christophetd/createWithParentProcess.cpp Secret

## createWithParentProcess.cpp
// Based on https://gist.github.com/xpn/a057a26ec81e736518ee50848b9c2cd6

#include "pch.h"
#include <iostream>
#include <Windows.h>
#include <winternl.h>
#include <psapi.h>


int main(int argc, char **canttrustthis)
{
	PROCESS_INFORMATION pi = { 0 };
	STARTUPINFOEXA si = { 0 };
	SIZE_T sizeToAllocate;
	int parentPid = 9524; // Could be found dynamically as well

	// Get a handle on the parent process to use
	HANDLE processHandle = OpenProcess(PROCESS_ALL_ACCESS, false, parentPid);
	if (processHandle == NULL) {
		fprintf(stderr, "OpenProcess failed");
		return 1;
	}

	// Initialize the process start attributes
	InitializeProcThreadAttributeList(NULL, 1, 0, &sizeToAllocate);
	// Allocate the size needed for the attribute list
	si.lpAttributeList = (LPPROC_THREAD_ATTRIBUTE_LIST)HeapAlloc(GetProcessHeap(), 0, sizeToAllocate);
	InitializeProcThreadAttributeList(si.lpAttributeList, 1, 0, &sizeToAllocate);
	// Set the PROC_THREAD_ATTRIBUTE_PARENT_PROCESS option to specify the parent process to use
	if (!UpdateProcThreadAttribute(si.lpAttributeList, 0, PROC_THREAD_ATTRIBUTE_PARENT_PROCESS, &processHandle, sizeof(HANDLE), NULL, NULL)) {
		fprintf(stderr, "UpdateProcThreadAttribute failed");
		return 1;
	}
	si.StartupInfo.cb = sizeof(STARTUPINFOEXA);

	printf("Creating process...\n");

	BOOL success = CreateProcessA(
		NULL, // App name
		"C:\\Windows\\system32\\calc.exe", // Command line
		NULL, // Process attributes
		NULL, // Thread attributes
		true, // Inherits handles?
		EXTENDED_STARTUPINFO_PRESENT | CREATE_NEW_CONSOLE, // Creation flags
		NULL, // Env
		"C:\\Windows\\system32", // Current dir
		(LPSTARTUPINFOA) &si,
		&pi
	);

	if (!success) {
		printf("Error %d\n", GetLastError());
	}

	return 0;
}
	// Based on https://gist.github.com/xpn/a057a26ec81e736518ee50848b9c2cd6

	#include "pch.h"
	#include <iostream>
	#include <Windows.h>
	#include <winternl.h>
	#include <psapi.h>


	int main(int argc, char **canttrustthis)
	{
	PROCESS_INFORMATION pi = { 0 };
	STARTUPINFOEXA si = { 0 };
	SIZE_T sizeToAllocate;
	int parentPid = 9524; // Could be found dynamically as well

	// Get a handle on the parent process to use
	HANDLE processHandle = OpenProcess(PROCESS_ALL_ACCESS, false, parentPid);
	if (processHandle == NULL) {
	fprintf(stderr, "OpenProcess failed");
	return 1;
	}

	// Initialize the process start attributes
	InitializeProcThreadAttributeList(NULL, 1, 0, &sizeToAllocate);
	// Allocate the size needed for the attribute list
	si.lpAttributeList = (LPPROC_THREAD_ATTRIBUTE_LIST)HeapAlloc(GetProcessHeap(), 0, sizeToAllocate);
	InitializeProcThreadAttributeList(si.lpAttributeList, 1, 0, &sizeToAllocate);
	// Set the PROC_THREAD_ATTRIBUTE_PARENT_PROCESS option to specify the parent process to use
	if (!UpdateProcThreadAttribute(si.lpAttributeList, 0, PROC_THREAD_ATTRIBUTE_PARENT_PROCESS, &processHandle, sizeof(HANDLE), NULL, NULL)) {
	fprintf(stderr, "UpdateProcThreadAttribute failed");
	return 1;
	}
	si.StartupInfo.cb = sizeof(STARTUPINFOEXA);

	printf("Creating process...\n");

	BOOL success = CreateProcessA(
	NULL, // App name
	"C:\\Windows\\system32\\calc.exe", // Command line
	NULL, // Process attributes
	NULL, // Thread attributes
	true, // Inherits handles?
	EXTENDED_STARTUPINFO_PRESENT \| CREATE_NEW_CONSOLE, // Creation flags
	NULL, // Env
	"C:\\Windows\\system32", // Current dir
	(LPSTARTUPINFOA) &si,
	&pi
	);

	if (!success) {
	printf("Error %d\n", GetLastError());
	}

	return 0;
	}