Created
July 12, 2019 14:37
-
-
Save blaquee/bf1b4209d3a7d5a85972a4e1ff74803d to your computer and use it in GitHub Desktop.
SIDs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ///////////////////////////////////////////////////////////////////////////// | |
| // // | |
| // Universal well-known SIDs // | |
| // // | |
| // Null SID S-1-0-0 // | |
| // World S-1-1-0 // | |
| // Local S-1-2-0 // | |
| // Creator Owner ID S-1-3-0 // | |
| // Creator Group ID S-1-3-1 // | |
| // Creator Owner Server ID S-1-3-2 // | |
| // Creator Group Server ID S-1-3-3 // | |
| // // | |
| // (Non-unique IDs) S-1-4 // | |
| // // | |
| ///////////////////////////////////////////////////////////////////////////// | |
| #define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0} | |
| #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1} | |
| #define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2} | |
| #define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3} | |
| #define SECURITY_NON_UNIQUE_AUTHORITY {0,0,0,0,0,4} | |
| #define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9} | |
| #define SECURITY_NULL_RID (0x00000000L) | |
| #define SECURITY_WORLD_RID (0x00000000L) | |
| #define SECURITY_LOCAL_RID (0x00000000L) | |
| #define SECURITY_LOCAL_LOGON_RID (0x00000001L) | |
| #define SECURITY_CREATOR_OWNER_RID (0x00000000L) | |
| #define SECURITY_CREATOR_GROUP_RID (0x00000001L) | |
| #define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L) | |
| #define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L) | |
| #define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L) | |
| /////////////////////////////////////////////////////////////////////////////// | |
| // // | |
| // NT well-known SIDs // | |
| // // | |
| // NT Authority S-1-5 // | |
| // Dialup S-1-5-1 // | |
| // // | |
| // Network S-1-5-2 // | |
| // Batch S-1-5-3 // | |
| // Interactive S-1-5-4 // | |
| // (Logon IDs) S-1-5-5-X-Y // | |
| // Service S-1-5-6 // | |
| // AnonymousLogon S-1-5-7 (aka null logon session) // | |
| // Proxy S-1-5-8 // | |
| // Enterprise DC (EDC) S-1-5-9 (aka domain controller account) // | |
| // Self S-1-5-10 (self RID) // | |
| // Authenticated User S-1-5-11 (Authenticated user somewhere) // | |
| // Restricted Code S-1-5-12 (Running restricted code) // | |
| // Terminal Server S-1-5-13 (Running on Terminal Server) // | |
| // Remote Logon S-1-5-14 (Remote Interactive Logon) // | |
| // This Organization S-1-5-15 // | |
| // // | |
| // IUser S-1-5-17 | |
| // Local System S-1-5-18 // | |
| // Local Service S-1-5-19 // | |
| // Network Service S-1-5-20 // | |
| // // | |
| // (NT non-unique IDs) S-1-5-0x15-... (NT Domain Sids) // | |
| // // | |
| // (Built-in domain) S-1-5-0x20 // | |
| // // | |
| // (Security Package IDs) S-1-5-0x40 // | |
| // NTLM Authentication S-1-5-0x40-10 // | |
| // SChannel Authentication S-1-5-0x40-14 // | |
| // Digest Authentication S-1-5-0x40-21 // | |
| // // | |
| // Other Organization S-1-5-1000 (>=1000 can not be filtered) // | |
| // // | |
| // // | |
| // NOTE: the relative identifier values (RIDs) determine which security // | |
| // boundaries the SID is allowed to cross. Before adding new RIDs, // | |
| // a determination needs to be made regarding which range they should // | |
| // be added to in order to ensure proper "SID filtering" // | |
| // // | |
| /////////////////////////////////////////////////////////////////////////////// |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment