using WIN32 API CreateProcessAsUser in Python

问题

I have been trying to find a good example of how to use the CreateProcessAsUser() WIN32 API in Python along side the LogonUser() API, but to no avail.

Any help on this would be greatly appreciated.

回答1:

First, you should know that the Python extensions for Windows API is closely mapped to the Windows API. In this use case, the following links should prove very useful to you:

• Discusses LogonUser() function
  • http://msdn.microsoft.com/en-us/library/windows/desktop/aa378184(v=vs.85).aspx
• Discusses CreateProcessAsUser() function
  • http://msdn.microsoft.com/en-us/library/windows/desktop/ms682429(v=vs.85).aspx
• Discusses STARTUPINFO structure
  • http://msdn.microsoft.com/en-us/library/windows/desktop/ms686331(v=vs.85).aspx

If you study these documents together with the pywin documentation, you'll learn quite a ton.

That being written, note that in order to use CreateProcessAsUser(), you must hold the privilege SE_INCREASE_QUOTA_NAME, and possibly SE_ASSIGNPRIMARYTOKEN_NAME. These can be assigned on your local workstation (assuming you're admin) via secpol.msc > User Rights Assignment.

To understand how these privileges map to rights shown in secpol.msc, use this link:

• http://msdn.microsoft.com/en-us/library/windows/desktop/bb530716(v=vs.85).aspx

Now on to the code:

# First create a token. We're pretending this user actually exists on your local computer or Active Directory domain.
user = "ltorvalds"
pword = "IAMLINUXMAN"
domain = "." # means current domain
logontype = win32con.LOGON32_LOGON_INTERACTIVE
provider = win32con.LOGON32_PROVIDER_WINNT50
token = win32security.LogonUser(user, domain, pword , logontype, provider)

# Now let's create the STARTUPINFO structure. Read the link above for more info on what these can do.
startup = win32process.STARTUPINFO()

# Finally, create a cmd.exe process using the "ltorvalds" token.
appname = "c:\\windows\\system32\\cmd.exe"
priority = win32con.NORMAL_PRIORITY_CLASS
win32process.CreateProcessAsUser(token, appname, None, None, None, True, priority, None, None, startup)

Hope this helps.

来源：https://stackoverflow.com/questions/22615365/using-win32-api-createprocessasuser-in-python