Closed Jamesits closed 6 years ago
Caveat:
[DllImport("advapi32.dll", SetLastError=true, CharSet=CharSet.Auto)]
static extern bool CreateProcessAsUser(
IntPtr hToken,
string lpApplicationName,
string lpCommandLine,
ref SECURITY_ATTRIBUTES lpProcessAttributes,
ref SECURITY_ATTRIBUTES lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
string lpCurrentDirectory,
ref STARTUPINFO lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
lpCommandLine
must have a space as the first character, otherwise it will fail and return error 123. Also it is recommended to write "{Program Path}" --args
as lpCommandLine
(otherwise the first argument will not be the program path itself, may cause some program to fail).
Problem:
Process.Start()
insideWindowsIdentity.Impersonate()
(the process will be created using the original identity).CreateProcessAsUser
allows you to achieve this, but stdout/stderr redirection and events doesn't workSolution:
CreateProcessAsUser
to run another instance of SvcGuest.exeProcess.Start()