WildByDesign Posted yesterday at 11:40 AM Posted yesterday at 11:40 AM This topic has been around before but not much within the last decade. There was an older script _RunWithReducedPrivileges.au3 by @Ascend4nt but it no longer works. It's possible that it was like many scripts that worked on x86 but don't work now that everything is x64. Goal: I have a main script that runs elevated. It also spawns the GUI script which, due to the main script being elevated. runs elevated as well. I would like to spawn the GUI script with reduced privileges because it really just doesn't need to run elevated. Is there a function to do this that works on 64-bit machines as well? Thank you. By the way, I spent a few hours last night searching the forum and reading some threads on this topic. I also spent some time this morning as well. I have to be honest, the forum search functionality misses so much great stuff no matter how crafty your search words are. I find that searching the forum from Google provides significantly better results and finds stuff that I couldn't find with the forum's own search. Without a doubt, this forum is a gold mine of information.
Solution Nine Posted 23 hours ago Solution Posted 23 hours ago Here (tested both x86 and x64) expandcollapse popup; From Nine #RequireAdmin #AutoIt3Wrapper_UseX64=y #include <WinAPI.au3> Example() Func Example() Local $iPID = RunLow(@ComSpec, " /k Title Low") ConsoleWrite($iPID & " : " & IsProcessElevated($iPID) & @CRLF) EndFunc ;==>Example Func IsProcessElevated($iPID) Local $aRet, $iError = 0 Local $hProcess = _WinAPI_OpenProcess($PROCESS_QUERY_LIMITED_INFORMATION, False, $iPID, True) If Not $hProcess Then Return SetError(1, 0, False) Local $hToken = _WinAPI_OpenProcessToken($TOKEN_QUERY, $hProcess) If Not $hToken Then $iError = 2 Else $aRet = DllCall('advapi32.dll', 'bool', 'GetTokenInformation', 'handle', $hToken, 'uint', 20, 'uint*', 0, 'dword', 4, 'dword*', 0) ; TOKEN_ELEVATION If @error Or Not $aRet[0] Then $iError = 3 EndIf _WinAPI_CloseHandle($hToken) _WinAPI_CloseHandle($hProcess) If $iError Then Return SetError($iError, 0, False) Return $aRet[3] = 1 EndFunc ;==>IsProcessElevated Func RunLow($sPath, $sCmd = "") Local $hProcess = _WinAPI_OpenProcess($PROCESS_QUERY_INFORMATION, False, ProcessExists("explorer.exe")) Local $hToken = _WinAPI_OpenProcessToken($TOKEN_DUPLICATE, $hProcess) Local $hDupToken = _WinAPI_DuplicateTokenEx($hToken, $TOKEN_ALL_ACCESS, $SECURITYIMPERSONATION) Local $tSTARTUPINFO = DllStructCreate($tagSTARTUPINFO) $tSTARTUPINFO.Size = DllStructGetSize($tSTARTUPINFO) Local $tPROCESS = DllStructCreate($tagPROCESS_INFORMATION) _WinAPI_CreateProcessWithToken($sPath, $sCmd, 0, $tSTARTUPINFO, $tPROCESS, $hDupToken) _WinAPI_CloseHandle($hDupToken) _WinAPI_CloseHandle($hToken) _WinAPI_CloseHandle($hProcess) Return $tPROCESS.ProcessID EndFunc ;==>RunLow ioa747 1 “They did not know it was impossible, so they did it” ― Mark Twain Spoiler Block all input without UAC Save/Retrieve Images to/from Text Monitor Management (VCP commands) Tool to search in text (au3) files Date Range Picker Virtual Desktop Manager Sudoku Game 2020 Overlapped Named Pipe IPC HotString 2.0 - Hot keys with string x64 Bitwise Operations Multi-keyboards HotKeySet Recursive Array Display Fast and simple WCD IPC Multiple Folders Selector Printer Manager GIF Animation (cached) Debug Messages Monitor UDF Screen Scraping Round Corner GUI UDF Multi-Threading Made Easy Interface Object based on Tag
WildByDesign Posted 21 hours ago Author Posted 21 hours ago 2 hours ago, Nine said: Here (tested both x86 and x64) This is pure gold! The IsProcessElevated() function is also fantastic. Thank you so much. As you said, it works perfectly on x86 and x64. By the way, related to this, I was able to integrate your WCD_IPC UDF into my engine script which is actually a multi-process engine. Your UDF was the only one light enough and fast enough to do the job. I actually ended up creating a "broker" process for my multi-process engine and that is where I put your IPC server function. And now with the help of your RunLow() function, I can drop the privileges of the GUI and the GUI can still control the elevated "broker" process and therefore also control the various processes. Your willingness to help combined with your abilities to educate others on this forum are absolutely top-notch! Nine 1
WildByDesign Posted 15 hours ago Author Posted 15 hours ago I've just extended the script to allow specifying the current directory: expandcollapse popup; From Nine #RequireAdmin #AutoIt3Wrapper_UseX64=y #include <WinAPI.au3> Example() Func Example() Local $iPID = RunLow(@ComSpec, " /k Title Low", @ScriptDir) ConsoleWrite($iPID & " : " & IsProcessElevated($iPID) & @CRLF) EndFunc ;==>Example Func IsProcessElevated($iPID) Local $aRet, $iError = 0 Local $hProcess = _WinAPI_OpenProcess($PROCESS_QUERY_LIMITED_INFORMATION, False, $iPID, True) If Not $hProcess Then Return SetError(1, 0, False) Local $hToken = _WinAPI_OpenProcessToken($TOKEN_QUERY, $hProcess) If Not $hToken Then $iError = 2 Else $aRet = DllCall('advapi32.dll', 'bool', 'GetTokenInformation', 'handle', $hToken, 'uint', 20, 'uint*', 0, 'dword', 4, 'dword*', 0) ; TOKEN_ELEVATION If @error Or Not $aRet[0] Then $iError = 3 EndIf _WinAPI_CloseHandle($hToken) _WinAPI_CloseHandle($hProcess) If $iError Then Return SetError($iError, 0, False) Return $aRet[3] = 1 EndFunc ;==>IsProcessElevated Func RunLow($sPath, $sCmd = "", $sWorkDir = "") Local $hProcess = _WinAPI_OpenProcess($PROCESS_QUERY_INFORMATION, False, ProcessExists("explorer.exe")) Local $hToken = _WinAPI_OpenProcessToken($TOKEN_DUPLICATE, $hProcess) Local $hDupToken = _WinAPI_DuplicateTokenEx($hToken, $TOKEN_ALL_ACCESS, $SECURITYIMPERSONATION) Local $tSTARTUPINFO = DllStructCreate($tagSTARTUPINFO) $tSTARTUPINFO.Size = DllStructGetSize($tSTARTUPINFO) Local $tPROCESS = DllStructCreate($tagPROCESS_INFORMATION) ;_WinAPI_CreateProcessWithToken($sPath, $sCmd, 0, $tSTARTUPINFO, $tPROCESS, $hDupToken) _WinAPI_CreateProcessWithToken($sPath, $sCmd, 0, $tSTARTUPINFO, $tPROCESS, $hDupToken, 0, 0, $sWorkDir) _WinAPI_CloseHandle($hDupToken) _WinAPI_CloseHandle($hToken) _WinAPI_CloseHandle($hProcess) Return $tPROCESS.ProcessID EndFunc ;==>RunLow
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now