ImpersonateSecurityContext

ImpersonateSecurityContext

我正在调试一个程序,想在secur32上设置一个断点!使用windbg模拟安全上下文。我的高级windows调试书告诉我,我应该能够使用这个命令设置断点。不幸的是,我失败了。
我确实检查过我的符号路径,我相信它是正确的。如果在windbg中运行bp Secur32!ImpersonateSecurityContext,我也会得到一些符号。

000007fe`fd481f28 Secur32!LsaQueryInformationPolicy = <no type information>
000007fe`fd481b18 Secur32!_delayLoadHelper2 = <no type information>
000007fe`fd484098 Secur32!_imp_RtlFreeUnicodeString = <no type information>
000007fe`fd4870c8 Secur32!_security_cookie_complement = <no type information>
000007fe`fd484090 Secur32!_imp_wcsncpy_s = <no type information>
000007fe`fd481070 Secur32!_DllMain = <no type information>
000007fe`fd484118 Secur32!_imp_GetCurrentThreadId = <no type information>
000007fe`fd487078 Secur32!_imp_DsUnBindW = <no type information>
000007fe`fd4840b8 Secur32!_imp_RtlInitUnicodeString = <no type information>
000007fe`fd4839b0 Secur32!GetComputerObjectNameA = <no type information>
000007fe`fd481260 Secur32!SecpTranslateNameExWorker = <no type information>
000007fe`fd484058 Secur32!_imp_RtlUnicodeStringToAnsiString = <no type information>
000007fe`fd4840c0 Secur32!_imp_wcschr = <no type information>
000007fe`fd487000 Secur32!_imp_CredFree = <no type information>
000007fe`fd481e48 Secur32!_imp_load_DsUnBindW = <no type information>
000007fe`fd487a30 Secur32!g_bInitOK = <no type information>
000007fe`fd4840b0 Secur32!_imp_wcsncmp = <no type information>
000007fe`fd48302c Secur32!GetLastError = <no type information>
000007fe`fd4816d0 Secur32!memcpy = <no type information>
000007fe`fd487038 Secur32!_imp_NetpIsUserNameValid = <no type information>
000007fe`fd4840d8 Secur32!_imp_memset = <no type information>
000007fe`fd481f4c Secur32!_imp_load_LsaClose = <no type information>
000007fe`fd485b80 Secur32!_sz_netutils_dll = <no type information>
000007fe`fd481450 Secur32!SecpTranslateNameEx = <no type information>
000007fe`fd4840f0 Secur32!_imp_UnhandledExceptionFilter = <no type information>
000007fe`fd484070 Secur32!_imp_RtlCopyUnicodeString = <no type information>
000007fe`fd487058 Secur32!_imp_DsGetDcNameWithAccountW = <no type information>
000007fe`fd483080 Secur32!_GSHandlerCheckCommon = <no type information>
000007fe`fd483064 Secur32!_imp_load_DsGetDcNameWithAccountW = <no type information>
000007fe`fd487a48 Secur32!g_dwOpenCount = <no type information>
000007fe`fd481e54 Secur32!_imp_load_DsMakeSpnW = <no type information>
000007fe`fd484068 Secur32!_imp_RtlAllocateHeap = <no type information>
000007fe`fd484008 Secur32!_imp_iswdigit = <no type information>
000007fe`fd483058 Secur32!_imp_load_CredFree = <no type information>
000007fe`fd484138 Secur32!_imp_LoadLibraryExA = <no type information>
000007fe`fd4870e0 Secur32!_hmod__logoncli_dll = <no type information>
000007fe`fd481db4 Secur32!_tailMerge_NTDSAPI_dll = <no type information>
000007fe`fd485b70 Secur32!_sz_ADVAPI32_dll = <no type information>
000007fe`fd4840f8 Secur32!_imp_GetCurrentProcess = <no type information>
000007fe`fd481030 Secur32!DllMain = <no type information>
000007fe`fd484020 Secur32!_imp_RtlCaptureContext = <no type information>
000007fe`fd481c10 Secur32!GetProcAddress = <no type information>
000007fe`fd484158 Secur32!_imp_GetLastError = <no type information>
000007fe`fd4830ec Secur32!_GSHandlerCheck = <no type information>
000007fe`fd482240 Secur32!SecpTranslateName = <no type information>
000007fe`fd484038 Secur32!_imp_NtMapViewOfSection = <no type information>
000007fe`fd484110 Secur32!_imp_GetCurrentProcessId = <no type information>
000007fe`fd487010 Secur32!_imp_LsaQueryInformationPolicy = <no type information>
000007fe`fd484060 Secur32!_imp_RtlFreeHeap = <no type information>
000007fe`fd481d9c Secur32!_imp_load_CredUnmarshalCredentialW = <no type information>
000007fe`fd481150 Secur32!CredParseUserNameWithType = <no type information>
