/// <summary>
/// Create a processes with an access token of another user requires
/// us to modify the desktop ACL to allow everybody to have access to it.
///
/// This requires the SeSecurityPrivilege.
/// This code has been heavily inspired/taken from Invoke-TokenManipulation.
/// </summary>
private void InnerSetDesktopACL()
{
this.InnerElevateProcess(PrivilegeConstants.SeSecurityPrivilege);
var winAccess = (uint)ACCESS_MASK.ACCESS_SYSTEM_SECURITY;
winAccess |= (uint)ACCESS_MASK.WRITE_DAC;
winAccess |= (uint)ACCESS_MASK.READ_CONTROL;
IntPtr hWinSta = User32.OpenWindowStation("WinSta0", false, winAccess);
if (hWinSta == IntPtr.Zero)
{
Logger.GetInstance().Error($"Failed to open handle to window station. OpenWindowStation failed with error code: {Kernel32.GetLastError()}");
throw new Exception();
}
Logger.GetInstance().Debug("Configuring the current Window Station ACL to allow everyone all access.");
this.InnerSetACLAllowEveryone(hWinSta);
if (!User32.CloseWindowStation(hWinSta))
{
Logger.GetInstance().Error($"Failed to release handle to window station. CloseWindowStation failed with error code: {Kernel32.GetLastError()}");
throw new Exception();
}
var desktopAccess = Constants.DESKTOP_GENERIC_ALL | (uint)ACCESS_MASK.WRITE_DAC;
IntPtr hDesktop = User32.OpenDesktop("default", 0, false, desktopAccess);
if (hDesktop == IntPtr.Zero)
{
Logger.GetInstance().Error($"Failed to open handle to the default desktop. OpenDesktop failed with error code: {Kernel32.GetLastError()}");
throw new Exception();
}
Logger.GetInstance().Debug("Configuring the current desktop ACL to allow everyone all access.");
this.InnerSetACLAllowEveryone(hDesktop);
if (!User32.CloseDesktop(hDesktop))
{
Logger.GetInstance().Error($"Failed to close handle to the default desktop. CloseDesktop failed with error code: {Kernel32.GetLastError()}");
}
}
