在服务中创建用户进程的方法(C#版)
2016-06-20 00:00
417 查看
Windows NT/2000提供了一个函数CreateProcessAsUser,它的功能类似于CreateProcess函数,所不同的是CreateProcessAsUser创建的新进程能以用户(任何用户)的安全上下文方式运行。
1
//
PlatformInvoke Stuff
2
[StructLayout(LayoutKind.Sequential)]
3
struct
STARTUPINFO
4
{
5
public
Int32 cb;
6
[MarshalAs(UnmanagedType.LPTStr)]
7
public
String lpReserved;
8
[MarshalAs(UnmanagedType.LPTStr)]
9
public
String lpDesktop;
10
[MarshalAs(UnmanagedType.LPTStr)]
11
public
String lpTitle;
12
public
UInt32 dwX;
13
public
UInt32 dwY;
14
public
UInt32 dwXSize;
15
public
UInt32 dwYSize;
16
public
UInt32 dwXCountChars;
17
public
UInt32 dwYCountChars;
18
public
UInt32 dwFillAttribute;
19
public
UInt32 dwFlags;
20
public
Int16 wShowWindow;
21
public
Int16 cbReserved2;
22
public
IntPtr lpReserved2;
23
public
HandleRef hStdInput;
24
public
HandleRef hStdOutput;
25
public
HandleRef hStdError;
26
}
27
28
const
int
NORMAL_PRIORITY_CLASS
=
0x00000020
;
29
30
struct
PROCESS_INFORMATION
31
{
32
public
HandleRef hProcess;
33
public
HandleRef hThread;
34
public
UInt32 dwProcessId;
35
public
UInt32 dwThreadId;
36
}
37
38
struct
SECURITY_ATTRIBUTES
39
{
40
public
UInt32 nLength;
41
public
IntPtr lpSecurityDescriptor;
42
public
Boolean bInheritHandle;
43
}
44
45
[DllImport(
"
advapi32.dll
"
, CharSet
=
CharSet.Unicode)]
46
static
extern
Boolean CreateProcessAsUser(
47
IntPtr hToken,
48
String lpApplicationName,
49
String lpCommandLine,
50
IntPtr lpProcessAttributes,
51
IntPtr lpThreadAttributes,
52
Boolean bInheritHandles,
53
UInt32 dwCreationFlags,
54
IntPtr lpEnvironment,
55
String lpCurrentDirectory,
56
ref
STARTUPINFO lpStartupInfo,
57
out
PROCESS_INFORMATION lpProcessInformation);
58
59
[DllImport(
"
advapi32.dll
"
, CharSet
=
CharSet.Unicode)]
60
static
extern
Boolean LogonUser(
61
String lpszUsername,
62
String lpszDomain,
63
String lpszPassword,
64
Int32 dwLogonType,
65
Int32 dwLogonProvider,
66
ref
IntPtr phToken
67
);
68
const
int
LOGON32_LOGON_INTERACTIVE
=
2
;
69
70
public
void
Execute(
string
File)
71
{
72
try
73
{
74
//
unsafe
75
{
76
PROCESS_INFORMATION pi
=
new
PROCESS_INFORMATION();
77
78
STARTUPINFO si
=
new
STARTUPINFO();
79
si.cb
=
Marshal.SizeOf(si);
80
si.lpDesktop
=
"
winsta0\\default
"
;
81
82
IntPtr hToken
=
new
IntPtr(
0
);
83
if
(LogonUser(
"
auser
"
,
"
mydomain
"
,
"
Passw0rd!
