在服务中创建用户进程的方法(C#版)

Windows NT/2000提供了一个函数CreateProcessAsUser,它的功能类似于CreateProcess函数,所不同的是CreateProcessAsUser创建的新进程能以用户(任何用户)的安全上下文方式运行。

  1 // PlatformInvoke Stuff
  2         [StructLayout(LayoutKind.Sequential)]
  3         struct STARTUPINFO
  4         {
  5             public Int32 cb;
  6             [MarshalAs(UnmanagedType.LPTStr)]
  7             public String lpReserved;
  8             [MarshalAs(UnmanagedType.LPTStr)]
  9             public String lpDesktop;
 10             [MarshalAs(UnmanagedType.LPTStr)]
 11             public String lpTitle;
 12             public UInt32 dwX;
 13             public UInt32 dwY;
 14             public UInt32 dwXSize;
 15             public UInt32 dwYSize;
 16             public UInt32 dwXCountChars;
 17             public UInt32 dwYCountChars;
 18             public UInt32 dwFillAttribute;
 19             public UInt32 dwFlags;
 20             public Int16 wShowWindow;
 21             public Int16 cbReserved2;
 22             public IntPtr lpReserved2;
 23             public HandleRef hStdInput;
 24             public HandleRef hStdOutput;
 25             public HandleRef hStdError;
 26         }
 27 
 28         const int NORMAL_PRIORITY_CLASS = 0x00000020;
 29 
 30         struct PROCESS_INFORMATION
 31         {
 32             public HandleRef hProcess;
 33             public HandleRef hThread;
 34             public UInt32 dwProcessId;
 35             public UInt32 dwThreadId;
 36         }
 37 
 38         struct SECURITY_ATTRIBUTES
 39         {
 40             public UInt32 nLength;
 41             public IntPtr lpSecurityDescriptor;
 42             public Boolean bInheritHandle;
 43         }
 44 
 45         [DllImport("advapi32.dll", CharSet = CharSet.Unicode)]
 46         static extern Boolean CreateProcessAsUser(
 47         IntPtr hToken,
 48         String lpApplicationName,
 49         String lpCommandLine,
 50         IntPtr lpProcessAttributes,
 51         IntPtr lpThreadAttributes,
 52         Boolean bInheritHandles,
 53         UInt32 dwCreationFlags,
 54         IntPtr lpEnvironment,
 55         String lpCurrentDirectory,
 56         ref STARTUPINFO lpStartupInfo,
 57         out PROCESS_INFORMATION lpProcessInformation);
 58 
 59         [DllImport("advapi32.dll", CharSet = CharSet.Unicode)]
 60         static extern Boolean LogonUser(
 61         String lpszUsername,
 62         String lpszDomain,
 63         String lpszPassword,
 64         Int32 dwLogonType,
 65         Int32 dwLogonProvider,
 66         ref IntPtr phToken
 67         );
 68         const int LOGON32_LOGON_INTERACTIVE = 2;
 69 
 70         public void Execute(string File)
 71         {
 72             try
 73             {
 74                 //unsafe
 75                 {
 76                     PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
 77 
 78                     STARTUPINFO si = new STARTUPINFO();
 79                     si.cb = Marshal.SizeOf(si);
 80                     si.lpDesktop = "winsta0\\default";
 81 
 82                     IntPtr hToken = new IntPtr(0);
 83                     if (LogonUser("auser""mydomain""Passw0rd!",
 84                         LOGON32_LOGON_INTERACTIVE, 0ref hToken))
 85                     {
 86                         Boolean bResult = CreateProcessAsUser(
 87                             hToken,
 88                             File, // file to execute
 89                             null// command line
 90                             IntPtr.Zero, // pointer to process SECURITY_ATTRIBUTES
 91                             IntPtr.Zero, // pointer to thread SECURITY_ATTRIBUTES
 92                             false// handles are not inheritable
 93                             0// creation flags
 94                             IntPtr.Zero, // pointer to new environment block
 95                             null// name of current directory
 96                             ref si, // pointer to STARTUPINFO structure
 97                             out pi // receives information about new process
 98                             );
 99 
100                         if (bResult)
101                         {
102                         }
103                     }
104                 }
105             }
106             catch(Exception e)
107             {
108             }
109         }
posted @ 2007-09-26 11:59  至尊王者  阅读(3694)  评论(0编辑  收藏  举报