CreateProcessasUser???

[waughp]

Hello,

I need an example on how to use CreateProcessasuser or CreateProcesswithLogonW. I would like to hardcode a user/password into a vb.net program (trusted and secure environment) so that I can have trusted people run cpl files (control Panels) as the local administrator, without knowing the password.

For Example, I would like my program to execute the system control panel as the local administrator automatically. Here is the code I have to start the system control panel so far:

PrivateSub cmdSystem_Click(ByVal sender AsObject, ByVal e As System.EventArgs) Handles cmdSystem.Click
Winpath = System.Environment. _

GetEnvironmentVariable("SystemRoot")

Fname = Winpath & "\system32\sysdm.cpl"

If System.IO.File.Exists(Fname) Then

System.Diagnostics.Process.Start(Fname)

Else

MsgBox("Control Panel not found!", 16, "Error")

EndIf

EndSub


I found this code, however, Im not sure how to make it work with a buttons click event.

Declare Function CreateProcessAsUser Lib "advapi32.dll" Alias "CreateProcessAsUserA" (ByVal hToken As Integer, ByVal lpApplicationName As String, ByVal lpCommandLine As String, ByVal lpProcessAttributes As SECURITY_ATTRIBUTES, ByVal lpThreadAttributes As SECURITY_ATTRIBUTES, ByVal bInheritHandles As Integer, ByVal dwCreationFlags As Integer, ByVal lpEnvironment As String, ByVal lpCurrentDirectory As String, ByVal lpStartupInfo As STARTUPINFO, ByVal lpProcessInformation As PROCESS_INFORMATION) As Integer

Structure PROCESS_INFORMATION
Dim hProcess As Integer
Dim hThread As Integer
Dim dwProcessId As Integer
Dim dwThreadId As Integer
End Structure

Structure STARTUPINFO
Dim cb As Integer
Dim lpReserved As String
Dim lpDesktop As String
Dim lpTitle As String
Dim dwX As Integer
Dim dwY As Integer
Dim dwXSize As Integer
Dim dwYSize As Integer
Dim dwXCountChars As Integer
Dim dwYCountChars As Integer
Dim dwFillAttribute As Integer
Dim dwFlags As Integer
Dim wShowWindow As Short
Dim cbReserved2 As Short
Dim lpReserved2 As Integer
Dim hStdInput As Integer
Dim hStdOutput As Integer
Dim hStdError As Integer
End Structure

Structure SECURITY_ATTRIBUTES
Dim nLength As Integer
Dim lpSecurityDescriptor As Integer
Dim bInheritHandle As Integer
End Structure


Any help is much appreciated! Thanks a lot!

Pat

P.S.

Im relatively new to vb.net so be gentle

 

[mskeel]

vb.net program (trusted and secure environment)

You may want to rethink this if you are looking for "trusted and secure." Do some research on IL, Intermediate Language, which is what all .Net code compiles to. It is actually really easy to crack (use ildasm.exe found in your visual studio .net bin) and then your user names and passwords will be immediately compirmised. Not that it would have been hard in win32 code but...

PrivateSub cmdSystem_Click(ByVal sender AsObject, ByVal e As System.EventArgs) Handles cmdSystem.Click
   Winpath = System.Environment. _

   GetEnvironmentVariable("SystemRoot")

   Fname = Winpath & "\system32\sysdm.cpl"

   If System.IO.File.Exists(Fname) Then
      System.Diagnostics.Process.Start(Fname)
   Else
      MsgBox("Control Panel not found!", 16, "Error")
   EndIf
EndSub

Declare Function CreateProcessAsUser Lib "advapi32.dll" Alias "CreateProcessAsUserA" (ByVal hToken As Integer, _
                                                                                      ByVal lpApplicationName As String, _
                                                                                      ByVal lpCommandLine As String, _
                                                                                      ByVal lpProcessAttributes As SECURITY_ATTRIBUTES, _
                                                                                      ByVal lpThreadAttributes As SECURITY_ATTRIBUTES, _
                                                                                      ByVal bInheritHandles As Integer, _
                                                                                      ByVal dwCreationFlags As Integer, _
                                                                                      ByVal lpEnvironment As String, ByVal lpCurrentDirectory As String, _
                                                                                      ByVal lpStartupInfo As STARTUPINFO, _
                                                                                      ByVal lpProcessInformation As PROCESS_INFORMATION) As Integer

   Structure PROCESS_INFORMATION
      Dim hProcess As Integer
      Dim hThread As Integer
      Dim dwProcessId As Integer
      Dim dwThreadId As Integer
   End Structure

   Structure STARTUPINFO
      Dim cb As Integer
      Dim lpReserved As String
      Dim lpDesktop As String
      Dim lpTitle As String
      Dim dwX As Integer
      Dim dwY As Integer
      Dim dwXSize As Integer
      Dim dwYSize As Integer
      Dim dwXCountChars As Integer
      Dim dwYCountChars As Integer
      Dim dwFillAttribute As Integer
      Dim dwFlags As Integer
      Dim wShowWindow As Short
      Dim cbReserved2 As Short
      Dim lpReserved2 As Integer
      Dim hStdInput As Integer
      Dim hStdOutput As Integer
      Dim hStdError As Integer
   End Structure

   Structure SECURITY_ATTRIBUTES
      Dim nLength As Integer
      Dim lpSecurityDescriptor As Integer
      Dim bInheritHandle As Integer
   End Structure

All youll have to do is put this stuff at the top of your class, populate those structs, and call CreateProcessAsUser in your button handler function. There should be some docuementation wherever you found this API that will help you fill out those structs.

As a n00b to .Net I would also like to point out to you that one of the great things about .Net is the managed code. There are several layers of abstraction built in to .Net that keep you from making unmaintainable changes. At the bottom of .Net, under all those abstractions, are the APIs. You should avoid calling APIs directly unless you really and truly need that power. If you use the API and run your program on another version of windows your program might break. If you use purely managed code, it will run on any version of windows becuase it is really running on the .Net framework.

 

[waughp]

Mskell,

Thanks for the reply!

All youll have to do is put this stuff at the top of your class, populate those structs, and call CreateProcessAsUser in your button handler function. There should be some docuementation wherever you found this API that will help you fill out those structs.

Any chance you could show me an example on how to do this for the buttons click event? Unfortunetly the website I found said that the example was in a book that I would have to buy. Im trying to save myself $35.00. Ive already got the code at the top of my class, I just need the button click event code.

Thanks a lot!

Pat

 

[mskeel]

You would call it like you do any other function. Its really easy. The hard part, I think, is going to be figuring out what goes in the structs.

It might look something like...

PrivateSub cmdSystem_Click(ByVal sender AsObject, ByVal e As System.EventArgs) Handles cmdSystem.Click
   Winpath = System.Environment. _
   GetEnvironmentVariable("SystemRoot")
   Fname = Winpath & "\system32\sysdm.cpl"

   If System.IO.File.Exists(Fname) Then
      System.Diagnostics.Process.Start(Fname)
      declare and fill in instances of those structs...
      I am unsure about the alias.  You may need to call the function as it is declared but I think becuase of the alias you will call it like this...
      reateProcessAsUserA(Token, lpApplicationName, lpCommandLine, lpProcessAttributes, lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo, lpProcessInformation)
   Else
      dont use magic numbers.  Instead of 16, use the enumeration for whatever type of box you are trying to declare.
      MsgBox("Control Panel not found!", 16, "Error")
   EndIf
EndSub

Keep searching the web. Im sure youll more stuff to help you out. Good luck.