Windows NT/2000提供了一个函数CreateProcessAsUser,它的功能类似于CreateProcess函数,所不同的是CreateProcessAsUser创建的新进程能以用户(任何用户)的安全上下文方式运行。
1
//
PlatformInvoke Stuff
2
[StructLayout(LayoutKind.Sequential)]
3
struct
STARTUPINFO
4
{
5
public
Int32 cb;
6
[MarshalAs(UnmanagedType.LPTStr)]
7
public
String lpReserved;
8
[MarshalAs(UnmanagedType.LPTStr)]
9
public
String lpDesktop;
10
[MarshalAs(UnmanagedType.LPTStr)]
11
public
String lpTitle;
12
public
UInt32 dwX;
13
public
UInt32 dwY;
14
public
UInt32 dwXSize;
15
public
UInt32 dwYSize;
16
public
UInt32 dwXCountChars;
17
public
UInt32 dwYCountChars;
18
public
UInt32 dwFillAttribute;
19
public
UInt32 dwFlags;
20
public
Int16 wShowWindow;
21
public
Int16 cbReserved2;
22
public
IntPtr lpReserved2;
23
public
HandleRef hStdInput;
24
public
HandleRef hStdOutput;
25
public
HandleRef hStdError;
26
}
27
28
const
int
NORMAL_PRIORITY_CLASS
=
0x00000020
;
29
30
struct
PROCESS_INFORMATION
31
{
32
public
HandleRef hProcess;
33
public
HandleRef hThread;
34
public
UInt32 dwProcessId;
35
public
UInt32 dwThreadId;
36
}
37
38
struct
SECURITY_ATTRIBUTES
39
{
40
public
UInt32 nLength;
41
public
IntPtr lpSecurityDescriptor;
42
public
Boolean bInheritHandle;
43
}
44
45
[DllImport(
“
advapi32.dll
“
, CharSet
=
CharSet.Unicode)]
46
static
extern
Boolean CreateProcessAsUser(
47
IntPtr hToken,
48
String lpApplicationName,
49
String lpCommandLine,
50
IntPtr lpProcessAttributes,
51
IntPtr lpThreadAttributes,
52
Boolean bInheritHandles,
53
UInt32 dwCreationFlags,
54
IntPtr lpEnvironment,
55
String lpCurrentDirectory,
56
ref
STARTUPINFO lpStartupInfo,
57
out
PROCESS_INFORMATION lpProcessInformation);
58
59
[DllImport(
“
advapi32.dll
“
, CharSet
=
CharSet.Unicode)]
60
static
extern
Boolean LogonUser(
61
String lpszUsername,
62
String lpszDomain,
63
String lpszPassword,
64
Int32 dwLogonType,
65
Int32 dwLogonProvider,
66
ref
IntPtr phToken
67
);
68
const
int
LOGON32_LOGON_INTERACTIVE
=
2
;
69
70
public
void
Execute(
string
File)
71
{
72
try
73
{
74
//
unsafe
75
{
76
PROCESS_INFORMATION pi
=
new
PROCESS_INFORMATION();
77
78
STARTUPINFO si
=
new
STARTUPINFO();
79
si.cb
=
Marshal.SizeOf(si);
80
si.lpDesktop
=
“
winsta0\\default
“
;
81
82
IntPtr hToken
=
new
IntPtr(
0
);
83
if
(LogonUser(
“
auser
“
,
“
mydomain
“
,
“
Passw0rd!
“
,
84
LOGON32_LOGON_INTERACTIVE,
0
,
ref
hToken))
85
{
86
Boolean bResult
=
CreateProcessAsUser(
87
hToken,
88
File,
//
file to execute
89
null
,
//
command line
90
IntPtr.Zero,
//
pointer to process SECURITY_ATTRIBUTES
91
IntPtr.Zero,
//
pointer to thread SECURITY_ATTRIBUTES
92
false
,
//
handles are not inheritable
93
0
,
//
creation flags
94
IntPtr.Zero,
//
pointer to new environment block
95
null
,
//
name of current directory
96
ref
si,
//
pointer to STARTUPINFO structure
97
out
pi
//
receives information about new process
98
);
99
100
if
(bResult)
101
{
102
}
103
}
104
}
105
}
106
catch
(Exception e)
107
{
108
}
109
}
//
PlatformInvoke Stuff
2
[StructLayout(LayoutKind.Sequential)]
3
struct
STARTUPINFO
4
{
5
public
Int32 cb;
6
[MarshalAs(UnmanagedType.LPTStr)]
7
public
String lpReserved;
8
[MarshalAs(UnmanagedType.LPTStr)]
9
public
String lpDesktop;
10
[MarshalAs(UnmanagedType.LPTStr)]
11
public
String lpTitle;
12
public
UInt32 dwX;
13
public
UInt32 dwY;
14
public
UInt32 dwXSize;
15
public
UInt32 dwYSize;
16
public
UInt32 dwXCountChars;
17
public
UInt32 dwYCountChars;
18
public
UInt32 dwFillAttribute;
19
public
UInt32 dwFlags;
20
public
Int16 wShowWindow;
21
public
Int16 cbReserved2;
22
public
IntPtr lpReserved2;
23
public
HandleRef hStdInput;
24
public
HandleRef hStdOutput;
25
public
HandleRef hStdError;
26
}
27
28
const
int
NORMAL_PRIORITY_CLASS
=
0x00000020
;
29
30
struct
PROCESS_INFORMATION
31
{
32
public
HandleRef hProcess;
33
public
HandleRef hThread;
34
public
UInt32 dwProcessId;
35
public
UInt32 dwThreadId;
36
}
37
38
struct
SECURITY_ATTRIBUTES
39
{
40
public
UInt32 nLength;
41
public
IntPtr lpSecurityDescriptor;
42
public
Boolean bInheritHandle;
43
}
44
45
[DllImport(
“
advapi32.dll
“
, CharSet
=
CharSet.Unicode)]
46
static
extern
Boolean CreateProcessAsUser(
47
IntPtr hToken,
48
String lpApplicationName,
49
String lpCommandLine,
50
IntPtr lpProcessAttributes,
51
IntPtr lpThreadAttributes,
52
Boolean bInheritHandles,
53
UInt32 dwCreationFlags,
54
IntPtr lpEnvironment,
55
String lpCurrentDirectory,
56
ref
STARTUPINFO lpStartupInfo,
57
out
PROCESS_INFORMATION lpProcessInformation);
58
59
[DllImport(
“
advapi32.dll
“
, CharSet
=
CharSet.Unicode)]
60
static
extern
Boolean LogonUser(
61
String lpszUsername,
62
String lpszDomain,
63
String lpszPassword,
64
Int32 dwLogonType,
65
Int32 dwLogonProvider,
66
ref
IntPtr phToken
67
);
68
const
int
LOGON32_LOGON_INTERACTIVE
=
2
;
69
70
public
void
Execute(
string
File)
71
{
72
try
73
{
74
//
unsafe
75
{
76
PROCESS_INFORMATION pi
=
new
PROCESS_INFORMATION();
77
78
STARTUPINFO si
=
new
STARTUPINFO();
79
si.cb
=
Marshal.SizeOf(si);
80
si.lpDesktop
=
“
winsta0\\default
“
;
81
82
IntPtr hToken
=
new
IntPtr(
0
);
83
if
(LogonUser(
“
auser
“
,
“
mydomain
“
,
“
Passw0rd!
“
,
84
LOGON32_LOGON_INTERACTIVE,
0
,
ref
hToken))
85
{
86
Boolean bResult
=
CreateProcessAsUser(
87
hToken,
88
File,
//
file to execute
89
null
,
//
command line
90
IntPtr.Zero,
//
pointer to process SECURITY_ATTRIBUTES
91
IntPtr.Zero,
//
pointer to thread SECURITY_ATTRIBUTES
92
false
,
//
handles are not inheritable
93
0
,
//
creation flags
94
IntPtr.Zero,
//
pointer to new environment block
95
null
,
//
name of current directory
96
ref
si,
//
pointer to STARTUPINFO structure
97
out
pi
//
receives information about new process
98
);
99
100
if
(bResult)
101
{
102
}
103
}
104
}
105
}
106
catch
(Exception e)
107
{
108
}
109
}
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请联系我们举报,一经查实,本站将立刻删除。
发布者:全栈程序员-站长,转载请注明出处:https://javaforall.net/111073.html原文链接:https://javaforall.net
