(909)  Login

English
Forum

API CreateProcessAsUser

 
Hello Profaner...

Folgender code (NT/2000/XP) bring by me at started the EXE under one Usernamen with eingeschränkten Rechten a Error Message. If I The EXE under one Adminprofile starte, hauts half-way there. Eingelogt have I self as Admin with ausreichenden Rechten (no 1314 Error Message).
What do I do wrong???
CompileMarkSeparation
DEF @LookupAccountName(7) !"advapi32","LookupAccountNameA"
DEF @LogonUser(6) !"advapi32","LogonUserA"
DEF @CreateProcessAsUser(11) !"advapi32","CreateProcessAsUserA"
DEF @SetLastError(1) !"kernel32","SetLastError"
DEF @GetLastError(0) !"kernel32","GetLastError" Liefert letzten API Fehler.
DEF @ZeroMemory(2) ! "Kernel32","RtlZeroMemory"
DEF @CloseHandle(1) !"kernel32","CloseHandle" Schließt ein Handle (Programm).
Declare Protokoll&,FEHLER&,DOMAIN$,SID_Size#,lpStartupInfo#,lpProcessInformation#
Declare lpCommandLine#,DOMAINNAME_SIZE_ADDR#
Declare SID#,DOMAIN#,SID_TYPE_INDICATOR#,DOMAIN#,Attribut#,ALLPRIVS#,COUNT#,SID#
DIM DOMAIN#,256
DIM SID#,800
DIM SID_Size#,4
DIM DOMAINNAME_SIZE_ADDR#,4
DIM SID_TYPE_INDICATOR#,256

Proc StartWithUserRights

    @ADDSTRING(Protokoll&,"Start der Prozedur zum Impersonifizieren anderer User")
    Parameters PUSERNAME$,PPASSWORT$,PPROGRAMM$
    Declare UserHandle&,UserHandle#
    DIM UserHandle#,4
    CLEAR SID#,DOMAIN#,SID_TYPE_INDICATOR#,DOMAIN#,SID#,DOMAINNAME_SIZE_ADDR#
    Long SID_Size#,0=800
    LONG DOMAINNAME_SIZE_ADDR#,0=255
    LET Fehler&=@LookupAccountName(0,@addr(PUSERNAME$),SID#,SID_Size#,DOMAIN#,DOMAINNAME _SIZE_ADDR#,SID_TYPE_INDICATOR#)
    @ADDSTRING(Protokoll&,"Fehler LookupAccountName: "+@str$(Fehler&))
    LET DOMAIN$=@STRING$(DOMAIN#,0)
    @ADDSTRING(Protokoll&,"Domain: "+DOMAIN$)
    @SetLastError(0)
    LET FEHLER&=@LogonUser(@addr(PUSERNAME$),@ADDR(DOMAIN$),@ADDR(PPASSWORT$),2,0,UserHa ndle#)
    @ADDSTRING(Protokoll&,"Fehler LogonUser: "+@str$(Fehler&))
    @ADDSTRING(Protokoll&,"Letzter API Fehler: "+@str$(@GetLastError()))
    Let UserHandle&=@LONG(UserHandle#,0)
    @ADDSTRING(Protokoll&,"UserHandle: "+@str$(UserHandle&))
    Dim lpStartupInfo#,68
    ZeroMemory(lpStartupinfo#,68)
    Long lpStartupInfo#,0=68
    Dim lpProcessInformation#,16
    Dim lpCommandLine#,@len(PPROGRAMM$)+1
    ZeroMemory(lpProcessInformation#,16)
    String lpCommandLine#,0=PPROGRAMM$
    LET FEHLER&=@CreateProcessAsUser(UserHandle&,0,lpCommandLine#,0,0,0,0,0,0,lpStartupI nfo#,lpProcessInformation#)
    @ADDSTRING(Protokoll&,"Fehler CreateProcessAsUser: "+@str$(Fehler&))
    @ADDSTRING(Protokoll&,"Letzter API Fehler: "+@str$(@GetLastError()))
    LET FEHLER&=@CloseHandle(UserHandle&)
    @ADDSTRING(Protokoll&,"Fehler CloseHandle: "+@str$(Fehler&))
    Dispose UserHandle#
    Dispose lpStartupInfo#
    Dispose lpProcessInformation#
    Dispose lpCommandLine#
    @ADDSTRING(Protokoll&,"Ende der Prozedur zum Impersonifizieren anderer User")

ENDPROC

CLS
LET Protokoll&=@createlistbox(%HWND,"",10,10,600,400)
StartWithUserRights @INPUT$("Bitte einen Usernamen eingeben: ","Login Name?",""),@INPUT$("Bitte das Passwort dazu eingeben: ","Passwort?",""),,@LoadFile$("EXE auswählen","*.EXE")
Dispose DOMAIN#
Dispose SID_Size#
Dispose DOMAINNAME_SIZE_ADDR#
Dispose SID_TYPE_INDICATOR#
Dispose SID#
/../Function-References/XProfan/waitinput/'>Waitinput
 
12/19/04  
 



Hello Andreas...

