CreateProcessWithTokenW success but throws error and process wont start

0

I'm trying to launch powershell /cmd as 'LocalService' from 'LocalSystem' context in order to use lower privileges in the called script. I'm calling the P/Invoke in the following order:

LogonUser() // logon of 'LocalService' - success

CreateEnvironmentBlock() // success

DuplicateTokenEx() // in order to create PrimaryToken

CreateProcessWithTokenW() // create the ps / cmd

CreateProcessWithTokenW() C# code :

PROCESS_INFORMATION pi = new PROCESS_INFORMATION { };
STARTUPINFO st = new STARTUPINFO();
st.cb = (uint)Marshal.SizeOf(st);
st.wShowWindow = 0;
st.lpDesktop = ""; // creates automatically
const int CREATE_UNICODE_ENVIRONMENT = 0x00000400;
const int CREATE_NO_WINDOW = 0x08000000;
const UInt32 FLAGS =  (CREATE_NO_WINDOW |CREATE_UNICODE_ENVIRONMENT) ;
const int LOGON_WITH_PROFILE = 0x00000001;
CreateProcessWithTokenW(token, LOGON_WITH_PROFILE ,path, args,FLAGS, IntPtr.Zero, null, ref st, out pi)

This code return success on process creation but throws this error: enter image description here

Does anyone encountered this error ? I have also tried using CreateProcessAsUser() but it also returns success, launches the process but the process immediately closes(possible crash).

c#
createprocessasuser
createprocesswithlogonw
asked on Stack Overflow Jul 28, 2020 by M.Pinto • edited Jul 28, 2020 by Alan Birtles

0 Answers

Nobody has answered this question yet.


User contributions licensed under CC BY-SA 3.0