Want to launch process 'X' as using token of user 'B' in session of user ‘A’ by AdvApi in service code

63 Views Asked by Mukesh Methaniya At 10 April 2025 at 17:41

We have service which is running as system session.
Taking token of User 'B'
In this token changing session id of User 'A'
Using this token launching the process 'X'
After process 'X' launch getting error The exception unknown software exception (0xc06d007e) occurred in the application at location 0x0000000076855232.

Find below code to achieve this but it is throwing error after process start

  boolean res =
            Advapi32.INSTANCE.LogonUser(
                    user, domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, userToken);

    WinBase.SECURITY_ATTRIBUTES sa = new WinBase.SECURITY_ATTRIBUTES();
    sa.dwLength = new WinDef.DWORD(sa.size());

    WinNT.HANDLEByReference hUserTokenDup = new WinNT.HANDLEByReference();
    boolean duplicateTokenEx =
            Advapi32.INSTANCE.DuplicateTokenEx(
                    userToken.getValue(),
                    WinNT.TOKEN_ALL_ACCESS|WinNT.TOKEN_ADJUST_SESSIONID,
                    sa,
                    SECURITY_IMPERSONATION_LEVEL.SecurityIdentification,
                    TOKEN_TYPE.TokenPrimary,
                    hUserTokenDup);
    if (!duplicateTokenEx) {
        Kernel32.INSTANCE.CloseHandle(userToken.getValue());
        Kernel32.INSTANCE.CloseHandle(hUserTokenDup.getValue());
        throw new Win32Exception(Kernel32.INSTANCE.GetLastError());
    }

    boolean setTokenInfo =
            Advapi32.INSTANCE.SetTokenInformation(
                    hUserTokenDup.getValue(),
                    TOKEN_INFORMATION_CLASS.TokenSessionId,
                    new IntByReference(sessionId),
                    DWORD.SIZE);

    if (!setTokenInfo) {
        Kernel32.INSTANCE.CloseHandle(hUserTokenDup.getValue());
        Kernel32.INSTANCE.CloseHandle(userToken.getValue());
        throw new Win32Exception(Kernel32.INSTANCE.GetLastError());
    }
    final STARTUPINFO startupInfo = new STARTUPINFO();
    startupInfo.lpDesktop = "Winsta0\\Winlogon";
   // final STARTUPINFO startupInfo = new STARTUPINFO();
    final PROCESS_INFORMATION processInformation = new PROCESS_INFORMATION();
    final PointerByReference ref = new PointerByReference();

    try {
        boolean createProcess =
                Advapi32.INSTANCE.CreateProcessAsUser(
                        hUserTokenDup.getValue(),
                        null,
                        cmd,
                        null,
                        null,
                        false,
                        CREATE_UNICODE_ENVIRONMENT,
                        ref.getValue(),
                        null,
                        startupInfo,
                        processInformation);

        if (!createProcess) {
            throw new Win32Exception(Kernel32.INSTANCE.GetLastError());
        }

    } finally {
        Kernel32.INSTANCE.CloseHandle(hUserTokenDup.getValue());
        Kernel32.INSTANCE.CloseHandle(userToken.getValue());
    }

Process is launched but it is throwing error in starting itself like below

The exception unknown software exception (0xc06d007e) occurred in the application at location 0x0000000076855232.

Original Q&A

Want to launch process 'X' as using token of user 'B' in session of user ‘A’ by AdvApi in service code

There are 0 best solutions below

Related Questions in WINDOWS

Related Questions in SERVICE

Related Questions in CREATEPROCESSASUSER

Related Questions in ADVAPI32

Related Questions in CREATEPROCESSWITHLOGONW

Trending Questions

Popular # Hahtags

Popular Questions