1. 技术文章
  2. using WIN32 API CreateProcessAsUser in Python

using WIN32 API CreateProcessAsUser in Python

心已入冬 提交于 2020-08-01 09:12:20

问题


I have been trying to find a good example of how to use the CreateProcessAsUser() WIN32 API in Python along side the LogonUser() API, but to no avail.

Any help on this would be greatly appreciated.


回答1:


First, you should know that the Python extensions for Windows API is closely mapped to the Windows API. In this use case, the following links should prove very useful to you:

  • Discusses LogonUser() function
    • http://msdn.microsoft.com/en-us/library/windows/desktop/aa378184(v=vs.85).aspx
  • Discusses CreateProcessAsUser() function
    • http://msdn.microsoft.com/en-us/library/windows/desktop/ms682429(v=vs.85).aspx
  • Discusses STARTUPINFO structure
    • http://msdn.microsoft.com/en-us/library/windows/desktop/ms686331(v=vs.85).aspx

If you study these documents together with the pywin documentation, you'll learn quite a ton.

That being written, note that in order to use CreateProcessAsUser(), you must hold the privilege SE_INCREASE_QUOTA_NAME, and possibly SE_ASSIGNPRIMARYTOKEN_NAME. These can be assigned on your local workstation (assuming you're admin) via secpol.msc > User Rights Assignment.

To understand how these privileges map to rights shown in secpol.msc, use this link:

  • http://msdn.microsoft.com/en-us/library/windows/desktop/bb530716(v=vs.85).aspx

Now on to the code:

# First create a token. We're pretending this user actually exists on your local computer or Active Directory domain.
user = "ltorvalds"
pword = "IAMLINUXMAN"
domain = "." # means current domain
logontype = win32con.LOGON32_LOGON_INTERACTIVE
provider = win32con.LOGON32_PROVIDER_WINNT50
token = win32security.LogonUser(user, domain, pword , logontype, provider)

# Now let's create the STARTUPINFO structure. Read the link above for more info on what these can do.
startup = win32process.STARTUPINFO()

# Finally, create a cmd.exe process using the "ltorvalds" token.
appname = "c:\\windows\\system32\\cmd.exe"
priority = win32con.NORMAL_PRIORITY_CLASS
win32process.CreateProcessAsUser(token, appname, None, None, None, True, priority, None, None, startup)

Hope this helps.



来源:https://stackoverflow.com/questions/22615365/using-win32-api-createprocessasuser-in-python

标签
python
winapi
process
ctypes
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!