert data php javascript mysql with multiple array session 2 -

-
i have method method discussed , successful data entered 1 when more 1 can not database this programs my php form : <form class="form-horizontal" id="form-produk"> <div class="control-group" > <label class="control-label" for="kelas">kategori</label> <div class="controls"> <select class='form-control' name='id_kategori'> <?php $tampil=mysql_query("select * kategori order nama_kategori"); if ($id_kat==0){ echo "<option value=0 selected>- pilih kategori -</option>"; } while($w=mysql_fetch_array($tampil)){ if ($id_kat==$w[id_kategori]){ echo "<option value=$w[id_kategori] selected>$w[nama_kategori]</option>"; } else{ echo "<option value=$w[id_kategori]>$...
Read more

multithreading - Exception in Application constructor -

-
i wanna write snake game javafx , there exception don't know , want know how fix it. ( know it's not complete yet ) and want know , class extends application ( start override ) main in other programs? see , here not static void main bc didn't need, if want add main shoud do? it's exeption... exception in application constructor exception in thread "main" java.lang.nosuchmethodexception: main_snake.main([ljava.lang.string;) @ java.lang.class.getmethod(class.java:1819) @ com.intellij.rt.execution.application.appmain.main(appmain.java:125) and code : import javafx.animation.animationtimer; import javafx.application.application; import javafx.event.eventhandler; import javafx.scene.scene; import javafx.scene.canvas.canvas; import javafx.scene.canvas.graphicscontext; import javafx.scene.input.keyevent; import javafx.scene.layout.borderpane; import javafx.scene.paint.color; import javafx.stage.stage; import java.util.arraylist; /** * creat...
Read more

windows - CertCreateCertificateContext returns CRYPT_E_ASN1_BADTAG / 8009310b -

-
i realize similar post others (e.g. this one ), there details missing posts might significant case. to start with, here's simplified program: #include "stdafx.h" #include <windows.h> #include <wincrypt.h> int _tmain(int argc, _tchar* argv[]) { // usage: certextract certpath char keyfile[] = "c:\\certificates\\public.crt"; byte lp[65536]; security_attributes sa; handle hkeyfile; dword bytes; pccert_context certcontext; sa.nlength = sizeof(sa); sa.lpsecuritydescriptor = null; sa.binherithandle = false; hkeyfile = createfile(keyfile, generic_read, file_share_read, &sa, open_existing, file_attribute_normal, null); if (hkeyfile) { if (readfile(hkeyfile, lp, getfilesize(hkeyfile, null), &bytes, null) && bytes > 0) { certcontext = certcreatecertificatecontext(x509_asn_encoding, lp, bytes); if (certcontext) { printf("yay...
Read more