我一直致力于为 Windows 10 实现自定义身份验证包。阅读以下 Windows 文档后https://msdn.microsoft.com/en-us/library/windows/desktop/aa374731(v=vs.85).aspx #functions_implemented_by_authentication_packages 我实现了 auth 包所需的方法。我为 auth 包实现编写的代码:
LSA_DISPATCH_TABLE DispatchTable;
NTSTATUS NTAPI
LsaApCallPackagePassthrough(IN PLSA_CLIENT_REQUEST ClientRequest,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferLength,
OUT PVOID *ProtocolReturnBuffer,
OUT PULONG ReturnBufferLength,
OUT PNTSTATUS ProtocolStatus);
NTSTATUS NTAPI
LsaApCallPackage(
IN PLSA_CLIENT_REQUEST ClientRequest,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferLength,
OUT PVOID *ProtocolReturnBuffer,
OUT PULONG ReturnBufferLength,
OUT PNTSTATUS ProtocolStatus
);
NTSTATUS
NTAPI
LsaApCallPackageUntrusted(IN PLSA_CLIENT_REQUEST ClientRequest,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferLength,
OUT PVOID *ProtocolReturnBuffer,
OUT PULONG ReturnBufferLength,
OUT PNTSTATUS ProtocolStatus);
NTSTATUS LsaApInitializePackage(
_In_ ULONG AuthenticationPackageId,
_In_ PLSA_DISPATCH_TABLE LsaDispatchTable,
_In_opt_ PLSA_STRING Database,
_In_opt_ PLSA_STRING Confidentiality,
_Out_ PLSA_STRING *AuthenticationPackageName
);
VOID NTAPI
LsaApLogonTerminated(
IN PLUID LogonId
);
NTSTATUS NTAPI
LsaApLogonUserEx(
IN PLSA_CLIENT_REQUEST ClientRequest,
IN SECURITY_LOGON_TYPE LogonType,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferSize,
OUT PVOID *ProfileBuffer,
OUT PULONG ProfileBufferSize,
OUT PLUID LogonId,
OUT PNTSTATUS SubStatus,
OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
OUT PVOID *TokenInformation,
OUT PUNICODE_STRING *AccountName,
OUT PUNICODE_STRING *AuthenticatingAuthority,
OUT PUNICODE_STRING *MachineName
);
NTSTATUS NTAPI
LsaApLogonUser(
IN PLSA_CLIENT_REQUEST ClientRequest,
IN SECURITY_LOGON_TYPE LogonType,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferSize,
OUT PVOID *ProfileBuffer,
OUT PULONG ProfileBufferSize,
OUT PLUID LogonId,
OUT PNTSTATUS SubStatus,
OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
OUT PVOID *TokenInformation,
OUT PUNICODE_STRING *AccountName,
OUT PUNICODE_STRING *AuthenticatingAuthority,
OUT PUNICODE_STRING *MachineName
);
NTSTATUS NTAPI
LsaApLogonUserEx2(
IN PLSA_CLIENT_REQUEST ClientRequest,
IN SECURITY_LOGON_TYPE LogonType,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferSize,
OUT PVOID *ProfileBuffer,
OUT PULONG ProfileBufferSize,
OUT PLUID LogonId,
OUT PNTSTATUS SubStatus,
OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
OUT PVOID *TokenInformation,
OUT PUNICODE_STRING *AccountName,
OUT PUNICODE_STRING *AuthenticatingAuthority,
OUT PUNICODE_STRING *MachineName
);
NTSTATUS NTAPI
LsaApCallPackagePassthrough(IN PLSA_CLIENT_REQUEST ClientRequest,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferLength,
OUT PVOID *ProtocolReturnBuffer,
OUT PULONG ReturnBufferLength,
OUT PNTSTATUS ProtocolStatus)
{
ofstream myfile;
myfile.open("C:/Users/administrator.LEO/Desktop/InItPack.txt",std::ofstream::app);
myfile << "LsaApCallPackagePassthrough.\n";
myfile.close();
return STATUS_NOT_IMPLEMENTED;
}
NTSTATUS NTAPI
LsaApCallPackage(
IN PLSA_CLIENT_REQUEST ClientRequest,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferLength,
OUT PVOID *ProtocolReturnBuffer,
OUT PULONG ReturnBufferLength,
OUT PNTSTATUS ProtocolStatus
)
{
ofstream myfile;
myfile.open("C:/Users/administrator.LEO/Desktop/InItPack.txt", std::ofstream::app);
myfile << "LsaApCallPackage.\n";
myfile.close();
ULONG MessageType;
//
// Get the messsage type from the protocol submit buffer.
//
if (SubmitBufferLength < sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE)) {
return STATUS_INVALID_PARAMETER;
}
MessageType =
(ULONG) *((PMSV1_0_PROTOCOL_MESSAGE_TYPE)(ProtocolSubmitBuffer));
/*if (MessageType >=
(sizeof(MspCallPackageDispatch) / sizeof(MspCallPackageDispatch[0]))) {
return STATUS_INVALID_PARAMETER;
}*/
//
// Allow the dispatch routines to only set the return buffer information
// on success conditions.
//
*ProtocolReturnBuffer = NULL;
*ReturnBufferLength = 0;
//
// Call the appropriate routine for this message.
//
return STATUS_NOT_IMPLEMENTED;
}
NTSTATUS
NTAPI NTAPI
LsaApCallPackageUntrusted(IN PLSA_CLIENT_REQUEST ClientRequest,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferLength,
OUT PVOID *ProtocolReturnBuffer,
OUT PULONG ReturnBufferLength,
OUT PNTSTATUS ProtocolStatus)
{
ofstream myfile;
myfile.open("C:/Users/administrator.LEO/Desktop/InItPack.txt", std::ofstream::app);
myfile << "LsaApCallPackageUntrusted.\n";
myfile.close();
return STATUS_NOT_IMPLEMENTED;
}
NTSTATUS NTAPI LsaApInitializePackage(
_In_ ULONG AuthenticationPackageId,
_In_ PLSA_DISPATCH_TABLE LsaDispatchTable,
_In_opt_ PLSA_STRING Database,
_In_opt_ PLSA_STRING Confidentiality,
_Out_ PLSA_STRING *AuthenticationPackageName
)
{
ofstream myfile;
myfile.open("C:/Users/administrator.LEO/Desktop/InItPack.txt",std::ofstream::app);
myfile << "Call.\n";
myfile.close();
PLSA_STRING name = NULL;
//
// Use the process heap for memory allocations.
//
//
// Save our assigned authentication package ID.
//
DispatchTable.CreateLogonSession = LsaDispatchTable->CreateLogonSession;
DispatchTable.DeleteLogonSession = LsaDispatchTable->DeleteLogonSession;
DispatchTable.AddCredential = LsaDispatchTable->AddCredential;
DispatchTable.GetCredentials = LsaDispatchTable->GetCredentials;
DispatchTable.DeleteCredential = LsaDispatchTable->DeleteCredential;
DispatchTable.AllocateLsaHeap = LsaDispatchTable->AllocateLsaHeap;
DispatchTable.FreeLsaHeap = LsaDispatchTable->FreeLsaHeap;
DispatchTable.AllocateClientBuffer = LsaDispatchTable->AllocateClientBuffer;
DispatchTable.FreeClientBuffer = LsaDispatchTable->FreeClientBuffer;
DispatchTable.CopyToClientBuffer = LsaDispatchTable->CopyToClientBuffer;
DispatchTable.CopyFromClientBuffer = LsaDispatchTable->CopyFromClientBuffer;
name = (LSA_STRING *)LsaDispatchTable->AllocateLsaHeap(sizeof *name);
name->Buffer = (char *)LsaDispatchTable->AllocateLsaHeap(sizeof("SubAuth") + 1);
name->Length = sizeof("SubAuth") - 1;
name->MaximumLength = sizeof("SubAuth");
strcpy_s(name->Buffer, sizeof("SubAuth") + 1, "SubAuth");
(*AuthenticationPackageName) = name;
/*(*AuthenticationPackageName) = (LSA_STRING *)
LsaDispatchTable->AllocateLsaHeap(sizeof(LSA_STRING));
if (NULL != (*AuthenticationPackageName))
{
ofstream myfile;
myfile.open("C:/Users/administrator.LEO/Desktop/InItPack.txt", std::ofstream::app);
myfile << "FirstBoolTrue.\n";
myfile.close();
(*AuthenticationPackageName)->Buffer = (char *)
LsaDispatchTable->AllocateLsaHeap((ULONG)strlen
("SubAuth") + 1);
if (NULL != (*AuthenticationPackageName)->Buffer)
{
ofstream myfile;
myfile.open("C:/Users/administrator.LEO/Desktop/InItPack.txt", std::ofstream::app);
myfile << "SecondBoolTrue.\n";
myfile.close();
(*AuthenticationPackageName)->Length =
strlen("SubAuth");
(*AuthenticationPackageName)->MaximumLength =
strlen("SubAuth") + 1;
strcpy(
(*AuthenticationPackageName)->Buffer,
"SubAuth");
return STATUS_SUCCESS;
}
}*/
return STATUS_SUCCESS;
}
VOID NTAPI
LsaApLogonTerminated(
IN PLUID LogonId
)
{
ofstream myfile;
myfile.open("C:/Users/administrator.LEO/Desktop/InItPack.txt", std::ofstream::app);
myfile << "LsaApLogonTerminated.\n";
myfile.close();
}
NTSTATUS NTAPI
LsaApLogonUserEx(
IN PLSA_CLIENT_REQUEST ClientRequest,
IN SECURITY_LOGON_TYPE LogonType,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferSize,
OUT PVOID *ProfileBuffer,
OUT PULONG ProfileBufferSize,
OUT PLUID LogonId,
OUT PNTSTATUS SubStatus,
OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
OUT PVOID *TokenInformation,
OUT PUNICODE_STRING *AccountName,
OUT PUNICODE_STRING *AuthenticatingAuthority,
OUT PUNICODE_STRING *MachineName
){
ofstream myfile;
myfile.open("C:/Users/administrator.LEO/Desktop/InItPack.txt", std::ofstream::app);
myfile << "LsaApLogonUserEx.\n";
myfile.close();
return STATUS_SUCCESS;
}
NTSTATUS NTAPI
LsaApLogonUser(
IN PLSA_CLIENT_REQUEST ClientRequest,
IN SECURITY_LOGON_TYPE LogonType,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferSize,
OUT PVOID *ProfileBuffer,
OUT PULONG ProfileBufferSize,
OUT PLUID LogonId,
OUT PNTSTATUS SubStatus,
OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
OUT PVOID *TokenInformation,
OUT PUNICODE_STRING *AccountName,
OUT PUNICODE_STRING *AuthenticatingAuthority,
OUT PUNICODE_STRING *MachineName
) {
ofstream myfile;
myfile.open("C:/Users/administrator.LEO/Desktop/InItPack.txt", std::ofstream::app);
myfile << "LsaApLogonUser.\n";
myfile.close();
return STATUS_SUCCESS;
}
NTSTATUS NTAPI
LsaApLogonUserEx2(
IN PLSA_CLIENT_REQUEST ClientRequest,
IN SECURITY_LOGON_TYPE LogonType,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferSize,
OUT PVOID *ProfileBuffer,
OUT PULONG ProfileBufferSize,
OUT PLUID LogonId,
OUT PNTSTATUS SubStatus,
OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
OUT PVOID *TokenInformation,
OUT PUNICODE_STRING *AccountName,
OUT PUNICODE_STRING *AuthenticatingAuthority,
OUT PUNICODE_STRING *MachineName
) {
ofstream myfile;
myfile.open("C:/Users/administrator.LEO/Desktop/InItPack.txt", std::ofstream::app);
myfile << "LsaApLogonUserEx2.\n";
myfile.close();
return STATUS_SUCCESS;
}
我的 Def 文件:
LIBRARY SUBAUTH
EXPORTS
LsaApInitializePackage
LsaApCallPackage
LsaApCallPackagePassthrough
LsaApCallPackageUntrusted
LsaApLogonTerminated
LsaApLogonUserEx
但问题是,当我将包的 dll 放在 system32 中并在Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa下的注册表项值“Authentication packages”中注册包并重新启动计算机时,我的包被初始化但是当我登录,我实现的包登录方法没有被调用,尽管在会话终止时LsaApLogonTerminated被调用。我还实现了一个自定义凭据提供程序,在其中查找我的身份验证包,提供程序成功找到它,但没有调用登录例程。
谁能指导我我在这里做错了什么?