pkg security

pkg/security - Security Descriptors, ACLs & SIDs

Parse, manipulate, and serialize Windows security descriptors, access control lists, and security identifiers.

SID Functions

Function	Signature	Description
`ParseSID`	`(s string) (*SID, error)`	Parse string SID (`S-1-5-21-...`)
`ParseSIDBytes`	`(data []byte) (*SID, int, error)`	Parse binary SID

SID Methods

Method	Signature	Description
`String`	`() string`	Format as `S-1-5-21-...`
`Marshal`	`() []byte`	Serialize to binary
`Size`	`() int`	Binary size in bytes
`Equal`	`(other *SID) bool`	Compare two SIDs

Security Descriptor

func ParseSecurityDescriptor(data []byte) (*SecurityDescriptor, error)
func (sd *SecurityDescriptor) Marshal() []byte

Example: Parse and Display a Security Descriptor

sdBytes := []byte{...} // from LDAP nTSecurityDescriptor attribute

sd, err := security.ParseSecurityDescriptor(sdBytes)
if err != nil {
    fmt.Printf("[-] %v\n", err)
    return
}

fmt.Printf("Owner: %s\n", sd.Owner.String())

if sd.DACL != nil {
    for _, ace := range sd.DACL.ACEs {
        fmt.Printf("  ACE: Type=%d, SID=%s, Mask=0x%08x\n",
            ace.Type, ace.SID.String(), ace.AccessMask)
    }
}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

pkg security

pkg/security - Security Descriptors, ACLs & SIDs

SID Functions

SID Methods

Security Descriptor

Example: Parse and Display a Security Descriptor

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally