The platform SDK comes with a sample called SuperUsr that purports to
start a command window as LocalSystem. It does this by (a) assuming that
the System process is PID 2, (b) opening its token and modifying its
permissions, and (c) passing a duplicate to CreateProcessAsUser.
On my w2k system, the System process is 8. Making that adjustment,
CreateProcessAsUser fails with a ‘missing privilege’ error, in spite of
Debug and TCB privs being enabled.
This seems like an awfully long way around. Is there a less convoluted
solution?
If you have all those privileges, why not just go the whole hog and give
yourself ‘replace a process-level token’ (I *think*), build the damn token
from scratch, and use that? NtCreateToken() being the way to do that. Or
schedule a task, or run a service (both of those are IMO less elegant;
whilst the task can delet itself/the service can delete itself, they still
require the creation of such things; something using NtCreateToken() just
modifies its token and elevates its privileges all by itself).
On Mon, 1 Apr 2002, Benson Margulies wrote:
The platform SDK comes with a sample called SuperUsr that purports to
start a command window as LocalSystem. It does this by (a) assuming that
the System process is PID 2, (b) opening its token and modifying its
permissions, and (c) passing a duplicate to CreateProcessAsUser.
On my w2k system, the System process is 8. Making that adjustment,
CreateProcessAsUser fails with a ‘missing privilege’ error, in spite of
Debug and TCB privs being enabled.
This seems like an awfully long way around. Is there a less convoluted
solution?
You are currently subscribed to ntfsd as: xxxxx@inkvine.fluff.org
To unsubscribe send a blank email to %%email.unsub%%
–
Peter xxxxx@inkvine.fluff.org
http://www.inkvine.fluff.org/~peter/
logic kicks ass:
(1) Horses have an even number of legs.
(2) They have two legs in back and fore legs in front.
(3) This makes a total of six legs, which certainly is an odd number of
legs for a horse.
(4) But the only number that is both odd and even is infinity.
(5) Therefore, horses must have an infinite number of legs.