本文整理汇总了C++中LogonUserA函数的典型用法代码示例。如果您正苦于以下问题:C++ LogonUserA函数的具体用法?C++ LogonUserA怎么用?C++ LogonUserA使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了LogonUserA函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: printLine
void CWE319_Cleartext_Tx_Sensitive_Info__w32_char_listen_socket_82_goodG2B::action(char * password)
{
{
HANDLE pHandle;
char * username = "User";
char * domain = "Domain";
/* Use the password in LogonUser() to establish that it is "sensitive" */
/* POTENTIAL FLAW: Using sensitive information that was possibly sent in plaintext over the network */
if (LogonUserA(
username,
domain,
password,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&pHandle) != 0)
{
printLine("User logged in successfully.");
CloseHandle(pHandle);
}
else
{
printLine("Unable to login.");
}
}
}开发者ID:gpwi970725,项目名称:testJuliet2,代码行数:25,代码来源:CWE319_Cleartext_Tx_Sensitive_Info__w32_char_listen_socket_82_goodG2B.cpp
示例2: goodG2B
static void goodG2B()
{
char * password;
char passwordBuffer[100] = "";
password = passwordBuffer;
goodG2BSource(password);
{
HANDLE pHandle;
char * username = "User";
char * domain = "Domain";
/* POTENTIAL FLAW: Attempt to login user with password from the source (which may be hardcoded) */
if (LogonUserA(
username,
domain,
password,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&pHandle) != 0)
{
printLine("User logged in successfully.");
CloseHandle(pHandle);
}
else
{
printLine("Unable to login.");
}
}
}示例3: good1
/* good1() reverses the blocks on the goto statement */
static void good1()
{
goto sink;
sink:
{
size_t passwordLen = 0;
HANDLE hUser;
char * domain = "Domain";
/* Use the password in LogonUser() to establish that it is "sensitive" */
if (LogonUserA(
USERNAME,
domain,
PASSWORD,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&hUser) != 0)
{
/* FIX: do not expose username or password in comment */
/* User logged in successfully */
printLine("User logged in successfully with password" );
CloseHandle(hUser);
}
else
{
printLine("Unable to login.");
}
}
}示例4: printLine
CWE591_Sensitive_Data_Storage_in_Improperly_Locked_Memory__w32_char_83_bad::~CWE591_Sensitive_Data_Storage_in_Improperly_Locked_Memory__w32_char_83_bad()
{
{
HANDLE pHandle;
char * username = "User";
char * domain = "Domain";
/* Use the password in LogonUser() to establish that it is "sensitive" */
if (LogonUserA(
username,
domain,
password,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&pHandle) != 0)
{
printLine("User logged in successfully.");
CloseHandle(pHandle);
}
else
{
printLine("Unable to login.");
}
/* POTENTIAL FLAW: Sensitive data possibly improperly locked */
free(password);
}
}开发者ID:maurer,项目名称:tiamat,代码行数:26,代码来源:CWE591_Sensitive_Data_Storage_in_Improperly_Locked_Memory__w32_char_83_bad.cpp
示例5: goodG2BSink
/* goodG2B uses the GoodSource with the BadSink */
void goodG2BSink(map<int, char *> dataMap)
{
char * data = dataMap[2];
{
HANDLE pHandle;
char * username = "User";
char * domain = "Domain";
/* POTENTIAL FLAW: Attempt to login user with password from the source */
if (LogonUserA(
username,
domain,
data,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&pHandle) != 0)
{
printLine("User logged in successfully.");
CloseHandle(pHandle);
}
else
{
printLine("Unable to login.");
}
}
}开发者ID:gpwi970725,项目名称:testJuliet2,代码行数:26,代码来源:CWE256_Plaintext_Storage_of_Password__w32_char_74b.cpp
示例6: goodG2BSink
/* goodG2B uses the GoodSource with the BadSink */
void goodG2BSink(map<int, char *> passwordMap)
{
char * password = passwordMap[2];
{
HANDLE pHandle;
char * username = "User";
char * domain = "Domain";
/* Use the password in LogonUser() to establish that it is "sensitive" */
/* POTENTIAL FLAW: Using sensitive information that was possibly sent in plaintext over the network */
if (LogonUserA(
username,
domain,
password,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&pHandle) != 0)
{
printLine("User logged in successfully.");
CloseHandle(pHandle);
}
else
{
printLine("Unable to login.");
}
}
}开发者ID:gpwi970725,项目名称:testJuliet2,代码行数:27,代码来源:CWE319_Cleartext_Tx_Sensitive_Info__w32_char_connect_socket_74b.cpp
示例7: pacifica_switch_process_user
int pacifica_switch_process_user(char *user, char *pw, char *program)
{
DWORD len;
HANDLE token;
PROCESS_INFORMATION pi;
STARTUPINFOA si;
memset(&si, 0, sizeof(STARTUPINFO));
si.cb = sizeof(STARTUPINFO);
si.lpDesktop = "";
//FIXME Still need to pull this out of storage somehow...
