start commandline.exe form aspnet application

M

Marco Maier

hi there,

i have to start a commandline.exe (e.g. ping.exe) file from an aspnet
application. the process needs administrative rights, so
Process.Start() is not what I need because it will run the process as
ASPNET user. As far as I know the
System.CodeDom.Compiler.Executor.ExecWaitWithCapture Method is not yet
imlemented as i need it.

-->
Executes the specified command using the specified user token and
temporary files, and waits for the call to return, storing output and
error information from the compiler in the specified strings.
[Visual Basic] Overloads Public Shared Function
ExecWaitWithCapture(IntPtr, String, TempFileCollection, ByRef String,
ByRef String) As Integer
<--

So i think the win32 api CreateProcessAsUser should be right for my
needs and I found some c# examples an made this of it.

----------------------------------------------------------------------------------------
Public Shared Sub CreateProcessAsUser(ByVal ProcessName As String,
ByVal CommandLineArgs As String, ByVal WorkingDirectory As String)
Dim hToken As IntPtr = WindowsIdentity.GetCurrent().Token
Dim hDupedToken As IntPtr = IntPtr.Zero
Dim pi As ProcessUtil.PROCESS_INFORMATION = New
ProcessUtil.PROCESS_INFORMATION
Try
Dim sa As ProcessUtil.SECURITY_ATTRIBUTES = New
ProcessUtil.SECURITY_ATTRIBUTES
sa.bInheritHandle = False
sa.Length = Marshal.SizeOf(sa)
sa.lpSecurityDescriptor = IntPtr.op_Explicit(0)
Dim result As Boolean
result = ProcessUtil.DuplicateTokenEx(hToken,
ProcessUtil.GENERIC_ALL_ACCESS, sa, _
ProcessUtil.SECURITY_IMPERSONATION_LEVEL.SecurityIdentification,
ProcessUtil.TOKEN_TYPE.TokenPrimary, _
hDupedToken)
If (Not result) Then
Throw New ApplicationException("Duplicte TokenEx failed")
End If
Dim si As New ProcessUtil.STARTUPINFO
si.cb = Marshal.SizeOf(si)
si.lpDesktop = Nothing 'String.Empty
result = ProcessUtil.CreateProcessAsUser(hDupedToken, ProcessName,
CommandLineArgs, sa, sa, False,
ProcessUtil.ProcessCreationFlags.CREATE_NO_WINDOW, IntPtr.Zero,
WorkingDirectory, si, pi)
If Not result Then
Dim err As Integer, msg As String
err = Marshal.GetLastWin32Error()
msg = String.Format("CreateProcessAsUser Error: {0}", err)
Throw New ApplicationException(msg)
End If
Catch ex As Exception
Throw ex
Finally
If (Not (pi.hProcess.Equals(IntPtr.Zero))) Then
ProcessUtil.CloseHandle(pi.hProcess)
If (Not (pi.hThread.Equals(IntPtr.Zero))) Then
ProcessUtil.CloseHandle(pi.hThread)
If (Not (hDupedToken.Equals(IntPtr.Zero))) Then
ProcessUtil.CloseHandle(hDupedToken)
End Try
end sub
----------------------------------------------------------------------------------------

On a Windows App everything works fine, but if I call this in aspnet,
I get the Error 1314 "The Client is missing some Privileges"
and don't understand that, because the duplicated token comes from an
administrator account, the aspnet application impersonates. this is
how I call it.

CreateProcessAsUser("c:\windows\system32\ping.exe", "127.0.0.1",
"c:\windows\system32")


I post the ProcessUtil class to make it clearer.
Can anyone help me understand this behavior?


Public Class ProcessUtil

Public Structure LUID
Dim UsedPart As Integer
Dim IgnoredForNowHigh32BitPart As Integer
End Structure

Public Structure TOKEN_PRIVILEGES
Dim PrivilegeCount As Integer
Dim TheLuid As LUID
Dim Attributes As Integer
End Structure

Public Structure STARTUPINFO
Public cb As Int32
Public lpReserved As String
Public lpDesktop As String
Public lpTitle As String
Public dwX As Int32
Public dwY As Int32
Public dwXSize As Int32
Public dwXCountChars As Int32
Public dwYCountChars As Int32
Public dwFillAttribute As Int32
Public dwFlags As Int32
Public wShowWindow As Int16
Public cbReserved2 As Int16
Public lpReserved2 As IntPtr
Public hStdInput As IntPtr
Public hStdOutput As IntPtr
Public hStdError As IntPtr
End Structure

Public Structure PROCESS_INFORMATION
Public hProcess As IntPtr
Public hThread As IntPtr
Public dwProcessID As Int32
Public dwThreadID As Int32
End Structure

Public Structure SECURITY_ATTRIBUTES
Public Length As Int32
Public lpSecurityDescriptor As IntPtr
Public bInheritHandle As Boolean
End Structure

Public Enum SECURITY_IMPERSONATION_LEVEL
SecurityAnonymous
SecurityIdentification
SecurityImpersonation
SecurityDelegation
End Enum

Public Enum ProcessCreationFlags
DEBUG_PROCESS = &H1
DEBUG_ONLY_THIS_PROCESS = &H2
CREATE_SUSPENDED = &H4
DETACHED_PROCESS = &H8
CREATE_NEW_CONSOLE = &H10
NORMAL_PRIORITY_CLASS = &H20
IDLE_PRIORITY_CLASS = &H40
HIGH_PRIORITY_CLASS = &H80
REALTIME_PRIORITY_CLASS = &H100
CREATE_NEW_PROCESS_GROUP = &H200
CREATE_UNICODE_ENVIRONMENT = &H400
CREATE_SEPARATE_WOW_VDM = &H800
CREATE_SHARED_WOW_VDM = &H1000
CREATE_FORCEDOS = &H2000
CREATE_DEFAULT_ERROR_MODE = &H4000000
CREATE_NO_WINDOW = &H8000000
End Enum

Public Enum TOKEN_TYPE
TokenPrimary = 1
TokenImpersonation
End Enum
Public Const GENERIC_ALL_ACCESS As Int32 = &H10000000
_
Public Shared Function CloseHandle(ByVal handle As IntPtr) As Boolean
End Function
<DllImport("advapi32.dll", EntryPoint:="CreateProcessAsUser",
SetLastError:=True, CharSet:=CharSet.Ansi, _
CallingConvention:=CallingConvention.StdCall)> _
Public Shared Function CreateProcessAsUser(ByVal hToken As IntPtr,
ByVal lpApplicationName As String, ByVal lpCommandLine As String, _
ByRef lpProcessAttributes As SECURITY_ATTRIBUTES, ByRef
lpThreadAttributes As SECURITY_ATTRIBUTES, _
ByVal bInheritHandle As Boolean, ByVal dwCreationFlags As Int32,
ByVal lpEnvrionment As IntPtr, _
ByVal lpCurrentDirectory As String, ByRef lpStartupInfo As
STARTUPINFO, ByRef lpProcessInformation As PROCESS_INFORMATION) As
Boolean
End Function

Public Shared Function DuplicateTokenEx(ByVal hExistingToken As
IntPtr, ByVal dwDesiredAccess As Int32, _
ByRef lpThreadAttributes As SECURITY_ATTRIBUTES, _
ByVal ImpersonationLevel As Int32, ByVal dwTokenType As Int32, _
ByRef phNewToken As IntPtr) As Boolean
End Function
End Class
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top