Пример #1
0
void Process::load()
{
	STARTUPINFO si;
	memset(&si,0,sizeof si);
	si.cb = sizeof si;
	si.dwFlags = STARTF_USESHOWWINDOW;
	si.wShowWindow = showFlags;
	if (usehandles) {
		si.hStdInput = stdinFile;
		si.hStdOutput = stdoutFile;
		si.hStdError = stdoutFile;
		si.dwFlags |= STARTF_USESTDHANDLES;
	}

	DWORD flags = CREATE_SUSPENDED | CREATE_NEW_CONSOLE | CREATE_BREAKAWAY_FROM_JOB;

	CAccessToken myToken, userToken, restrictedToken;
	tryApi(_T("GetProcessToken"),
		myToken.GetProcessToken(TOKEN_ALL_ACCESS));

	if (user.length() != 0) {
		userToken.Attach(LogonService::instance()->logon(user,password));

		CSid logonSid;
		tryApi(_T("GetLogonSid"),
			userToken.GetLogonSid(&logonSid));
		desktop->setAccess(logonSid);
	}

	std::_string desktopName = desktop->fullname();
	si.lpDesktop = const_cast<LPTSTR>(desktopName.c_str());

	if (user.length() != 0) {
		CTokenGroups groups;
		tryApi(_T("GetTokenInformation"),
			userToken.GetGroups(&groups));
		CSid::CSidArray sids;
		groups.GetSidsAndAttributes(&sids);
		groups.DeleteAll();
		for (size_t i=0; i<sids.GetCount(); ++i) groups.Add(sids[i],0);
		tryApi(_T("CreateRestrictedToken"),
			myToken.CreateRestrictedToken(&restrictedToken,CTokenGroups(),groups));
//			myToken.CreateRestrictedToken(&restrictedToken,CTokenGroups(),CTokenGroups()));//groups));
	} else {
		restrictedToken.Attach(myToken.Detach());
	}
	std::_string curdir;
	if (user.length() != 0) {
		tryApi(_T("CreateProcessAsUser"),
			CreateProcessAsUser(restrictedToken.GetHandle(),NULL,const_cast<LPTSTR>(cmdline.c_str()),NULL,NULL,usehandles,flags,NULL,NULL,&si,&pi) != 0);
	} else {
		tryApi(_T("CreateProcess"),
			CreateProcess(NULL,const_cast<LPTSTR>(cmdline.c_str()),NULL,NULL,usehandles,flags,NULL,NULL,&si,&pi) != 0);
	}
}
Пример #2
0
void DumpGroups(CTokenGroups& groups)
{
	CIndent scope;

	CSid::CSidArray sids;
	CAtlArray<DWORD> attrs;

	groups.GetSidsAndAttributes(&sids, &attrs);

	ATLASSERT(groups.GetCount() == sids.GetCount());
	ATLASSERT(groups.GetCount() == attrs.GetCount());

	Log(_T("Group Count: %d"), groups.GetCount());
	for (UINT i=0; i<groups.GetCount(); i++)
	{
		Log(_T("Group %d:"), i);
		Log(_T("Sid:"));
		DumpSid(sids[i]);
		Log(_T("Attributes:"));
		DumpGroupAttributes(attrs[i]);
	}
}