int res = LogonUserA(user, ".", pw, LOGON32_LOGON_SERVICE, LOGON32_PROVIDER_DEFAULT, &token);
if(res == 0)
{
return GetLastError();
}
res = CreateProcessAsUserA(token, NULL, program, NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi);
if(res == 0)
{
return GetLastError();
}
res = WaitForSingleObject(pi.hProcess, INFINITE);
if(res == 0)
{
return GetLastError();
}
res = GetExitCodeProcess(pi.hProcess, &len);
if(res == 0)
{
return GetLastError();
}
return 0;
}示例8: CWE615_Info_Exposure_by_Comment__w32_18_bad
void CWE615_Info_Exposure_by_Comment__w32_18_bad()
{
goto sink;
sink:
{
size_t passwordLen = 0;
HANDLE hUser;
char * domain = "Domain";
/* Use the password in LogonUser() to establish that it is "sensitive" */
if (LogonUserA(
USERNAME,
domain,
PASSWORD,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&hUser) != 0)
{
/* FLAW: expose username and password in comment*/
/* Logged in XXXXX Smith using password ABCD1234 */
printLine("User logged in successfully" );
CloseHandle(hUser);
}
else
{
printLine("Unable to login.");
}
}
}示例9: good1
/* good1() uses if(GLOBAL_CONST_FALSE) instead of if(GLOBAL_CONST_TRUE) */
static void good1()
{
if(GLOBAL_CONST_FALSE)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
{
char * password = (char *)malloc(100*sizeof(char));
if (password == NULL) {exit(-1);}
size_t passwordLen = 0;
HANDLE hUser;
char * username = "User";
char * domain = "Domain";
/* Initialize password */
password[0] = '\0';
if (fgets(password, 100, stdin) == NULL)
{
printLine("fgets() failed");
/* Restore NUL terminator if fgets fails */
password[0] = '\0';
}
/* Remove the carriage return from the string that is inserted by fgets() */
passwordLen = strlen(password);
if (passwordLen > 0)
{
password[passwordLen-1] = '\0';
}
/* Use the password in LogonUser() to establish that it is "sensitive" */
if (LogonUserA(
username,
domain,
password,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&hUser) != 0)
{
printLine("User logged in successfully.");
CloseHandle(hUser);
}
else
{
printLine("Unable to login.");
}
/* FIX: Zeroize the password buffer before reallocating it */
SecureZeroMemory(password, 100 * sizeof(char));
password = realloc(password, 200 * sizeof(char));
if (password == NULL) {exit(-1);}
/* Use the password buffer again */
strcpy(password, "Nothing to see here");
printLine(password);
free(password);
}
}
}示例10: CWE244_Heap_Inspection__w32_char_realloc_09_bad
void CWE244_Heap_Inspection__w32_char_realloc_09_bad()
{
if(GLOBAL_CONST_TRUE)
{
{
char * password = (char *)malloc(100*sizeof(char));
if (password == NULL) {exit(-1);}
size_t passwordLen = 0;
HANDLE hUser;
char * username = "User";
char * domain = "Domain";
/* Initialize password */
password[0] = '\0';
if (fgets(password, 100, stdin) == NULL)
{
printLine("fgets() failed");
/* Restore NUL terminator if fgets fails */
password[0] = '\0';
}
/* Remove the carriage return from the string that is inserted by fgets() */
passwordLen = strlen(password);
if (passwordLen > 0)
{
password[passwordLen-1] = '\0';
}
/* Use the password in LogonUser() to establish that it is "sensitive" */
if (LogonUserA(
username,
domain,
password,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&hUser) != 0)
{
printLine("User logged in successfully.");
CloseHandle(hUser);
}
else
{
printLine("Unable to login.");
}
/* FLAW: reallocate password without clearing the password buffer
* which could leave a copy of the password in memory */
password = realloc(password, 200 * sizeof(char));
if (password == NULL) {exit(-1);}
/* Zeroize the password */
SecureZeroMemory(password, 200 * sizeof(char));
/* Use the password buffer again */
strcpy(password, "Nothing to see here");
printLine(password);
free(password);
}
}
}示例11: good1
/* good1() uses if(STATIC_CONST_FALSE) instead of if(STATIC_CONST_TRUE) */
static void good1()
{
if(STATIC_CONST_FALSE)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
{
char password[100] = "";
size_t passwordLen = 0;
HANDLE pHandle;
char * username = "User";
char * domain = "Domain";
FILE * pFile = fopen("debug.txt", "a+");
if (fgets(password, 100, stdin) == NULL)
{
printLine("fgets() failed");
/* Restore NUL terminator if fgets fails */
password[0] = '\0';
}
/* Remove the carriage return from the string that is inserted by fgets() */
passwordLen = strlen(password);
if (passwordLen > 0)
{
password[passwordLen-1] = '\0';
}
/* Use the password in LogonUser() to establish that it is "sensitive" */
if (LogonUserA(
username,
domain,