"
,
84
LOGON32_LOGON_INTERACTIVE,
0
,
ref
hToken))
85
{
86
Boolean bResult
=
CreateProcessAsUser(
87
hToken,
88
File,
//
file to execute
89
null
,
//
command line
90
IntPtr.Zero,
//
pointer to process SECURITY_ATTRIBUTES
91
IntPtr.Zero,
//
pointer to thread SECURITY_ATTRIBUTES
92
false
,
//
handles are not inheritable
93
0
,
//
creation flags
94
IntPtr.Zero,
//
pointer to new environment block
95
null
,
//
name of current directory
96
ref
si,
//
pointer to STARTUPINFO structure
97
out
pi
//
receives information about new process
98
);
99
100
if
(bResult)
101
{
102
}
103
}
104
}
105
}
106
catch
(Exception e)
107
{
108
}
109
}
1
//
PlatformInvoke Stuff
2
[StructLayout(LayoutKind.Sequential)]
3
struct
STARTUPINFO
4
{
5
public
Int32 cb;
6
[MarshalAs(UnmanagedType.LPTStr)]
7
public
String lpReserved;
8
[MarshalAs(UnmanagedType.LPTStr)]
9
public
String lpDesktop;
10
[MarshalAs(UnmanagedType.LPTStr)]
11
public
String lpTitle;
12
public
UInt32 dwX;
13
public
UInt32 dwY;
14
public
UInt32 dwXSize;
15
public
UInt32 dwYSize;
16
public
UInt32 dwXCountChars;
17
public
UInt32 dwYCountChars;
18
public
UInt32 dwFillAttribute;
19
public
UInt32 dwFlags;
20
public
Int16 wShowWindow;
21
public
Int16 cbReserved2;
22
public
IntPtr lpReserved2;
23
public
HandleRef hStdInput;
24
public
HandleRef hStdOutput;
25
public
HandleRef hStdError;
26
}
27
28
const
int
NORMAL_PRIORITY_CLASS
=
0x00000020
;
29
30
struct
PROCESS_INFORMATION
31
{
32
public
HandleRef hProcess;
33
public
HandleRef hThread;
34
public
UInt32 dwProcessId;
35
public
UInt32 dwThreadId;
36
}
37
38
struct
SECURITY_ATTRIBUTES
39
{
40
public
UInt32 nLength;
41
public
IntPtr lpSecurityDescriptor;
42
public
Boolean bInheritHandle;
43
}
44
45
[DllImport(
"
advapi32.dll
"
, CharSet
=
CharSet.Unicode)]
46
static
extern
Boolean CreateProcessAsUser(
47
IntPtr hToken,
48
String lpApplicationName,
49
String lpCommandLine,
50
IntPtr lpProcessAttributes,
51
IntPtr lpThreadAttributes,
52
Boolean bInheritHandles,
53
UInt32 dwCreationFlags,
54
IntPtr lpEnvironment,
55
String lpCurrentDirectory,
56
ref
STARTUPINFO lpStartupInfo,
57
out
PROCESS_INFORMATION lpProcessInformation);
58
59
[DllImport(
"
advapi32.dll
"
, CharSet
=
CharSet.Unicode)]
60
static
extern
Boolean LogonUser(
61
String lpszUsername,
62
String lpszDomain,
63
String lpszPassword,
64
Int32 dwLogonType,
65
Int32 dwLogonProvider,
66
ref
IntPtr phToken
67
);
68
const
int
LOGON32_LOGON_INTERACTIVE
=
2
;
69
70
public
void
Execute(
string
File)
71
{
72
try
73
{
74
//
unsafe
75
{
76
PROCESS_INFORMATION pi
=
new
PROCESS_INFORMATION();
77
78
STARTUPINFO si
=
new
STARTUPINFO();
79
si.cb
=
Marshal.SizeOf(si);
80
si.lpDesktop
=
"
winsta0\\default
"
;
81
82
IntPtr hToken
=
new
IntPtr(
0
);
83
if
(LogonUser(
"
auser
"
,
"
mydomain
"
,
"
Passw0rd!
"
,
84
LOGON32_LOGON_INTERACTIVE,
0
,
ref
hToken))
85
{
86
Boolean bResult
=
CreateProcessAsUser(
87
hToken,
88
File,
//
file to execute
89
null
,
//
command line
90
IntPtr.Zero,
//
pointer to process SECURITY_ATTRIBUTES
91
IntPtr.Zero,
//
pointer to thread SECURITY_ATTRIBUTES
92
false
,
//
handles are not inheritable
93
0
,
//
creation flags
94
IntPtr.Zero,
//
pointer to new environment block
95
null
,
//
name of current directory
96
ref
si,
//
pointer to STARTUPINFO structure
97
out
pi
//
receives information about new process
98
);
99
100
if
(bResult)
101
{
102
}
103
}
104
}
105
}
106
catch
(Exception e)
107
{
108
}
109
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 在服务中创建用户进程的方法(C#版)
- 在服务中创建用户进程的方法(C#版)
- VS2008插件CodeRush Xpress for C#
- c# 实现远程关机功能
- (原创)重学设计模式,总结C#细节 一 简单工厂模式
- C#生成静态两方法
- C#基类和派生类
- C#-params 有什么用?
- .net(c#)中Array和ArrayList的异同点
- C#-params 有什么用?
- C#中split的5种方法
- c# 学习笔记
- c#中泛型表达式树备忘
- C#中问号的用法(非表达式)
- C# 中的常用正则表达式总结
- C# DES
- C#复习⑤
- C#基础之yield与Singleton
- C#基础知识(三)——循环语句的介绍
- C#中的程序结构