1

I need to write a small tool that runs on every userdesktop or, if no one is logged in, directly on logon screen. Maybe a service with a form starting?

I already found this question (and answer): Running a process at the Windows 7 Welcome Screen

// grab the winlogon process
    Process winLogon = null;
    foreach (Process p in Process.GetProcesses()) {
        if (p.ProcessName.Contains("winlogon")) {
            winLogon = p;
            break;
        }
    }
    // grab the winlogon's token
    IntPtr userToken = IntPtr.Zero;
    if (!OpenProcessToken(winLogon.Handle, TOKEN_QUERY | TOKEN_IMPERSONATE | TOKEN_DUPLICATE, out userToken)) {
        log("ERROR: OpenProcessToken returned false - " + Marshal.GetLastWin32Error());
    }

    // create a new token
    IntPtr newToken = IntPtr.Zero;
    SECURITY_ATTRIBUTES tokenAttributes = new SECURITY_ATTRIBUTES();
    tokenAttributes.nLength = Marshal.SizeOf(tokenAttributes);
    SECURITY_ATTRIBUTES threadAttributes = new SECURITY_ATTRIBUTES();
    threadAttributes.nLength = Marshal.SizeOf(threadAttributes);
    // duplicate the winlogon token to the new token
    if (!DuplicateTokenEx(userToken, 0x10000000, ref tokenAttributes, SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation,
        TOKEN_TYPE.TokenImpersonation, out newToken)) {
        log("ERROR: DuplicateTokenEx returned false - " + Marshal.GetLastWin32Error());
    }
    TOKEN_PRIVILEGES tokPrivs = new TOKEN_PRIVILEGES();
    tokPrivs.PrivilegeCount = 1;
    LUID seDebugNameValue = new LUID();
    if (!LookupPrivilegeValue(null, SE_DEBUG_NAME, out seDebugNameValue)) {
        log("ERROR: LookupPrivilegeValue returned false - " + Marshal.GetLastWin32Error());
    }
    tokPrivs.Privileges = new LUID_AND_ATTRIBUTES[1];
    tokPrivs.Privileges[0].Luid = seDebugNameValue;
    tokPrivs.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    // escalate the new token's privileges
    if (!AdjustTokenPrivileges(newToken, false, ref tokPrivs, 0, IntPtr.Zero, IntPtr.Zero)) {
        log("ERROR: AdjustTokenPrivileges returned false - " + Marshal.GetLastWin32Error());
    }
    PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
    STARTUPINFO si = new STARTUPINFO();
    si.cb = Marshal.SizeOf(si);
    si.lpDesktop = "Winsta0\\Winlogon";
    // start the process using the new token
    if (!CreateProcessAsUser(newToken, process, process, ref tokenAttributes, ref threadAttributes,
        true, (uint)CreateProcessFlags.CREATE_NEW_CONSOLE | (uint)CreateProcessFlags.INHERIT_CALLER_PRIORITY, IntPtr.Zero,
        logInfoDir, ref si, out pi)) {
        log("ERROR: CreateProcessAsUser returned false - " + Marshal.GetLastWin32Error());
    }

    Process _p = Process.GetProcessById(pi.dwProcessId);
    if (_p != null) {
        log("Process " + _p.Id + " Name " + _p.ProcessName);
    } else {
        log("Process not found");
    }

But there are no dll-imports explained, so i can't build this.

Thanks for your effort Fluxer

Community
  • 1
  • 1
MariusK
  • 537
  • 5
  • 20
  • 2
    The imports in that example are all the undecorated function calls: OpenProcessToken, capitalized structs; SECURITY_ATTRIBUTES() and constants: TOKEN_QUERY - look them up @ pinvoke.net - and to echo the 2nd answer "You really need a good reason to do this" – Alex K. Feb 28 '12 at 12:13
  • yes I have a good reason to do this. I imported a lot now, but it does not stop asking for more imports ;-) could you please go after this / list all imports for me? – MariusK Feb 28 '12 at 12:28
  • 4
    are you asking us to do all your work here? ... this is indeed a lot of work - why don't you just contact the author of the answer you copied here? – Random Dev Feb 28 '12 at 12:42
  • yes carsten, your right. i'm sorry i didn't know what pinvoke is. i copyied and pasted a lot of code now. and it works. i will delete all unnecessary and write a sample code as answer to the liked question for other guys with this problem. – MariusK Feb 28 '12 at 12:49
  • @FLuXeR: Are you sure that you really need to do this? There must be hundreds of alternative ways of achieving what you want without modifying the logon screen. – Christian Hayter Feb 28 '12 at 12:56
  • hmm... my task is to open a small application which shows some information of the computer and some programs on an gui. – MariusK Feb 28 '12 at 13:09
  • does anyone have an idea why I cannot start applications which are not in C:\windows\system32 ? only this folder seems to work.. – MariusK Feb 28 '12 at 13:52

0 Answers0