我的CreateProcessAsUser函数出现错误。它说:“请求的操作需要提升。”我认为我给了它最高的特权,我可以。任何人帮助?感谢CreateProecssAsUser提升的权限?
我的代码如下:
activeSessionId = WTSGetActiveConsoleSessionId();//get the currently logged on user's active session id
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);//take snapshot of all processes in The system
pe32.dwSize = sizeof(PROCESSENTRY32);
Process32First(hProcessSnap, &pe32)
do//iterate through all processes
{
if(_wcsicmp(pe32.szExeFile, L"winlogon.exe") == 0)//narrow down to process called "winlogon.exe"
{
if (ProcessIdToSessionId(pe32.th32ProcessID, &peSessionID)
&& peSessionID == activeSessionId)//compare the sessionID of each winlog process to the active console session id
{
winlogonPID = pe32.th32ProcessID;
break;
}
}
}while(Process32Next(hProcessSnap, &pe32));
dwCreationFlags = (NORMAL_PRIORITY_CLASS|CREATE_NEW_CONSOLE);
hProcess = OpenProcess(PROCESS_ALL_ACCESS,false,winlogonPID);//return handle to winlogon process
OpenProcessToken(hProcess,TOKEN_ALL_ACCESS,&hPToken)//opens the access token
LookupPrivilegeValue(NULL,SE_DEBUG_NAME,&luid)//get the locally unique identifier(luid)
//creates a new access token and duplicates winlogon token of the active user
DuplicateTokenEx(hPToken,MAXIMUM_ALLOWED,NULL,SecurityIdentification,TokenPrimary,&hUserTokenDup)
}
SetTokenInformation(hUserTokenDup,TokenSessionId,(void*)&activeSessionId,sizeof(DWORD))//sets info for duplicated token
//adjust the privileges of the duplicated token
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = luid;
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hUserTokenDup, FALSE, &tp, sizeof(TOKEN_PRIVILEGES),(PTOKEN_PRIVILEGES)NULL,NULL)
pEnv = NULL;
if(CreateEnvironmentBlock(&pEnv,hUserTokenDup,TRUE))//retrieve environment variables for the user
{
dwCreationFlags|=CREATE_UNICODE_ENVIRONMENT;
}
else pEnv = NULL;
ZeroMemory(&si, sizeof(si));//set parameters to 0
si.cb = sizeof(si);//the size of si
si.lpDesktop = L"WinSta0\\Default";//window station and desktop of interactive user
ZeroMemory(&pi, sizeof(pi));//set parameters to 0
//launch the process in active logged in user's session
CreateProcessAsUser
(
hUserTokenDup,
NULL,
Path,
NULL,
NULL,
FALSE,
dwCreationFlags,
pEnv,
NULL,
&si,
&pi
)
)
//Destroy the Environment block
(DestroyEnvironmentBlock(pEnv)
CloseHandle(hProcess)
CloseHandle(hUserToken)
CloseHandle(hUserTokenDup)
CloseHandle(hPToken)
}
“它说明请求的操作需要提升。”究竟是什么意思? –
在我的程序中我将GetLastError()记录到文件中。应该说,对不起 – user966890
你在这里调用了大约20个不同的API函数。哪一个失败? –