7-Jan-2009: "CHANGE USER" OPI call
source link: https://yurichev.com/blog/15/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
7-Jan-2009: "CHANGE USER" OPI call
Regarding "BECOME USER" privilege and upicui() function (UPI Change User Id):
There's a barely known OPI call "CHANGE USER", which is similar in a way to *NIX su. It is known to be used at least by IMP utility.
A caller should be logged in as a user with "BECOME USER" privilege and call upicui() to change it.
Here is sample code that illustrates it, it uses some ancient OCI API (OCI7, if I'm correct).
Here is my sample code which calls upicui() function in current OCI API.
All we need is to convert service handle to "hst" value needed by upicui() - using internal function kpusvc2hst() - and then call upicui().
This code snippet was successfully tried under win32 10.2 and 11. Change SID, USERNAME, PASSWORD and USERNAME2 before compiling.
#include <stdio.h> #include <assert.h> #include <string.h> #include <windows.h> #include "oci.h" typedef int (__cdecl *UPICUI)(int, int, const char *, int); typedef int (__cdecl *KPUSVC2HST)(OCISvcCtx *, OCIError *, int *, int); void main(int argc, char * argv[]) { OCIEnv *myenvhp; /* the environment handle */ OCIServer *mysrvhp; /* the server handle */ OCIError *myerrhp; /* the error handle */ OCISession *myusrhp; /* user session handle */ OCISvcCtx *mysvchp; /* the service handle */ OCIStmt *stmt; OCIDefine *dfn; char buf[10240]; HMODULE oraclient; UPICUI upicui; KPUSVC2HST kpusvc2hst; int hst; #define SID "orcl" assert (OCIEnvCreate (&myenvhp, OCI_THREADED|OCI_OBJECT, 0, 0, 0, 0, 0, 0)==0); assert (OCIHandleAlloc (myenvhp, (dvoid**)&mysrvhp, OCI_HTYPE_SERVER, 0, 0)==0); assert (OCIHandleAlloc (myenvhp, (dvoid**)&myerrhp, OCI_HTYPE_ERROR, 0, 0)==0); assert (OCIServerAttach (mysrvhp, myerrhp, (const OraText *)SID, strlen (SID), OCI_DEFAULT)==0); assert (OCIHandleAlloc (myenvhp, (dvoid**)&mysvchp, OCI_HTYPE_SVCCTX, 0, 0)==0); assert (OCIAttrSet (mysvchp, OCI_HTYPE_SVCCTX, mysrvhp, 0, OCI_ATTR_SERVER, myerrhp)==0); assert (OCIHandleAlloc (myenvhp, (dvoid**)&myusrhp, OCI_HTYPE_SESSION, 0, 0)==0); assert (OCIHandleAlloc (myenvhp, (dvoid**)&stmt, OCI_HTYPE_STMT, 0, 0)==0); #define USERNAME "sys" #define PASSWORD "qq" assert (OCIAttrSet (myusrhp, OCI_HTYPE_SESSION, USERNAME, strlen(USERNAME), OCI_ATTR_USERNAME, myerrhp)==0); assert (OCIAttrSet (myusrhp, OCI_HTYPE_SESSION, PASSWORD, strlen(PASSWORD), OCI_ATTR_PASSWORD, myerrhp)==0); assert (OCISessionBegin (mysvchp, myerrhp, myusrhp, OCI_CRED_RDBMS, OCI_SYSDBA)==0); oraclient=LoadLibrary ("oraclient11.dll"); assert (oraclient!=NULL); upicui=(UPICUI)GetProcAddress (oraclient, "upicui"); assert (upicui!=NULL); kpusvc2hst=(KPUSVC2HST)GetProcAddress (oraclient, "kpusvc2hst"); assert (kpusvc2hst!=NULL); printf ("kpusvc2hst -> %d\n", (kpusvc2hst) (mysvchp, myerrhp, &hst, 1)); #define USERNAME2 "SCOTT" printf ("upicui -> %d\n", (upicui)( hst, 0, USERNAME2, strlen (USERNAME2) )); assert (OCIAttrSet (mysvchp, OCI_HTYPE_SVCCTX, myusrhp, 0, OCI_ATTR_SESSION, myerrhp)==0); #define STMT "select user from dual" assert (OCIStmtPrepare (stmt, myerrhp, (const OraText *)STMT, strlen (STMT), OCI_NTV_SYNTAX, OCI_DEFAULT)==0); assert (OCIDefineByPos (stmt, &dfn, myerrhp, 1, buf, 10240, SQLT_STR, 0, 0, 0, OCI_DEFAULT)==0); assert (OCIStmtExecute (mysvchp, stmt, myerrhp, 1, 0, NULL, NULL, OCI_DEFAULT)==0); printf ("%s\n", buf); };
Update: How to do the same in Linux: http://arkzoyd.blogspot.com/2009/02/become-user-sous-linux.html
β [list of blog posts]
Recommend
-
10
Notes from Jan 09, 2014 LIDNUG TDD, Where Did It All Go Wrong Originally posted on: GWB in February 2014. I...
-
12
Welcome to Jan Egil Ring`s blog! Feb 7, 2017 Welcome In the past, Iβve always used Wordpress for blogging. At first, I used a blog account hosted at wordpress.com before...
-
3
What's up with monomorphism? What's up with monomorphism? Vyacheslav Egorov on 11 jan 2015 Talks and blog posts about JavaScript performance often emphasize importance of...
-
8
I think I donβt have to mention much more than that a lot of fantastic information on the distant future of Swift has been shared in the last two weeks: the road to Swift 6, progress on the Function Builders proposal, and more. πππ Th...
-
10
Issue #151 16 Jan 2020 Written by: Kristaps Grinbergs The holidays are over and during that time a lot has happened. Swift 5.2 nightly builds...
-
13
Jan's Twitter Animal Threads May 12th, 2018 Since January 2017, I've done periodic animal threads on Twitter, collecting and posting interesting or amusing factlets about a given species or group of animals....
-
8
Oracle passwords (DES) solver updating to support AVX19-Jan-2011: Oracle passwords (DES) solver updating to support AVX New Advanced Vector Extensions (AVX) x86 C...
-
10
Metasploit plugin based on CVE-2009-197922-Jan-2010: Metasploit plugin based on CVE-2009-1979 Joshua J. Drake wrote metasploit plugin based on CVE-2009-1979 vulnerability discovered by me.
-
8
Still rocking this MBP 15" 2009 OldMacPro2 macrumors regular O...
-
5
Looking for schematic diagram of 27" 2009-2011 power supply, PA-2311-02A (liteOn)...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK