////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
private static Boolean CreateProcessWithTokenW(IntPtr phNewToken, String name, String arguments)
{
Console.WriteLine("[*] CreateProcessWithTokenW");
IntPtr lpProcessName = Marshal.StringToHGlobalUni(name);
IntPtr lpProcessArgs = Marshal.StringToHGlobalUni(name);
Structs._STARTUPINFO startupInfo = new Structs._STARTUPINFO();
startupInfo.cb = (UInt32)Marshal.SizeOf(typeof(Structs._STARTUPINFO));
Structs._PROCESS_INFORMATION processInformation = new Structs._PROCESS_INFORMATION();
if (!Unmanaged.CreateProcessWithTokenW(
phNewToken,
Enums.LOGON_FLAGS.NetCredentialsOnly,
lpProcessName,
lpProcessArgs,
Enums.CREATION_FLAGS.NONE,
IntPtr.Zero,
IntPtr.Zero,
ref startupInfo,
out processInformation
))
{
GetError("CreateProcessWithTokenW: ");
return(false);
}
Console.WriteLine(" [+] Created process: " + processInformation.dwProcessId);
Console.WriteLine(" [+] Created thread: " + processInformation.dwThreadId);
return(true);
}