000007fe`fd483020 Secur32!wcsncpy_s = <no type information>
000007fe`fd484140 Secur32!_imp_FreeLibrary = <no type information>
000007fe`fd481e3c Secur32!_imp_load_DsFreeNameResultW = <no type information>
000007fe`fd481f70 Secur32!GetComputerObjectNameW = <no type information>
000007fe`fd4819b0 Secur32!StringCchCatNW = <no type information>
000007fe`fd484000 Secur32!_imp_iswspace = <no type information>
000007fe`fd481f14 Secur32!_imp_load_LsaQueryInformationPolicy = <no type information>
000007fe`fd484160 Secur32!_imp_SetLastError = <no type information>
000007fe`fd483320 Secur32!CloseLsaPerformanceData = <no type information>
000007fe`fd481da8 Secur32!_imp_load_NetpIsUserNameValid = <no type information>
000007fe`fd4870d8 Secur32!_hmod__netutils_dll = <no type information>
000007fe`fd484080 Secur32!_imp_RtlEqualUnicodeString = <no type information>
000007fe`fd4841a0 Secur32!$$VProc_ImageExportDirectory = <no type information>
000007fe`fd487068 Secur32!_imp_DsFreeNameResultW = <no type information>
000007fe`fd481c98 Secur32!_tailMerge_ADVAPI32_dll = <no type information>
000007fe`fd484100 Secur32!_imp_TerminateProcess = <no type information>
000007fe`fd481d14 Secur32!_tailMerge_netutils_dll = <no type information>
000007fe`fd487088 Secur32!_imp_DsMakeSpnW = <no type information>
000007fe`fd485b90 Secur32!_sz_logoncli_dll = <no type information>
000007fe`fd484078 Secur32!_imp_RtlNtStatusToDosError = <no type information>
000007fe`fd481e70 Secur32!_imp_load_DsGetDcNameW = <no type information>
000007fe`fd4831f0 Secur32!IsNumberInUnicodeList = <no type information>
000007fe`fd4820a0 Secur32!GetFullMachineName = <no type information>
000007fe`fd484120 Secur32!_imp_GetTickCount = <no type information>
000007fe`fd485bc0 Secur32!_sz_NTDSAPI_dll = <no type information>
000007fe`fd4870d0 Secur32!_hmod__ADVAPI32_dll = <no type information>
000007fe`fd487040 Secur32!_imp_NetApiBufferFree = <no type information>
000007fe`fd483380 Secur32!OpenLsaPerformanceData = <no type information>
000007fe`fd481c1c Secur32!LoadLibraryExA = <no type information>
000007fe`fd487018 Secur32!_imp_LsaFreeMemory = <no type information>
000007fe`fd4840a8 Secur32!_imp_RtlCreateUnicodeString = <no type information>
000007fe`fd485ae8 Secur32!_DELAY_IMPORT_DESCRIPTOR_netutils_dll = <no type information>
000007fe`fd482210 Secur32!_security_check_cookie = <no type information>
000007fe`fd484170 Secur32!_imp_GetProcAddress = <no type information>
000007fe`fd481d90 Secur32!_imp_load_NetApiBufferFree = <no type information>
000007fe`fd485a40 Secur32!_pfnDefaultDliNotifyHook2 = <no type information>
000007fe`fd484108 Secur32!_imp_GetSystemTimeAsFileTime = <no type information>
000007fe`fd484180 Secur32!_imp_LocalAlloc = <no type information>
000007fe`fd484130 Secur32!_imp_DelayLoadFailureHook = <no type information>
000007fe`fd484050 Secur32!_imp_RtlInitAnsiString = <no type information>
000007fe`fd485b08 Secur32!_DELAY_IMPORT_DESCRIPTOR_logoncli_dll = <no type information>
000007fe`fd4870e8 Secur32!_hmod__NTDSAPI_dll = <no type information>
000007fe`fd4834d0 Secur32!CollectLsaPerformanceData = <no type information>
000007fe`fd481e7c Secur32!_tailMerge_logoncli_dll = <no type information>
000007fe`fd483830 Secur32!TranslateNameA = <no type information>
000007fe`fd487780 Secur32!LsaSystemwideDataDefinition = <no type information>
000007fe`fd4879a0 Secur32!LsaPerProcDataDefinition = <no type information>
000007fe`fd487020 Secur32!_imp_LsaClose = <no type information>
000007fe`fd484148 Secur32!_imp_lstrcmpW = <no type information>
000007fe`fd481f0c Secur32!LsaOpenPolicy = <no type information>
000007fe`fd487070 Secur32!_imp_DsCrackNamesW = <no type information>
000007fe`fd487028 Secur32!_imp_CredUnmarshalCredentialW = <no type information>
000007fe`fd483038 Secur32!FreeLibrary = <no type information>
