internal Win32Process(PROCESS_INFORMATION proc_info) { Process = NtProcess.FromHandle(new SafeKernelObjectHandle(proc_info.hProcess, true)); Thread = NtThread.FromHandle(new SafeKernelObjectHandle(proc_info.hThread, true)); Pid = proc_info.dwProcessId; Tid = proc_info.dwThreadId; }
internal Win32Process(PROCESS_INFORMATION proc_info, bool terminate_on_dispose) { Process = NtProcess.FromHandle(new SafeKernelObjectHandle(proc_info.hProcess, true)); Thread = NtThread.FromHandle(new SafeKernelObjectHandle(proc_info.hThread, true)); Pid = proc_info.dwProcessId; Tid = proc_info.dwThreadId; TerminateOnDispose = terminate_on_dispose; }
static void CallMethod(NtProcess proc, IntPtr entry_point, IntPtr arg_ptr) { using (var load_thread = NtThread.FromHandle(CreateRemoteThread(proc.Handle, IntPtr.Zero, IntPtr.Zero, entry_point, arg_ptr, 0, null))) { load_thread.Wait(); } }
public static bool StartProcessAsCurrentUser(string appPath, NtJob job) { var hUserToken = IntPtr.Zero; var startInfo = new STARTUPINFO(); var procInfo = new PROCESS_INFORMATION(); var pEnv = IntPtr.Zero; int iResultOfCreateProcessAsUser; startInfo.cb = Marshal.SizeOf(typeof(STARTUPINFO)); try { if (!GetSessionUserToken(out hUserToken)) { throw new Exception("StartProcessAsCurrentUser: GetSessionUserToken failed."); } uint dwCreationFlags = CREATE_UNICODE_ENVIRONMENT | CREATE_SUSPENDED | CREATE_NEW_CONSOLE; startInfo.wShowWindow = (short)(SW.SW_SHOW); startInfo.lpDesktop = @"winsta0\default"; if (!CreateEnvironmentBlock(ref pEnv, hUserToken, false)) { throw new Exception("StartProcessAsCurrentUser: CreateEnvironmentBlock failed."); } if (!CreateProcessAsUser(hUserToken, appPath, // Application Name null, IntPtr.Zero, IntPtr.Zero, false, dwCreationFlags, pEnv, null, ref startInfo, out procInfo)) { iResultOfCreateProcessAsUser = Marshal.GetLastWin32Error(); throw new Exception("StartProcessAsCurrentUser: CreateProcessAsUser failed. Error Code -" + iResultOfCreateProcessAsUser); } job.AssignProcess(NtProcess.FromHandle(procInfo.hProcess)); NtThread.FromHandle(procInfo.hThread).Resume(); iResultOfCreateProcessAsUser = Marshal.GetLastWin32Error(); } finally { CloseHandle(hUserToken); if (pEnv != IntPtr.Zero) { DestroyEnvironmentBlock(pEnv); } CloseHandle(procInfo.hThread); CloseHandle(procInfo.hProcess); } return(true); }
static NtProcess LaunchAdminProcess(string executable, string cmdline, StartFlags flags, CreateProcessFlags create_flags, string desktop) { StartAppinfoService(); using (Client client = new Client()) { client.Connect(); create_flags |= CreateProcessFlags.UnicodeEnvironment; Struct_0 start_info = new Struct_0(); int retval = client.RAiLaunchAdminProcess(executable, cmdline, (int)flags, (int)create_flags, @"c:\windows", desktop, start_info, new NdrUInt3264(GetDesktopWindow()), -1, out Struct_2 proc_info, out int elev_type); if (retval != 0) { throw new Win32Exception(retval); } using (var thread = NtThread.FromHandle(new IntPtr(proc_info.Member8.Value))) { return(NtProcess.FromHandle(new IntPtr(proc_info.Member0.Value))); } } }