password,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&pHandle) != 0)
{
printLine("User logged in successfully.");
CloseHandle(pHandle);
}
else
{
printLine("Unable to login.");
}
/* FIX: Do not write sensitive data to the log */
fprintf(pFile, "User attempted access\n");
if (pFile)
{
fclose(pFile);
}
}
}
}示例12: good1
/* good1() uses if(globalReturnsFalse()) instead of if(globalReturnsTrue()) */
static void good1()
{
if(globalReturnsFalse())
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
{
char * password = (char *)malloc(100*sizeof(char));
size_t passwordLen = 0;
HANDLE hUser;
char * username = "User";
char * domain = "Domain";
/* Initialize password */
password[0] = '\0';
if (fgets(password, 100, stdin) == NULL)
{
printLine("fgets() failed");
/* Restore NUL terminator if fgets fails */
password[0] = '\0';
}
/* Remove the carriage return from the string that is inserted by fgets() */
passwordLen = strlen(password);
if (passwordLen > 0)
{
password[passwordLen-1] = '\0';
}
/* Use the password in LogonUser() to establish that it is "sensitive" */
if (LogonUserA(
username,
domain,
password,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&hUser) != 0)
{
printLine("User logged in successfully.");
CloseHandle(hUser);
}
else
{
printLine("Unable to login.");
}
passwordLen = strlen(password);
/* FIX: Clear password prior to freeing */
SecureZeroMemory(password, passwordLen * sizeof(char));
free(password);
}
}
}示例13: goodG2B1
/* goodG2B1() - use goodsource and badsink by changing the globalReturnsTrue() to globalReturnsFalse() */
static void goodG2B1()
{
char * password;
/* Initialize Data */
password = "";
if(globalReturnsFalse())
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
password = (char *)malloc(100*sizeof(char));
if (password == NULL)
{
printLine("Memory could not be allocated");
exit(1);
}
/* FIX: Use VirtualLock() to lock the buffer into memory */
if(!VirtualLock(password, 100*sizeof(char)))
{
printLine("Memory could not be locked");
exit(1);
}
/* INCIDENTAL FLAW: CWE-259 Hardcoded Password */
strcpy(password, "Password1234!");
}
{
HANDLE pHandle;
char * username = "User";
char * domain = "Domain";
/* Use the password in LogonUser() to establish that it is "sensitive" */
if (LogonUserA(
username,
domain,
password,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&pHandle) != 0)
{
printLine("User logged in successfully.");
CloseHandle(pHandle);
}
else
{
printLine("Unable to login.");
}
/* POTENTIAL FLAW: Sensitive data possibly improperly locked */
free(password);
}
}开发者ID:maurer,项目名称:tiamat,代码行数:52,代码来源:CWE591_Sensitive_Data_Storage_in_Improperly_Locked_Memory__w32_char_11.c
示例14: CWE256_Plaintext_Storage_of_Password__w32_char_04_bad
void CWE256_Plaintext_Storage_of_Password__w32_char_04_bad()
{
char * data;
char dataBuffer[100] = "";
data = dataBuffer;
if(STATIC_CONST_TRUE)
{
{
FILE *pFile;
pFile = fopen("passwords.txt", "r");
if (pFile != NULL)
{
/* POTENTIAL FLAW: Read the password from a file */
if (fgets(data, 100, pFile) == NULL)
{
data[0] = '\0';
}
fclose(pFile);
}
else
{
data[0] = '\0';
}
}
}
if(STATIC_CONST_TRUE)
{
{
HANDLE pHandle;
char * username = "User";
char * domain = "Domain";
/* POTENTIAL FLAW: Attempt to login user with password from the source */
if (LogonUserA(
username,
domain,
data,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&pHandle) != 0)
{
printLine("User logged in successfully.");
CloseHandle(pHandle);
}
else
{
printLine("Unable to login.");
}
}
}
}示例15: CWE535_Info_Exposure_Shell_Error__w32_char_15_bad
void CWE535_Info_Exposure_Shell_Error__w32_char_15_bad()
{
switch(6)
{
case 6:
{
char password[100] = "";
size_t passwordLen = 0;
HANDLE pHandle;
char * username = "User";
char * domain = "Domain";
if (fgets(password, 100, stdin) == NULL)
{
printLine("fgets() failed");
/* Restore NUL terminator if fgets fails */
password[0] = '\0';
}
/* Remove the carriage return from the string that is inserted by fgets() */
passwordLen = strlen(password);
if (passwordLen > 0)
{
password[passwordLen-1] = '\0';
}
/* Use the password in LogonUser() to establish that it is "sensitive" */
if (LogonUserA(
username,
domain,
password,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
&pHandle) != 0)
{
printLine("User logged in successfully.");
CloseHandle(pHandle);
}
else
{
printLine("Unable to login.");
}
/* FLAW: Write sensitive data to stderr */
fprintf(stderr, "User attempted access with password: %s\n", password);
}
break;
default:
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
break;
}
}