New
#1
Need to give admin rights to session 1 exe
Need to give admin rights to session 1 exe so that this exe can create new files and registry.
i have used the below code to launch an application in session 1(ex: abc.exe) from session 0(ex:Myapp.exe).
I wish to give admin priveleges to abc.exe as this exe in-turn creates a file in C:\. But its failing to create a new file in C:\ as it is returning an ACCESS_DENIED Error, as it doesnt have the admin rights.
Code:void ExecuteProc(DWORD sessionId) { HANDLE hToken, hProcess, hPToken, hUserTokenDup; HDESK hdesk = NULL; HWINSTA hwinsta = NULL, hwinstaSave = NULL; PROCESS_INFORMATION pi; PSID pSid = NULL; STARTUPINFO si; BOOL bResult = FALSE; sessionId = WTSGetActiveConsoleSessionId(); BOOL bQuery = false; bQuery = WTSQueryUserToken(sessionId, &hToken) ; DWORD dwErr1; // Initialize the STARTUPINFO structure. // Specify that the process runs in the interactive desktop. ZeroMemory(&si, sizeof(STARTUPINFO)); si.cb= sizeof(STARTUPINFO); si.lpDesktop = TEXT("winsta0\\default"); TOKEN_PRIVILEGES tp; LUID luid; if (!LookupPrivilegeValue(NULL,SE_DEBUG_NAME,&luid)) { printf("Lookup Privilege value Error: %u\n",GetLastError()); } tp.PrivilegeCount =1; tp.Privileges[0].Luid =luid; tp.Privileges[0].Attributes =SE_PRIVILEGE_ENABLED; DuplicateTokenEx(hToken,MAXIMUM_ALLOWED,NULL,SecurityIdentification,TokenPrimary,&hUserTokenDup); int dup = GetLastError(); //Adjust Token privilege SetTokenInformation(hUserTokenDup, TokenSessionId,(void*)sessionId,sizeof(DWORD)); if (!AdjustTokenPrivileges(hUserTokenDup,FALSE,&tp,sizeof(TOKEN_PRIVILEGES),(PTOKEN_PRIVILEGES)NULL,NULL)) { int abc =GetLastError(); printf("Adjust Privilege value Error: %u\n",GetLastError()); } if (GetLastError()== ERROR_NOT_ALL_ASSIGNED) { printf("Token does not have the provilege\n"); } // Launch the process in the client's logon session. wchar_t lpCommandLine[] = L"C:\\abc.exe"; bResult = CreateProcessAsUser( hUserTokenDup, // client's access token NULL, // file to execute lpCommandLine, // command line NULL, // pointer to process SECURITY_ATTRIBUTES NULL, // pointer to thread SECURITY_ATTRIBUTES FALSE, // handles are not inheritable NORMAL_PRIORITY_CLASS | CREATE_NEW_CONSOLE, // creation flags NULL, // pointer to new environment block NULL, // name of current directory &si, // pointer to STARTUPINFO structure &pi // receives information about new process ); CloseHandle(hProcess); CloseHandle(hUserTokenDup); CloseHandle(hPToken); } int _tmain(int argc, _TCHAR* argv[]) { DWORD sessionId = 0; ExecuteProc(sessionId); return 0; }
NOTE: abc.exe tries to create a new file in C:\ but it failed to do so as it require admin rights.
please give your valuabe inputs.
thanks
Praveen
Last edited by Brink; 30 May 2011 at 12:05. Reason: code box