Using aspnet Impersonation, ASPNET_SETREG, applicaton throws buffer overflow.

Discussion in 'ASP .Net' started by jay@gloryfish.org, Oct 21, 2005.

  1. Guest

    I am attempting to impersonate an account in ASPNET. I am using
    aspnet_setreg to store the username and passwords. I have given the
    ASPNET account permisision to read the registry values. However, the
    application throws:

    "Could not create Windows user token from the credentials specified in
    the config file. Error from the operating system 'A required privilege
    is not held by the client'."

    This occurs even when the ASPNET account has TCB privileges.

    When moitoring the registry with regmon I see the following:

    67 3.69724321 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
    0x20019
    68 3.69729805 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second BUFFER
    OVERFLOW
    69 3.69735813 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second SUCCESS 01
    00 00 00 D0 8C 9D DF ...
    70 3.69899845 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
    71 3.69913554 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
    0x20019
    72 3.69917965 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first BUFFER
    OVERFLOW
    73 3.69923687 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first SUCCESS 01
    00 00 00 D0 8C 9D DF ...
    74 3.70052648 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
    75 3.71294332 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
    0x20019
    76 3.71299791 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second BUFFER
    OVERFLOW
    77 3.71305823 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second SUCCESS 01
    00 00 00 D0 8C 9D DF ...
    78 3.71464062 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
    79 3.71477723 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
    0x20019
    80 3.71482134 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first BUFFER
    OVERFLOW
    81 3.71487856 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first SUCCESS 01
    00 00 00 D0 8C 9D DF ...
    82 3.71617508 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS


    I'm not sure what's causing the buffer overflow.

    Other info: Server 2000, .NET Framework v1.1.4322

    Thanks for your input. :)

    -Jay
     
    , Oct 21, 2005
    #1
    1. Advertising

  2. Bruce Barker Guest

    if you are on win200, then the asp.net account needs "act as part of the os"
    permission. this is the permission that allows impersonation.

    --bruce (sqlworkcom)

    <> wrote in message
    news:...
    >I am attempting to impersonate an account in ASPNET. I am using
    > aspnet_setreg to store the username and passwords. I have given the
    > ASPNET account permisision to read the registry values. However, the
    > application throws:
    >
    > "Could not create Windows user token from the credentials specified in
    > the config file. Error from the operating system 'A required privilege
    > is not held by the client'."
    >
    > This occurs even when the ASPNET account has TCB privileges.
    >
    > When moitoring the registry with regmon I see the following:
    >
    > 67 3.69724321 aspnet_wp.exe:2212 OpenKey
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
    > 0x20019
    > 68 3.69729805 aspnet_wp.exe:2212 QueryValue
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second BUFFER
    > OVERFLOW
    > 69 3.69735813 aspnet_wp.exe:2212 QueryValue
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second SUCCESS 01
    > 00 00 00 D0 8C 9D DF ...
    > 70 3.69899845 aspnet_wp.exe:2212 CloseKey
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
    > 71 3.69913554 aspnet_wp.exe:2212 OpenKey
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
    > 0x20019
    > 72 3.69917965 aspnet_wp.exe:2212 QueryValue
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first BUFFER
    > OVERFLOW
    > 73 3.69923687 aspnet_wp.exe:2212 QueryValue
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first SUCCESS 01
    > 00 00 00 D0 8C 9D DF ...
    > 74 3.70052648 aspnet_wp.exe:2212 CloseKey
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
    > 75 3.71294332 aspnet_wp.exe:2212 OpenKey
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
    > 0x20019
    > 76 3.71299791 aspnet_wp.exe:2212 QueryValue
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second BUFFER
    > OVERFLOW
    > 77 3.71305823 aspnet_wp.exe:2212 QueryValue
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second SUCCESS 01
    > 00 00 00 D0 8C 9D DF ...
    > 78 3.71464062 aspnet_wp.exe:2212 CloseKey
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
    > 79 3.71477723 aspnet_wp.exe:2212 OpenKey
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
    > 0x20019
    > 80 3.71482134 aspnet_wp.exe:2212 QueryValue
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first BUFFER
    > OVERFLOW
    > 81 3.71487856 aspnet_wp.exe:2212 QueryValue
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first SUCCESS 01
    > 00 00 00 D0 8C 9D DF ...
    > 82 3.71617508 aspnet_wp.exe:2212 CloseKey
    > HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
    >
    >
    > I'm not sure what's causing the buffer overflow.
    >
    > Other info: Server 2000, .NET Framework v1.1.4322
    >
    > Thanks for your input. :)
    >
    > -Jay
    >
     
    Bruce Barker, Oct 21, 2005
    #2
    1. Advertising

  3. GloryFish Guest

    That's what I said. I get this error and the buffer overflow even when
    the ASPNET account has TCB (Trusted Computing Base, "Act as part
    of...") privileges.
     
    GloryFish, Oct 21, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ashish Gupta

    Applicaton on Handhelp using ASP.NET

    Ashish Gupta, Jul 1, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    400
    Peter McMahon [MVP]
    Jul 1, 2003
  2. nick
    Replies:
    3
    Views:
    495
    veera
    Jul 6, 2004
  3. =?Utf-8?B?QWxleCBLdWRha292?=

    Debugging local ASP.Net applicaton on WinXP.SP2

    =?Utf-8?B?QWxleCBLdWRha292?=, Jan 26, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    382
    Andy G
    Jan 26, 2005
  4. guoqi zheng
    Replies:
    2
    Views:
    449
    Mark Rae
    Apr 16, 2005
  5. Dr. Leff
    Replies:
    0
    Views:
    523
    Dr. Leff
    Jun 21, 2006
Loading...

Share This Page