000007fe`fd487a40 Secur32!g_hLsaSharedMemory = <no type information>
000007fe`fd484088 Secur32!_imp_RtlGetNtProductType = <no type information>
000007fe`fd484188 Secur32!_imp_DisableThreadLibraryCalls = <no type information>
000007fe`fd484028 Secur32!_imp_NtClose = <no type information>
000007fe`fd485a40 Secur32!_pfnDliNotifyHook2 = <no type information>
000007fe`fd484018 Secur32!_imp_RtlLookupFunctionEntry = <no type information>
000007fe`fd484128 Secur32!_imp_QueryPerformanceCounter = <no type information>
000007fe`fd484030 Secur32!_imp_NtUnmapViewOfSection = <no type information>
000007fe`fd481f30 Secur32!_imp_load_LsaFreeMemory = <no type information>
000007fe`fd484048 Secur32!_imp_RtlAnsiStringToUnicodeString = <no type information>
000007fe`fd4840c8 Secur32!_imp_RtlVirtualUnwind = <no type information>
000007fe`fd4840d0 Secur32!_imp_wcsrchr = <no type information>
000007fe`fd4816e0 Secur32!SecpFreeMemory = <no type information>
000007fe`fd48124c Secur32!NetpIsUserNameValid = <no type information>
000007fe`fd484168 Secur32!_imp_GetModuleHandleW = <no type information>
000007fe`fd487008 Secur32!_imp_LsaOpenPolicy = <no type information>
000007fe`fd481f60 Secur32!LsaClose = <no type information>
000007fe`fd487050 Secur32!_imp_DsGetDcNameW = <no type information>
000007fe`fd4837e0 Secur32!TranslateNameW = <no type information>
000007fe`fd485ac8 Secur32!_DELAY_IMPORT_DESCRIPTOR_ADVAPI32_dll = <no type information>
000007fe`fd487680 Secur32!HotPatchBuffer = <no type information>
000007fe`fd4840e0 Secur32!_imp_memcpy = <no type information>
000007fe`fd484150 Secur32!_imp_GetComputerNameW = <no type information>
000007fe`fd4870c0 Secur32!_security_cookie = <no type information>
000007fe`fd484178 Secur32!_imp_LocalFree = <no type information>
000007fe`fd484040 Secur32!_imp_NtOpenSection = <no type information>
000007fe`fd481e60 Secur32!_imp_load_DsBindWithSpnExW = <no type information>
000007fe`fd484190 Secur32!_imp_SetUnhandledExceptionFilter = <no type information>
000007fe`fd4816c4 Secur32!NetApiBufferFree = <no type information>
000007fe`fd484010 Secur32!_imp__itow = <no type information>
000007fe`fd483050 Secur32!DelayLoadFailureHook = <no type information>
000007fe`fd4810a0 Secur32!_security_init_cookie = <no type information>
000007fe`fd4840a0 Secur32!_imp_RtlUpcaseUnicodeString = <no type information>
000007fe`fd485b28 Secur32!_DELAY_IMPORT_DESCRIPTOR_NTDSAPI_dll = <no type information>
000007fe`fd481e30 Secur32!_imp_load_DsCrackNamesW = <no type information>
000007fe`fd482f20 Secur32!_report_gsfailure = <no type information>
000007fe`fd481ef8 Secur32!_imp_load_LsaOpenPolicy = <no type information>
000007fe`fd481730 Secur32!ConstructSPN = <no type information>
000007fe`fd481f44 Secur32!LsaFreeMemory = <no type information>
000007fe`fd487660 Secur32!DsNameErrorMap = <no type information>
000007fe`fd487a38 Secur32!g_pCounterBlock = <no type information>
000007fe`fd487080 Secur32!_imp_DsBindWithSpnExW = <no type information>
000007fe`fd4832a0 Secur32!GetQueryType = <no type information>
000007fe`fd481010 Secur32!DllMainCRTStartupForGS2 = <no type information>
000007fe`fd481c90 Secur32!memset = <no type information>

我只是在那里找不到符号。所以,我想这就是为什么我不能设定一个断点的原因。MSDN确实声称x Secur32!*位于Secur32!ImpersonateSecurityContext内部。我不敢相信微软故意去掉这个符号,因为它是一个如此流行的功能,以至于许多程序都在使用它。我一定错过了一些简单的东西。
有什么想法吗?

最佳答案

别无助。你已经有工具了。
如果您已经在调试一个调用ImpersonateSecurityContext的程序,那么找到对ImpersonateSecurityContext的调用,并查看call指令的目标是什么。
如果你没有一个调用ImpersonateSecurityContext的程序,那么去做一个。

#include <windows.h>
#include <security.h>
int __cdecl main(int, char **)
{
    ImpersonateSecurityContext(NULL);
    return 0;
}

编译这个程序,在ImpersonateSecurityContext调用上设置一个断点,然后运行它。当断点命中时,只需一步查看它将带到哪里。这就是ImpersonateSecurityContext所在的位置。

关于windows - 在Secur32!ImpersonateSecurityContext上设置断点,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/8003107/

10-09 13:21