Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using Microsoft.Win32.SafeHandles;
- using System;
- using System.Collections.Generic;
- using System.IO;
- using System.Linq;
- using System.Runtime.InteropServices;
- using System.Text;
- using System.Threading.Tasks;
- namespace ConsoleApp1
- {
- public class pipeMaker
- {
- public static void CreatePipe(out SafeFileHandle parentHandle, out SafeFileHandle childHandle, bool parentInputs)
- {
- SECURITY_ATTRIBUTES lpPipeAttributes = new SECURITY_ATTRIBUTES();
- lpPipeAttributes.bInheritHandle = true;
- SafeFileHandle hWritePipe = null;
- try
- {
- if (parentInputs)
- CreatePipeWithSecurityAttributes(out childHandle, out hWritePipe, lpPipeAttributes, 0);
- else
- CreatePipeWithSecurityAttributes(out hWritePipe, out childHandle, lpPipeAttributes, 0);
- if (!DuplicateHandle(GetCurrentProcess(), hWritePipe, GetCurrentProcess(), out parentHandle, 0, false, 2))
- throw new Exception();
- }
- finally
- {
- if ((hWritePipe != null) && !hWritePipe.IsInvalid)
- {
- hWritePipe.Close();
- }
- }
- }
- [StructLayout(LayoutKind.Sequential)]
- public class SECURITY_ATTRIBUTES
- {
- public int nLength;
- public IntPtr lpSecurityDescriptor;
- public bool bInheritHandle;
- public SECURITY_ATTRIBUTES()
- {
- nLength = 12;
- lpSecurityDescriptor = IntPtr.Zero;
- }
- }
- [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- public static extern bool CreatePipe(out SafeFileHandle hReadPipe, out SafeFileHandle hWritePipe,
- SECURITY_ATTRIBUTES lpPipeAttributes, int nSize);
- [DllImport("kernel32.dll", CharSet = CharSet.Ansi, SetLastError = true)]
- public static extern bool DuplicateHandle(IntPtr hSourceProcessHandle, SafeHandle hSourceHandle,
- IntPtr hTargetProcess, out SafeFileHandle targetHandle, int dwDesiredAccess,
- bool bInheritHandle, int dwOptions);
- [DllImport("kernel32.dll", CharSet = CharSet.Ansi, SetLastError = true)]
- public static extern IntPtr GetCurrentProcess();
- public static void CreatePipeWithSecurityAttributes(out SafeFileHandle hReadPipe, out SafeFileHandle hWritePipe,
- SECURITY_ATTRIBUTES lpPipeAttributes, int nSize)
- {
- hReadPipe = null;
- if ((!CreatePipe(out hReadPipe, out hWritePipe, lpPipeAttributes, nSize) || hReadPipe.IsInvalid) || hWritePipe.IsInvalid)
- throw new Exception();
- }
- class RunAs
- {
- //public const UInt32 Infinite = 0xffffffff;
- public const Int32 Startf_UseStdHandles = 0x00000101;
- //public const Int32 StdOutputHandle = -11;
- //public const Int32 StdErrorHandle = -12;
- //private static string inputHandle;
- //public static IntPtr outputHandle;
- //private static string errorHandle;
- [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Auto)]
- public struct StartupInfo
- {
- public int cb;
- public String reserved;
- public String desktop;
- public String title;
- public int x;
- public int y;
- public int xSize;
- public int ySize;
- public int xCountChars;
- public int yCountChars;
- public int fillAttribute;
- public int flags;
- public UInt16 showWindow;
- public UInt16 reserved2;
- public byte reserved3;
- public IntPtr stdInput;
- public IntPtr stdOutput;
- public IntPtr stdError;
- }
- internal struct ProcessInformation
- {
- public IntPtr process;
- public IntPtr thread;
- public int processId;
- public int threadId;
- }
- [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
- public static extern bool CreateProcessWithLogonW(
- String userName,
- String domain,
- String password,
- UInt32 logonFlags,
- String applicationName,
- String commandLine,
- UInt32 creationFlags,
- UInt32 environment,
- String currentDirectory,
- ref StartupInfo startupInfo,
- out ProcessInformation processInformation);
- [DllImport("kernel32.dll", SetLastError = true)]
- public static extern bool GetExitCodeProcess(IntPtr process, ref UInt32 exitCode);
- [DllImport("Kernel32.dll", SetLastError = true)]
- public static extern UInt32 WaitForSingleObject(IntPtr handle, UInt32 milliseconds);
- [DllImport("Kernel32.dll", SetLastError = true)]
- public static extern bool CreatePipe(out IntPtr hreadPipe, out IntPtr hWritePipe, ref SECURITY_ATTRIBUTES lpPipeAttributes, uint nSize);
- [DllImport("Kernel32.dll", SetLastError = true)]
- public static extern IntPtr GetStdHandle(IntPtr handle);
- [DllImport("Kernel32.dll", SetLastError = true)]
- public static extern bool CloseHandle(IntPtr handle);
- [STAThread]
- static void Main(string[] args)
- {
- StartupInfo startupInfo = new StartupInfo();
- startupInfo.reserved = null;
- startupInfo.flags &= Startf_UseStdHandles;
- //startupInfo.showWindow = SW_SHOW;
- // SafeFileHandle inputHandle = null;
- SafeFileHandle outputHandle = null;
- SafeFileHandle errorHandle = null;
- SafeFileHandle handleOutValue = new SafeFileHandle(startupInfo.stdOutput, true);
- SafeFileHandle handleErrValue = new SafeFileHandle(startupInfo.stdError, false);
- SafeFileHandle handleInValue = new SafeFileHandle(startupInfo.stdInput, false);
- //pipeMaker.CreatePipe(out inputHandle, out startupInfo.stdInput, true);
- //pipeMaker.CreatePipe(out outputHandle, out startupInfo.stdOutput, false);
- pipeMaker.CreatePipe(out outputHandle, out handleOutValue, false);
- pipeMaker.CreatePipe(out errorHandle, out handleErrValue, false);
- //pipeMaker.CreatePipe(out outputHandle, out handleInValue, true);
- UInt32 exitCode = 123456;
- ProcessInformation processInfo = new ProcessInformation();
- String command = @"cmd.exe";
- String user = "test1";
- String domain = System.Environment.MachineName;
- String password = "SOME_PASSWORD";
- String currentDirectory = "C:\windows\system32\";
- String Params = "/k echo test";
- UInt32 LogonFlags = 2; //login netonly
- try
- {
- CreateProcessWithLogonW(
- user,
- domain,
- password,
- LogonFlags,
- command,
- Params,
- (UInt32)0, //dw creation flags
- (UInt32)0, //environment
- currentDirectory,
- ref startupInfo,
- out processInfo);
- }
- catch (Exception e)
- {
- Console.WriteLine(e.ToString());
- }
- StreamReader srOut = new StreamReader(new FileStream(handleOutValue, FileAccess.Read, 4096, false));
- //StreamReader srErr = new StreamReader(new FileStream(handleErrValue, FileAccess.Read, 0x1000, false));
- //StreamReader sw = new StreamReader(new FileStream(handleOutValue, FileAccess.Read, 0x1000, false));
- while (!srOut.EndOfStream)
- {
- string line = srOut.ReadLine();
- if (line.Length > 0)
- Console.WriteLine(line);
- }
- Console.WriteLine(handleOutValue.ToString());
- Console.WriteLine("Exit code: {0}", exitCode);
- CloseHandle(processInfo.process);
- CloseHandle(processInfo.thread);
- CloseHandle(startupInfo.stdOutput);
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement