WATERSTORMms Posted August 14, 2012 Share Posted August 14, 2012 (edited) Hallo Community,I have the following Script:#include <ProcessConstants.au3> #include <StructureConstants.au3> #include <SecurityConstants.au3> #include <Security.au3> #include <WinAPI.au3> ConsoleWrite(_runAsUser("C:myfoldertestapplication.exe", "C:myfoldertest" & @CRLF) Func _runAsUser($sCommandLine = "", $sProcessDir = "") Local $tSTARTUPINFO = DllStructCreate($tagSTARTUPINFO) Local $tPROCESS_INFORMATION = DllStructCreate($tagPROCESS_INFORMATION) Local $hProcess = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, 0, ProcessExists("explorer.exe")) If $hProcess Then Local $hTokOriginal = _Security__OpenProcessToken($hProcess, $TOKEN_ALL_ACCESS) _WinAPI_CloseHandle($hProcess) If $hTokOriginal Then Local $hTokDuplicate = _Security__DuplicateTokenEx($hTokOriginal, $TOKEN_ALL_ACCESS, $SECURITYIMPERSONATION, $TOKENPRIMARY) _WinAPI_CloseHandle($hTokOriginal) If $hTokDuplicate Then _Security__CreateProcessWithToken($hTokDuplicate, 0, $sCommandLine, 0, $sProcessDir, $tSTARTUPINFO, $tPROCESS_INFORMATION) _WinAPI_CloseHandle($hTokDuplicate) _WinAPI_CloseHandle(DllStructGetData($tPROCESS_INFORMATION, "hProcess")) _WinAPI_CloseHandle(DllStructGetData($tPROCESS_INFORMATION, "hThread")) Return DllStructGetData($tPROCESS_INFORMATION, "ProcessID") EndIf EndIf EndIf EndFuncThe Script works well. I can compile an EXE and run it with other credentials, but the script is running under the logged in user. And that's all what i want.BUT:If i run the same function as SYSTEM user, respectively as Service (with url='), the Function returns a PID though the process doesn't exist after half a second.I tried it directly with "DllCall" too:DllCall("advapi32.dll", "bool", "CreateProcessWithTokenW", "handle", $hTokDuplicate, "dword", 0, "ptr", 0, "wstr", $sCommandLine, "dword", 0, "ptr", "username_ohne_domain", "wstr", $sDir, "struct*", $tSTARTUPINFO, "struct*", $tPROCESS_INFORMATION)Same result.I hope you can help me.RegardsWATERSTORMms Edited August 14, 2012 by WATERSTORMms Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now