Created
November 11, 2012 09:09
-
-
Save iso2022jp/4054249 to your computer and use it in GitHub Desktop.
nudo.exe: Do as a normal user
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#define STRICT | |
#define WIN32_LEAN_AND_MEAN | |
#define VC_EXTRALEAN | |
#include <windows.h> | |
#include <winsafer.h> | |
void Zero(void *dest, size_t count) { | |
char *p = (char *)dest; | |
while (count--) { | |
*p++ = 0; | |
} | |
} | |
BOOL GetNormalUserToken(HANDLE hToken, LPHANDLE hNewToken) { | |
SAFER_LEVEL_HANDLE hLevel; | |
if (!SaferCreateLevel(SAFER_SCOPEID_USER, SAFER_LEVELID_NORMALUSER, 0, &hLevel, NULL)) { | |
return FALSE; | |
} | |
if (!SaferComputeTokenFromLevel(hLevel, hToken, hNewToken, 0, NULL)) { | |
return FALSE; | |
} | |
SaferCloseLevel(hLevel); | |
return TRUE; | |
} | |
int CALLBACK wWinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int nCmdShow) { | |
HANDLE hToken; | |
HANDLE hRestricted; | |
STARTUPINFO si; | |
PROCESS_INFORMATION pi; | |
TCHAR commandLine[MAX_PATH]; | |
Zero(&si, sizeof (STARTUPINFO)); | |
si.cb = sizeof (STARTUPINFO); | |
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_DUPLICATE, &hToken)) { | |
return GetLastError(); | |
} | |
if (!GetNormalUserToken(hToken, &hRestricted)) { | |
DWORD error = GetLastError(); | |
CloseHandle(hToken); | |
return error; | |
} | |
lstrcpy(commandLine, lpCmdLine); | |
if (!CreateProcessAsUser(hRestricted, NULL, commandLine, NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi)) { | |
DWORD error = GetLastError(); | |
CloseHandle(hRestricted); | |
CloseHandle(hToken); | |
return error; | |
} | |
CloseHandle(pi.hThread); | |
CloseHandle(hRestricted); | |
CloseHandle(hToken); | |
CloseHandle(pi.hProcess); | |
//WaitForSingleObject(pi.hProcess, INFINITE); | |
return 0; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment