Ejemplo n.º 1
0
        public TokenProvider Duplicate(uint desiredAccess = 0x02000000)
        {
            if (!TokensApi.DuplicateTokenEx(Token.DangerousGetHandle(), desiredAccess, IntPtr.Zero,
                                            SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation, TOKEN_TYPE.TokenPrimary, out var newToken))
            {
                throw new Win32Exception();
            }

            Token.Close();
            Token = newToken;
            return(this);
        }
Ejemplo n.º 2
0
        public static Process StartWithProcessToken(int pidWithToken, string appToRun, string args, string startupFolder, bool hidden)
        {
            IntPtr existingProcessHandle = OpenProcess(PROCESS_QUERY_INFORMATION, true, (uint)pidWithToken);

            if (existingProcessHandle == IntPtr.Zero)
            {
                return(null);
            }

            IntPtr existingProcessToken, newToken;

            try
            {
                if (!OpenProcessToken(existingProcessHandle, TOKEN_DUPLICATE, out existingProcessToken))
                {
                    return(null);
                }
            }
            finally
            {
                CloseHandle(existingProcessHandle);
            }
            if (existingProcessToken == IntPtr.Zero)
            {
                return(null);
            }

            var        sa = new SECURITY_ATTRIBUTES();
            const uint MAXIMUM_ALLOWED = 0x02000000;

            if (!TokensApi.DuplicateTokenEx(existingProcessToken, MAXIMUM_ALLOWED, ref sa, SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation, TOKEN_TYPE.TokenPrimary, out newToken))
            {
                return(null);
            }

            var STARTF_USESHOWWINDOW = 0x00000001;
            var startupInfo          = new STARTUPINFO()
            {
                cb          = (int)Marshal.SizeOf(typeof(STARTUPINFO)),
                dwFlags     = STARTF_USESHOWWINDOW,
                wShowWindow = (short)(hidden ? 0 : 1),
            };

            PROCESS_INFORMATION processInformation;

            if (!CreateProcessWithTokenW(newToken, 0, appToRun, $"{appToRun} {args}", 0, IntPtr.Zero, startupFolder, ref startupInfo, out processInformation))
            {
                return(null);
            }
            return(Process.GetProcessById(processInformation.dwProcessId));
        }
Ejemplo n.º 3
0
        public TokenProvider GetLinkedToken(uint desiredAccess = MAXIMUM_ALLOWED)
        {
            // Now we allocate a buffer for the integrity level information.
            int cb           = Marshal.SizeOf <TOKEN_LINKED_TOKEN>();
            var pLinkedToken = Marshal.AllocHGlobal(cb);

            if (pLinkedToken == IntPtr.Zero)
            {
                throw new Win32Exception();
            }

            try
            {
                // Now we ask for the integrity level information again. This may fail
                // if an administrator has added this account to an additional group
                // between our first call to GetTokenInformation and this one.
                if (!TokensApi.GetTokenInformation(Token.DangerousGetHandle(),
                                                   TokensApi.TOKEN_INFORMATION_CLASS.TokenLinkedToken, pLinkedToken, cb,
                                                   out cb))
                {
                    throw new Win32Exception();
                }

                // Marshal the TOKEN_MANDATORY_LABEL struct from native to .NET object.
                TOKEN_LINKED_TOKEN linkedTokenStruct = (TOKEN_LINKED_TOKEN)
                                                       Marshal.PtrToStructure(pLinkedToken, typeof(TOKEN_LINKED_TOKEN));

                var sa = new SECURITY_ATTRIBUTES();
                sa.nLength = 0;

                SafeTokenHandle newToken;

                if (!TokensApi.DuplicateTokenEx(linkedTokenStruct.LinkedToken, desiredAccess, IntPtr.Zero,
                                                SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation, TOKEN_TYPE.TokenPrimary, out newToken))
                {
                    throw new Win32Exception();
                }

                CloseHandle(linkedTokenStruct.LinkedToken);
                this.Token.Close();
                this.Token = newToken;
            }
            finally
            {
                Marshal.FreeHGlobal(pLinkedToken);
            }

            return(this);
        }
Ejemplo n.º 4
0
        public static TokenProvider CreateFromProcessToken(int pidWithToken, uint tokenAccess = MAXIMUM_ALLOWED)
        {
            IntPtr existingProcessHandle = OpenProcess(PROCESS_QUERY_INFORMATION, true, (uint)pidWithToken);

            if (existingProcessHandle == IntPtr.Zero)
            {
                throw new Win32Exception();
            }

            IntPtr existingProcessToken;

            try
            {
                if (!ProcessApi.OpenProcessToken(existingProcessHandle,
                                                 MAXIMUM_ALLOWED
                                                 //| TOKEN_ALL_ACCESS,
                                                 //| TOKEN_DUPLICATE
                                                 //| TokensApi.TOKEN_ADJUST_DEFAULT |
                                                 //| TokensApi.TOKEN_QUERY
                                                 //| TokensApi.TOKEN_ASSIGN_PRIMARY
                                                 //| TOKEN_QUERY_SOURCE
                                                 //| TOKEN_IMPERSONATE
                                                 //| TOKEN_READ
                                                 //| TOKEN_ALL_ACCESS ==> access denied
                                                 //| STANDARD_RIGHTS_REQUIRED ==> access denied.
                                                 ,
                                                 out existingProcessToken))
                {
                    throw new Win32Exception();
                }
            }
            finally
            {
                CloseHandle(existingProcessHandle);
            }

            if (existingProcessToken == IntPtr.Zero)
            {
                return(null);
            }

            var sa = new SECURITY_ATTRIBUTES();

            sa.nLength = 0;
            uint desiredAccess = MAXIMUM_ALLOWED;

            SafeTokenHandle newToken;

            if (!TokensApi.DuplicateTokenEx(existingProcessToken, desiredAccess, IntPtr.Zero,
                                            SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation, TOKEN_TYPE.TokenPrimary, out newToken))
            {
                CloseHandle(existingProcessToken);
                throw new Win32Exception();
            }

            CloseHandle(existingProcessToken);

            return(new TokenProvider()
            {
                Token = newToken
            });
        }