/*** This application converts a text message to uppercase by spawning a child

1. /**
2. * This application converts a text message to uppercase by spawning a child process as another user and saves it to a file.
3. *
4. * Usage: app.exe MESSAGE FILE_PATH
5. * or
6. * Usage: app.exe DOMAIN USERNAME PASSWORD MESSAGE FILE_PATH
7. *
8. *
9. * Setup instructions:
10. *
11. * 1. Open secpol.msc
12. * 2. Navigate to 'Local Policies' > 'User Rights Assignment' > 'Log on as a service'.
13. * 3. Add your account and click the 'OK' button.
14. * 4. Compile this file as a console application.
15. * 5. Open a PowerShell console as administrator.
16. * 6. PS C:\> New-Service ServiceTest "CONSOLE_EXE_PATH MESSAGE FILE_PATH" -Credential YOUR_DOMAIN\YOUR_ACCOUNT
17. * 7. PS C:\> Start-Service ServiceTest
18. * 8. Verify that the file is created with the message in uppercase.
19. * 10. Delete the file.
20. * 11. PS C:\> Stop-Service ServiceTest
21. * 12. PS C:\> sc.exe delete ServiceTest
22. * 13. PS C:\> New-Service ServiceTest "CONSOLE_EXE_PATH YOUR_DOMAIN ANOTHER_ACCOUNT_USERNAME PASSWORD MESSAGE FILE_PATH" -Credential YOUR_DOMAIN\YOUR_ACCOUNT
23. * 14. Ensure the YOUR_DOMAIN\ANOTHER_ACCOUNT_USERNAME has access to the folder where CONSOLE_EXE_PATH is located.
24. * 15. PS C:\> Start-Service ServiceTest
25. * 16. Verify that the file is not created.
26. * 17. Open eventvwr
27. * 18. Verify that a { "Log Name": "System", "Source": "Application Popup", "EventId": 26, "Data": ["CONSOLE_EXE - Application Error", "The application was unable to start correctly (0xc0000142). Click OK to close the application."] } event is registered.
28. * 19. PS C:\> Stop-Service ServiceTest
29. * 20. PS C:\> sc.exe delete ServiceTest
30. */
31.  
32. namespace ServiceTest
33. {
34. using System;
35. using System.Diagnostics;
36. using System.IO;
37. using System.Net;
38. using System.ServiceProcess;
39. using System.Text;
40. using System.Threading;
41.  
42. internal sealed class Program : ServiceBase
43. {
44. private const string ChildIndicator = "079a9ab7-e4b8-4192-9dc7-dc7b93ec9376";
45.  
46. private readonly string[] args;
47. private readonly ManualResetEventSlim processDone = new ManualResetEventSlim();
48.  
49. private Program(string[] args)
50. {
51. this.args = args;
52. }
53.  
54. public static void Main(string[] args)
55. {
56. if (Environment.UserInteractive || Program.IsChildProcess(args))
57. {
58. var p = new Program(args);
59. p.OnStart(null);
60. p.OnStop();
61. }
62. else
63. {
64. ServiceBase.Run(new Program(args));
65. }
66. }
67.  
68. protected override void OnStart(string[] notUsed)
69. {
70. if (Program.IsChildProcess(this.args))
71. {
72. Console.WriteLine("handshake");
73. var input = Console.In.ReadToEnd();
74. if (input != null)
75. {
76. Console.WriteLine(input.ToUpper());
77. }
78.  
79. this.processDone.Set();
80. }
81. else if (this.args.Length == 2 || this.args.Length == 5)
82. {
83. var credentials = this.args.Length == 5 ? new NetworkCredential(this.args[1], this.args[2], this.args[0]) : null;
84. var message = this.args.Length == 5 ? this.args[3] : this.args[0];
85. var outputFile = this.args.Length == 5 ? this.args[4] : this.args[1];
86.  
87. // Create process.
88. var process = new Process
89. {
90. EnableRaisingEvents = true,
91. StartInfo =
92. {
93. FileName = Process.GetCurrentProcess().MainModule.FileName,
94. Arguments = Program.ChildIndicator,
95. CreateNoWindow = true,
96. RedirectStandardError = true,
97. RedirectStandardInput = true,
98. RedirectStandardOutput = true,
99. UseShellExecute = false,
100. WorkingDirectory = @"C:\"
101. }
102. };
103.  
104. if (credentials != null)
105. {
106. process.StartInfo.Domain = credentials.Domain;
107. process.StartInfo.UserName = credentials.UserName;
108. process.StartInfo.Password = credentials.SecurePassword;
109. }
110.  
111. var error = new StringBuilder();
112. var errorWaitHandle = new ManualResetEventSlim();
113. process.ErrorDataReceived += (s, e) =>
114. {
115. if (e.Data != null)
116. {
117. error.AppendLine(e.Data);
118. }
119. else
120. {
121. errorWaitHandle.Set();
122. }
123. };
124.  
125. var output = new StringBuilder();
126. var outputWaitHandle = new ManualResetEventSlim();
127. process.OutputDataReceived += (s, e) =>
128. {
129. if (e.Data == "handshake")
130. {
131. process.StandardInput.Write(message);
132. process.StandardInput.Close();
133. }
134. else if (e.Data != null)
135. {
136. output.AppendLine(e.Data);
137. }
138. else
139. {
140. outputWaitHandle.Set();
141. }
142. };
143.  
144. process.Exited += (s, e) =>
145. {
146. try
147. {
148. errorWaitHandle.Wait();
149. outputWaitHandle.Wait();
150.  
151. if (error.Length > 0)
152. {
153. File.WriteAllText(outputFile, string.Format("Child process completed with an error: {0}", error));
154. }
155. else if (output.Length > 0)
156. {
157. File.WriteAllText(outputFile, output.ToString());
158. }
159. }
160. finally
161. {
162. process.Dispose();
163.  
164. this.processDone.Set();
165. }
166. };
167.  
168. process.Start();
169. process.BeginErrorReadLine();
170. process.BeginOutputReadLine();
171. }
172. else
173. {
174. using (var currentProcess = Process.GetCurrentProcess())
175. {
176. Console.WriteLine("Usage:");
177. Console.WriteLine("{0} <msg> <path_to_output_file>", currentProcess.MainModule.ModuleName);
178. Console.WriteLine("{0} <domain> <username> <password> <msg> <path_to_output_file>", currentProcess.MainModule.ModuleName);
179.  
180. this.processDone.Set();
181. }
182. }
183. }
184.  
185. protected override void OnStop()
186. {
187. this.processDone.Wait();
188. }
189.  
190. private static bool IsChildProcess(string[] args)
191. {
192. return args.Length == 1 && args[0] == Program.ChildIndicator;
193. }
194. }
195. }