tubaba Posted January 18, 2022 Posted January 18, 2022 (edited) here is my test code,but it doesn't work: expandcollapse popup$s = _CreatProcess(@ComSpec) ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $s = ' & $s & @CRLF & '>Error code: ' & @error & ' Extended code: ' & @extended & ' (0x' & Hex(@extended) & ') SystemTime: ' & @hour & ':' & @min & ':' & @sec & @CRLF) ;### Debug Console Func _CreatProcess($sCommandLine) Local Const $PROC_THREAD_ATTRIBUTE_PARENT_PROCESS = 0x00020000 Local Const $EXTENDED_STARTUPINFO_PRESENT = 0x00080000 Local $hTargetProcess = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, False, ProcessExists('explorer.exe')) Local $hTargetProcessToken = _Security__OpenProcessToken($hTargetProcess, BitOR($TOKEN_QUERY, $TOKEN_DUPLICATE)) Local $hTokDuplicate = _Security__DuplicateTokenEx($hTargetProcessToken, $TOKEN_ALL_ACCESS, $SECURITYIDENTIFICATION, $TOKENPRIMARY) Local $tStartupInfo = DllStructCreate($tagSTARTUPINFO & ';ptr lpAttributeList') ;maybe error is here DllStructSetData($tStartupInfo, "Size", DllStructGetSize($tStartupInfo)) Local $iResult = DllCall("Kernel32.dll", "int", "InitializeProcThreadAttributeList", 'ptr', NULL, "dword", 1, "dword" , 0, "ulong_ptr*", 0) Local $pLIST = _HeapAlloc($iResult[4]) $iResult = DllCall("Kernel32.dll", "int", "InitializeProcThreadAttributeList", 'ptr', $pLIST, "dword", 1, "dword" , 0, "ulong_ptr*", $iResult[4]) Local $iResult = DllCall("Kernel32.dll", "int", "UpdateProcThreadAttribute", 'ptr', $pLIST, "dword", 0, "dword_ptr" , $PROC_THREAD_ATTRIBUTE_PARENT_PROCESS, "HANDLE", $hTargetProcess, "ULONG_PTR", BinaryLen($hTargetProcess), "ptr", Null, "dword", Null ) DllStructSetData($tStartupInfo, "lpAttributeList", $pLIST) Local $tProcessInfo = DllStructCreate($tagPROCESS_INFORMATION) DllStructSetData($tProcessInfo, "Size", DllStructGetSize($tProcessInfo)) ;~ Local $dwCreationFlags = BitOR($NORMAL_PRIORITY_CLASS, $CREATE_NEW_CONSOLE) Local $dwCreationFlags = $EXTENDED_STARTUPINFO_PRESENT _WinAPI_CloseHandle($hTargetProcess) _WinAPI_CloseHandle($hTargetProcessToken) Local $iResult = DllCall("advapi32.dll", "bool", "CreateProcessWithTokenW", _ ;~ "ptr", $pEnvironment, _ ;$lpEnvironment "handle", $hTokDuplicate, _ ;hToken "dword", 1, _ ;dwLogonFlags "ptr", 0, _ ;lpApplicationName, _ "wstr", StringFormat("%s", $sCommandLine), _ ; wstr for CreateProcessWithTokenW "dword", $dwCreationFlags, _ ;$dwCreationFlags "ptr", Null, _ ;$lpEnvironment "wstr", @SystemDir, _ ;$lpCurrentDirectory "ptr", DllStructGetPtr($tStartupInfo), _ ;$lpStartupInfo "ptr", DllStructGetPtr($tProcessInfo)) ;$lpProcessInformation If $iResult[0] Then _WinAPI_CloseHandle(DllStructGetData($tProcessInfo, "hProcess")) _WinAPI_CloseHandle(DllStructGetData($tProcessInfo, "hThread")) Return SetError(0, 0, DllStructGetData($tProcessInfo, "ProcessID")) Else Local $iError = _WinAPI_GetLastError() Local $errmsg = _WinAPI_GetLastErrorMessage() _WinAPI_CloseHandle(DllStructGetData($tProcessInfo, "hProcess")) _WinAPI_CloseHandle(DllStructGetData($tProcessInfo, "hThread")) Return SetError(1, $iError, $errmsg) EndIf EndFunc Func _HeapFree(ByRef $pMem) If $pMem < 1 Then Return SetError(87, 0, False) Local $iResult, $hHeap = _GetProcessHeap() $iResult = DllCall("Kernel32.dll", "int", "HeapFree", "hWnd", $hHeap, _ "dword", 0, "ptr", $pMem) If $iResult[0] Then $pMem = Ptr(0) Return $iResult[0] <> 0 EndFunc ;==>_HeapFree Func _HeapAlloc($iSize, $iAllocOption = 8) If $iSize < 1 Then Return 0 Local $pMem, $hHeap = _GetProcessHeap() $pMem = DllCall("Kernel32.dll", "ptr", "HeapAlloc", "hWnd", $hHeap, _ "dword", $iAllocOption, "dword", $iSize) Return $pMem[0] EndFunc ;==>_HeapAlloc Func _GetProcessHeap() Local $hHeap = DllCall("Kernel32.dll", "hWnd", "GetProcessHeap") Return $hHeap[0] EndFunc ;==>_GetProcessHeap thanks a lot Edited January 19, 2022 by tubaba
Developers Jos Posted January 18, 2022 Developers Posted January 18, 2022 On 1/18/2022 at 9:05 AM, tubaba said: but it doesn't work Expand I am sure you can do better than this explaining your issue with the code! SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
Solution Rurorita Posted January 18, 2022 Solution Posted January 18, 2022 So you want to spawn the cmd below the explorer.exe. Like if the explorer.exe itself had created the cmd process. No clue how that would work code wise, but why would you want that to happen anyway? just curious. Amateur Coder - UDF's _storageS-UDF , _netcode-UDF (_netcode_Core-UDF, _netcode_AddonCore-UDF, _netcode_Proxy-UDF, _netcode_Relay-UDF, _netcode_Router-UDF)
tubaba Posted January 19, 2022 Author Posted January 19, 2022 (edited) Because some software will detect its parent process at startup, I just want to learn the implementation method, but I don't have this requirement😉. from a topic: 用AU3启动网银exe后登陆提示签名验签错误 Edited January 19, 2022 by tubaba
tubaba Posted January 19, 2022 Author Posted January 19, 2022 (edited) maybe the StartupInfoEx struct like bellow struct _ProThreadAttrItem { DWORD dwFlags; DWORD cbBufSize; HANDLE* pHandleBuf; }; struct _ProcThreadAttrHeader { DWORD dwMark; DWORD dwTotalNum; DWORD dwCurNum; DWORD dwUnknown; _ProThreadAttrItem* lpLast; }; struct _StartupInfoExW { STARTUPINFOW si; _ProcThreadAttrHeader* pEx; }; Edited January 20, 2022 by tubaba
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now