0

I have a windows application that needs to run in system context. And it needs to authenticate to a proxy for internet access.

Limitations are : 1) Cannot ask user for credentials as it is not a user-facing application and basic authentication is not preferred option as well 2) using computer identity for authentication may not be an option as it depends on individual enterprise configuration.

If I want to use Integrated Windows Authentication (for NTLM/ Kerberos) to leverage the context of already logged on user, is there a way the application running in system context can switch to user context? Or is there is any other cleaner way for an application running in system context to authenticate to proxy?

adk
  • 1
  • 1
  • Possible duplicate of [Windows Impersonation from C#](https://stackoverflow.com/questions/559719/windows-impersonation-from-c-sharp) –  Nov 22 '19 at 21:50
  • 2
    Since you are essentially trying to steal user's credentials without user's consent... are you sure you want to leave traces of your actions in form of SO post? – Alexei Levenkov Nov 22 '19 at 21:55
  • There is no unethical stuff involved here. It is a background application running with explicit enterprise and user consent. Intention is to find right ways for proxy authentication. – adk Nov 22 '19 at 22:32
  • This isn't particularly evil, but also not particularly supported. Since you're running as SYSTEM you can do whatever you want. In these sorts of situations the simplest thing is to find the user session, find a process running as that user (e.g. explorer.exe) and get the NT Token handle. From there you can duplicate the handle and impersonate against it. – Steve Nov 25 '19 at 16:56

0 Answers0