Vista 에서 Low Level 권한으로 Process 를 생성시키는 방법

출처 : http://rodream.tistory.com/45

BOOL bRet;
HANDLE hToken;
HANDLE hNewToken;

// Notepad is used as an example
WCHAR wszProcessName[MAX_PATH] = L"C:\\Windows\\System32\\Notepad.exe";

// Low integrity SID
WCHAR wszIntegritySid[20] = L"S-1-16-4096";

PSID pIntegritySid = NULL;

TOKEN_MANDATORY_LABEL TIL = {0};
PROCESS_INFORMATION ProcInfo = {0};
STARTUPINFO StartupInfo = {0};
ULONG ExitCode = 0;

if (OpenProcessToken(GetCurrentProcess(),MAXIMUM_ALLOWED, &hToken))
{
if (DuplicateTokenEx(hToken, MAXIMUM_ALLOWED, NULL,
SecurityImpersonation, TokenPrimary, &hNewToken))
{
if (ConvertStringSidToSid(wszIntegritySid, &pIntegritySid))
{
TIL.Label.Attributes = SE_GROUP_INTEGRITY;
TIL.Label.Sid = pIntegritySid;

if (SetTokenInformation(hNewToken, TokenIntegrityLevel, &TIL,
sizeof(TOKEN_MANDATORY_LABEL) + GetLengthSid(pIntegritySid)))
{
// Create the new process at Low/High integrity
bRet = CreateProcessAsUser(hNewToken, NULL,
wszProcessName, NULL, NULL, FALSE,
0, NULL, NULL, &StartupInfo, &ProcInfo);
}

LocalFree(pIntegritySid);
}
CloseHandle(hNewToken);
}
CloseHandle(hToken);

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 항목은 *(으)로 표시합니다