I faith DuplikateTokenEx is the Solution for your trouble....
 
12/19/04  
 



Hello Andreas...

JA GENAU. the must it his! best Thanks, Andreas...

 
12/19/04  
 




Frank
Abbing
Hi,

I faith, you have here Topic addressed, the The wide majority sooner scheut. therefore The Selbstgespräche?
 
12/19/04  
 



Something like have I ehrlichgesagt too not yet erlebt - AH this is Real spicy - I faith but on this area are You here the Profi and so you unfortunately yet nobody helped. (<-- help could, helped having, ... )

salvo, iF
 
12/19/04  
 



Hello your both...


I Have me only time a leinen Fun gegönnt, around the talk something anzuregen. be so already one small little moreover, Have The Solution but still not complete.

i'm in the moment thereby, Privaktivate something To strain. the add of Privilegien To existing Accounts have I already installed (runs fine).
Privaktivate becomes soon means bestehende Privilegien enable and not available Privilegien add könen.
i want integrally gladly another RunAs function with install - there hakt But in the moment yet How one sees.
too a function to that creak of Login Passwörter hovers me in the moment in the head around, for becomes Profan but well too slow his.

so, the I do not splendid of/ one help on can, have I really already calculated. world-wide are To this Topic hardly any reasonable item and Postings to find. most had there any ask to the Topics Privilegien and impersonifizieren of Usern The none sensible answer could.
with many Quelltexten could I as Beginner even already say, where it there hakt, without at all The Programming-Language to, in the the View source written watts...

the The wide majority this issue scheut, find I very pity, there these things well the eigentliche reason are, Why 2000 and XP on NT-Technologie basieren...
 
12/20/04  
 



there can I only say we forward us already on a hellish-good PCU .

If you like - because of the hint Profan would there too slow - building I you for these Unterfunktion ne DLL. Muddu only very say what The do should. Thanks Frank Abbings Datengenerator could then these ca. 4kb large dll simply in your PCU do and one should no DLL mitführen.

salvo, iF
 
12/20/04  
 



OK, trouble is resolved. If the a API not wants, Why not time a new testing?

it lying in the Endeffekt still not on DouplicateTokenEx, I had well already a PrimaryToken, separate it lying and lying well directly on CreateProcessAsUser. there shining it me somewhere on Zugriffsberechtigung To are missing and it can therefore no vernünftiges Window created go. be now To CreateProcessWithLogonW übergeschwenkt - skin super there and is very simply To manage.

I have times under [...]  a Prerelease of PrivAktivate 2.1 uploaded.
what me here among other things not yet so well gefällt:
- available Privilegien go not displayed
- If Privilegien are missing, sees one this only Ablaufprotokoll

to the Passwortgeschichte: I have self already on a MSAM32 DLL virtual - are but in the moment only Hirngespinste. About reasonable dictionaries should the whole In any drop To regulate his. The thing is really quite primitiv and on Anfängerniveau - one need only over the Rumpelstilzchenprinzip nachzufragen - windows gives well and artig always The right response. Alzuviele Privilegien dürften ditto for not necessary his...
 
12/20/04  
 



Answer


Topictitle, max. 100 characters.
 

Systemprofile:

no Systemprofil laid out. [anlegen]

XProfan:

 Posting  Font  Smilies  ▼ 

Please register circa a Posting To verfassen.
 

Topic-Options

Unreaded
subscribe
Remember-List
Notes
guests
Delete
Permanent
Done

5.099 Views

Untitledvor 0 min.
H.Brill04/19/22
ChristopH02/22/12

Themeninformationen

this Topic has 2 subscriber:

unbekannt (7x)
Frank Abbing (1x)


Admins  |  AGB  |  Applications  |  Authors  |  Chat  |  Privacy Policy  |  Download  |  Entrance  |  Help  |  Merchantportal  |  Imprint  |  Mart  |  Interfaces  |  SDK  |  Services  |  Games  |  Search  |  Support

One proposition all XProfan, The there's!


My XProfan
Private Messages
Own Storage Forum
Topics-Remember-List
Own Posts
Own Topics
Clipboard
Log off
 Deutsch English Français Español Italia
Translations

Privacy Policy


we use Cookies only as Session-Cookies because of the technical necessity and with us there no Cookies of Drittanbietern.

If you here on our Website click or navigate, stimmst You ours registration of Information in our Cookies on XProfan.Net To.

further Information To our Cookies and moreover, How You The control above keep, find You in ours nachfolgenden Datenschutzerklärung.

all rightDatenschutzerklärung
i want none Cookie