API tools faq
paste
Advertisement
Guest User

CreateProcessAsUser

a guest
Mar 12th, 2014
221
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C# 3.89 KB | None | 0 0
raw download clone embed print report
  1. [StructLayout(LayoutKind.Sequential)]
  2.         public struct SECURITY_ATTRIBUTES
  3.         {
  4.             public int nLength;
  5.             public IntPtr lpSecurityDescriptor;
  6.             public int bInheritHandle;
  7.         }
  8.  
  9.         [StructLayout(LayoutKind.Sequential)]
  10.         internal struct PROCESS_INFORMATION
  11.         {
  12.             public IntPtr hProcess;
  13.             public IntPtr hThread;
  14.             public int dwProcessId;
  15.             public int dwThreadId;
  16.         }
  17.  
  18.         [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
  19.         struct STARTUPINFO
  20.         {
  21.             public Int32 cb;
  22.             public string lpReserved;
  23.             public string lpDesktop;
  24.             public string lpTitle;
  25.             public Int32 dwX;
  26.             public Int32 dwY;
  27.             public Int32 dwXSize;
  28.             public Int32 dwYSize;
  29.             public Int32 dwXCountChars;
  30.             public Int32 dwYCountChars;
  31.             public Int32 dwFillAttribute;
  32.             public Int32 dwFlags;
  33.             public Int16 wShowWindow;
  34.             public Int16 cbReserved2;
  35.             public IntPtr lpReserved2;
  36.             public IntPtr hStdInput;
  37.             public IntPtr hStdOutput;
  38.             public IntPtr hStdError;
  39.         }
  40.  
  41.         public enum SECURITY_IMPERSONATION_LEVEL
  42.         {
  43.             SecurityAnonymous,
  44.             SecurityIdentification,
  45.             SecurityImpersonation,
  46.             SecurityDelegation
  47.         }
  48.  
  49.         public enum TOKEN_TYPE
  50.         {
  51.             TokenPrimary = 1,
  52.             TokenImpersonation
  53.         }
  54.  
  55.         [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
  56.         public extern static bool DuplicateTokenEx(
  57.             IntPtr hExistingToken,
  58.             uint dwDesiredAccess,
  59.             ref SECURITY_ATTRIBUTES lpTokenAttributes,
  60.             SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
  61.             TOKEN_TYPE TokenType,
  62.             ref IntPtr phNewToken);
  63.  
  64.         [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Auto)]
  65.         static extern bool CreateProcessAsUser(
  66.             IntPtr hToken,
  67.             string lpApplicationName,
  68.             string lpCommandLine,
  69.             ref SECURITY_ATTRIBUTES lpProcessAttributes,
  70.             ref SECURITY_ATTRIBUTES lpThreadAttributes,
  71.             bool bInheritHandles,
  72.             uint dwCreationFlags,
  73.             IntPtr lpEnvironment,
  74.             string lpCurrentDirectory,
  75.             ref STARTUPINFO lpStartupInfo,
  76.             ref PROCESS_INFORMATION lpProcessInformation);  
  77.  
  78.         public static Process CreateProcessAsUser(string filename, string args)
  79.         {
  80.             IntPtr hToken = WindowsIdentity.GetCurrent().Token;
  81.             IntPtr hDupedToken = IntPtr.Zero;
  82.  
  83.             PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
  84.             SECURITY_ATTRIBUTES sa = new SECURITY_ATTRIBUTES();
  85.             sa.nLength = Marshal.SizeOf(sa);
  86.  
  87.             DuplicateTokenEx(hToken,
  88.                 (uint)0,
  89.                 ref sa,
  90.                 SECURITY_IMPERSONATION_LEVEL.SecurityIdentification,
  91.                 TOKEN_TYPE.TokenPrimary,
  92.                 ref hDupedToken);
  93.  
  94.             STARTUPINFO si = new STARTUPINFO();
  95.             si.cb = Marshal.SizeOf(si);
  96.             si.lpDesktop = string.Empty;
  97.  
  98.             string path = Path.GetFullPath(filename);
  99.             using (WindowsIdentity.Impersonate(IntPtr.Zero))
  100.             {
  101.                 CreateProcessAsUser(hDupedToken,
  102.                     path,
  103.                     string.Format("\"{0}\" {1}", filename.Replace("\"", "\"\""), args),
  104.                     ref sa,
  105.                     ref sa,
  106.                     false,
  107.                     0,
  108.                     IntPtr.Zero,
  109.                     @".\",
  110.                     ref si,
  111.                     ref pi);
  112.             }
  113.  
  114.             return Process.GetProcessById(pi.dwProcessId);
  115.         }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!