Пример #1
0
        static void Main(string[] args)
        {
            #region WInAPIMarshal을 이용한 방식
            var p = new ProcessWMI();
            //p.Privilege_Up();
            foreach (var info in p.GetProcessList())
            {
                Console.WriteLine($"ProcessName = {info.ProcessNameWithExtension}, Path = {info.ProcessPath}");
            }
            #endregion

            var a = p.GetProcessList();


            //Console.WriteLine(a.Where(pp => pp.ProcessNameWithExtension.IndexOf("winlogon.exe") != -1).Count());
        }
Пример #2
0
        public bool CreateProcessInConsoleSession(string CommandLine, int sessionID, bool bElevate = true) //서비스 모드에서만 사용 가능
        {
            var    pWmi = new ProcessWMI();
            bool   findwinlogon = false;
            bool   bResult = false;
            uint   dwSessionId, winlogonPid = 0;
            IntPtr hUserTokenDup = IntPtr.Zero, hPToken = IntPtr.Zero, hProcess = IntPtr.Zero;

            if (sessionID != -1)
            {
                dwSessionId = (uint)sessionID;
            }
            else
            {
                // Log the client on to the local computer.
                dwSessionId = WTSGetActiveConsoleSessionId();
            }
            var getProcessList = pWmi.GetProcessList();

            findwinlogon = getProcessList.Where(p => p.ProcessNameWithExtension.ToLower().Equals("winlogon.exe")).Count() != 0;
            if (findwinlogon)
            {
                winlogonPid = (uint)(getProcessList.Where(p => p.ProcessNameWithExtension.ToLower().Equals("winlogon.exe")).First().SessionId);
                Debug.WriteLine("winlogonPid = " + winlogonPid.ToString());
                STARTUPINFO si = new STARTUPINFO();
                si.cb = (int)Marshal.SizeOf(si);
                //si.lpDesktop = "winsta0\\default";
                si.lpDesktop = "winsta0\\default";
                TOKEN_PRIVILEGES tp   = new TOKEN_PRIVILEGES();
                LUID             luid = new LUID();
                hProcess = OpenProcess(MAXIMUM_ALLOWED, false, winlogonPid);

                if (!OpenProcessToken(hProcess, TOKEN_ALL_ACCESS | TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY | TOKEN_DUPLICATE | TOKEN_ASSIGN_PRIMARY
                                      | TOKEN_ADJUST_SESSIONID | TOKEN_READ | TOKEN_WRITE, ref hPToken))
                {
                    Debug.WriteLine(String.Format("CreateProcessInConsoleSession OpenProcessToken error: {0}", Marshal.GetLastWin32Error()));
                }

                if (!LookupPrivilegeValue(IntPtr.Zero, SE_TCB_NAME /*SE_DEBUG_NAME*/, ref luid))
                {
                    Debug.WriteLine(String.Format("CreateProcessInConsoleSession LookupPrivilegeValue error: {0}", Marshal.GetLastWin32Error()));
                }

                tp.PrivilegeCount = 1;
                tp.Privileges     = new int[3];
                tp.Privileges[2]  = SE_PRIVILEGE_ENABLED;
                tp.Privileges[1]  = luid.HighPart;
                tp.Privileges[0]  = luid.LowPart;

                SECURITY_ATTRIBUTES sa = new SECURITY_ATTRIBUTES();
                sa.Length = Marshal.SizeOf(sa);

                if (!DuplicateTokenEx(hPToken, MAXIMUM_ALLOWED, ref sa, (int)SECURITY_IMPERSONATION_LEVEL.SecurityIdentification, (int)TOKEN_TYPE.TokenPrimary, ref hUserTokenDup))
                {
                    Debug.WriteLine(String.Format("CreateProcessInConsoleSession DuplicateTokenEx error: {0} Token does not have the privilege.", Marshal.GetLastWin32Error()));
                    CloseHandle(hProcess);
                    CloseHandle(hPToken);
                    return(false);
                }

                if (bElevate)
                {
                    //tp.Privileges[0].Luid = luid;
                    //tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

                    tp.PrivilegeCount = 1;
                    tp.Privileges     = new int[3];
                    tp.Privileges[2]  = SE_PRIVILEGE_ENABLED;
                    tp.Privileges[1]  = luid.HighPart;
                    tp.Privileges[0]  = luid.LowPart;

                    //Adjust Token privilege
                    if (!SetTokenInformation(hUserTokenDup, TOKEN_INFORMATION_CLASS.TokenSessionId, dwSessionId, (uint)IntPtr.Size))
                    {
                        Debug.WriteLine(String.Format("CreateProcessInConsoleSession SetTokenInformation error: {0} Token does not have the privilege.", Marshal.GetLastWin32Error()));
                        //yCloseHandle(hProcess);
                        //CloseHandle(hPToken);
                        //CloseHandle(hUserTokenDup);
                        //return false;
                    }
                    if (!AdjustTokenPrivileges(hUserTokenDup, false, ref tp, Marshal.SizeOf(tp), /*(PTOKEN_PRIVILEGES)*/ IntPtr.Zero, IntPtr.Zero))
                    {
                        int nErr = Marshal.GetLastWin32Error();

                        if (nErr == ERROR_NOT_ALL_ASSIGNED)
                        {
                            Debug.WriteLine(String.Format("CreateProcessInConsoleSession AdjustTokenPrivileges error: {0} Token does not have the privilege.", nErr));
                        }
                        else
                        {
                            Debug.WriteLine(String.Format("CreateProcessInConsoleSession AdjustTokenPrivileges error: {0}", nErr));
                        }
                    }
                }

                uint   dwCreationFlags = CREATE_UNICODE_ENVIRONMENT;//NORMAL_PRIORITY_CLASS | CREATE_NEW_CONSOLE;
                IntPtr pEnv            = IntPtr.Zero;
                if (CreateEnvironmentBlock(ref pEnv, hUserTokenDup, true))
                {
                    //dwCreationFlags |= CREATE_UNICODE_ENVIRONMENT;
                }
                else
                {
                    pEnv = IntPtr.Zero;
                }
                PROCESS_INFORMATION pi;
                // Launch the process in the client's logon session.
                bResult = CreateProcessAsUser(hUserTokenDup,          // client's access token
                                              null,                   // file to execute
                                              CommandLine,            // command line
                                              ref sa,                 // pointer to process SECURITY_ATTRIBUTES
                                              ref sa,                 // pointer to thread SECURITY_ATTRIBUTES
                                              false,                  // handles are not inheritable
                                              (int)dwCreationFlags,   // creation flags
                                              pEnv,                   // pointer to new environment block
                                              null,                   // name of current directory
                                              ref si,                 // pointer to STARTUPINFO structure
                                              out pi                  // receives information about new process
                                              );
                // End impersonation of client.

                //GetLastError should be 0
                int iResultOfCreateProcessAsUser = Marshal.GetLastWin32Error();

                //Close handles task
                CloseHandle(hProcess);
                CloseHandle(hUserTokenDup);
                CloseHandle(hPToken);

                return((iResultOfCreateProcessAsUser == 0) ? true : false);
            }
            else
            {
                ProcessStartInfo proc = new ProcessStartInfo
                {
                    UseShellExecute = true,
                    FileName        = CommandLine,
                    Verb            = "runas",
                };
                Process.Start(proc);
                return(true);
            }
        }