使用PsExec tool在Session 0 下运行程序

在Service程序中使用OutputDebugString输出log信息, 在当前用户直接运行DbgView.exe, log信息是不会输出到DbgView窗口的.原因是Server程序运行在Session 0下,而DbgView运行在Session 1下.log信息不会跨Session 0输出到Session 1.

解决办法就是设法将DbgView也运行在Session 0下. 这可以通过PsExec工具达到目的.

E:\Software\_DevTool\PSTools>PsExec.exe -i 0 "E:\Software\_DevTool\PSTools\Dbgview.exe"

// 运行带参数的程序
E:\Software\_DevTool\PSTools>PsExec.exe -i 0 "D:\XX\XXX\XXXX.exe" -c 0 -p 18700 -cp 18701

-i: 指定Session.这里指定Session 0.

运行后,会弹出一个Session 0 与桌面的交互窗口,点击"View the message"进入,就可以看到运行在Session 0 的DbgView.

微软为何将Service与Application分在不同的Session下:

(refer to: http://msdn.microsoft.com/en-us/windows/hardware/gg463353.aspx)

In Windows XP, Windows Server 2003, and earlier versions of Windows, all services run in Session 0 along with applications. This situation poses a security risk.

In Windows Vista, Windows Server 2008, and later versions of Windows, the operating system isolates services in Session 0 and runs applications in other sessions, so services are protected from attacks that originate in application code.

可见,微软是考虑到安全性问题, 将Service安全隔离在Session 0下, 防止application的代码篡改Service.

posted @ 2013-01-29 11:18  金石开  阅读(1439)  评论(0编辑  收藏  举报