Redirect Process Input/Output with Windows API

**taigon** · Jun 30th, 2011, 12:04 PM

Hi Chris,

After 3 days of messing around with this, I finally got CreateProcessAsUser to launch a process as another domain user under the system account and can perform this operation interactively and non-interactively.

Code:

                    IntPtr hProcessToken = IntPtr.Zero;                                        
                    TOKEN_PRIVILEGES tp = new TOKEN_PRIVILEGES();

                    tp.Privileges = new LUID_AND_ATTRIBUTES[1];
                                      
                    Result = OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, ref hProcessToken);

                    if (!Result | hProcessToken == IntPtr.Zero)
                        Console.WriteLine("OpenProcessToken Failed: " + Marshal.GetLastWin32Error());

                    Result = LookupPrivilegeValue(null, SE_TCB_NAME, ref tp.Privileges[0].Luid);

                    if (!Result)
                        Console.WriteLine("LookupPrivilegeValue Failed: " + Marshal.GetLastWin32Error());

                    tp.PrivilegeCount = 1;
                    tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

                    Result = AdjustTokenPrivileges(hProcessToken, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);

                    if (!Result)
                        Console.WriteLine("AdjustTokenPrivileges Failed: " + Marshal.GetLastWin32Error());

                    Result = LogonUser(p.Process.UserName.Split('\\')[1], p.Process.UserName.Split('\\')[0], p.Process.Password, (int)Logon32Type.Interactive, 0, out hProcessToken);

                    Result = CreateProcessAsUserW(hProcessToken, Process, string.Empty, SA, SA, true, (UInt32)32, IntPtr.Zero, System.IO.Directory.GetCurrentDirectory(), si, ref ProcessInfo);

Thread: Redirect Process Input/Output with Windows API

Thread Tools

Display

Threaded View

Re: Redirect Process Input/Output with Windows API

Posting Permissions