Hello All ,
I want to load a Device driver when user dont have privilages of
administrator …
I am thinking to inject a dll in Winlogon process which is started by system
,and by Duplicating the token of that process can i run the code to Load the
Driver ?
Thanx in advance.
You cant. Not even through DLL injection , for youll fail to gain any access
to system processes.
Dan
“Pawar” wrote in message
news:LYRIS-7403-78109-2002.10.04-07.47.52–dan_partelly#xxxxx@lists.osr.c
om…
> Hello All ,
> I want to load a Device driver when user dont have privilages of
> administrator …
> I am thinking to inject a dll in Winlogon process which is started by
system
> ,and by Duplicating the token of that process can i run the code to Load
the
> Driver ?
>
> Thanx in advance.
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> To unsubscribe send a blank email to %%email.unsub%%
>
Patch the security attributes of that driver in the registry
Bye,
SaB
-----Original Message-----
From: Pawar [mailto:xxxxx@rediffmail.com]
Sent: Friday, October 04, 2002 1:53 PM
To: NT Developers Interest List
Subject: [ntdev] How to Load Driver in SYSTEM’s context.Hello All ,
I want to load a Device driver when user dont have privilages of
administrator …
I am thinking to inject a dll in Winlogon process which is
started by system
,and by Duplicating the token of that process can i run the
code to Load the
Driver ?Thanx in advance.
You are currently subscribed to ntdev as: xxxxx@mastereye.kiev.ua
To unsubscribe send a blank email to %%email.unsub%%
But It is sure that I can inject a DLL in Winlogon process from user mode
process.I have tried it ,it works…
SAB What do you mean by Patching ??
Thanx
Yes it is possible ,I did it .
1]Get the services process.
2]Inject a DLL into it.
3]this DLL Creates a Process which will load that Driver.
4]And it works.