我有一个VB.net应用程序,需要由标准用户运行,但是有些功能需要以本地管理员的身份运行(具有我所关心的LSA,受信任的安装程序或其他系统帐户)的提升的标志)。这是一个帮助程序,允许用户运行内部应用程序,而无需输入本地管理员凭据并通过UAC提示符。 UAC旨在防止程序自发获得管理员特权,但就我而言,我们打算将这些凭据嵌入程序中。我们不想禁用UAC,只是绕过已经以其他方式完成的UAC,我们只需要使用run as admin标志启动run命令(例如reg add或CMD)即可。简单地运行runas不起作用,因为它们是标准用户帐户,当尝试将项目添加到注册表中的运行文件夹时,我们获得了拒绝访问的权限。
仅需说明,基本程序将永远不会以管理员身份运行。目的是使用它来调用具有嵌入式凭据的另一个程序或cmd.exe。标准用户将使用它。
我已经尝试了VB.Net system.diagnostics.process.start.flag = "runas"属性,但是没有用。
我也尝试了以下代码,但这也不起作用,并返回“ 1”。拨打
RunProgram("Administrator", "password", Environment.MachineName, "cmd.exe", "/c reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /f /v MyProgram /D " & System.Windows.Forms.Application.ExecutablePath())
任何想法如何进行?
我还使用VB.Net尝试了一个简单的cmd Runas
system.diagnostics.process.start.flag = "runas", and now Lib "Advapi32" Alias "CreateProcessWithLogonW".
下面是模块代码:
Public Module Impersonation
#Region "API Structures"
<StructLayout(LayoutKind.Sequential)>
Public Structure PROCESS_INFORMATION
Dim hProcess As System.IntPtr
Dim hThread As System.IntPtr
Dim dwProcessId As Integer
Dim dwThreadId As Integer
End Structure
<StructLayout(LayoutKind.Sequential)>
Public Structure STARTUPINFO
Dim cb As Integer
Dim lpReserved As System.IntPtr
Dim lpDesktop As System.IntPtr
Dim lpTitle As System.IntPtr
Dim dwX As Integer
Dim dwY As Integer
Dim dwXSize As Integer
Dim dwYSize As Integer
Dim dwXCountChars As Integer
Dim dwYCountChars As Integer
Dim dwFillAttribute As Integer
Dim dwFlags As Integer
Dim wShowWindow As Short
Dim cbReserved2 As Short
Dim lpReserved2 As System.IntPtr
Dim hStdInput As System.IntPtr
Dim hStdOutput As System.IntPtr
Dim hStdError As System.IntPtr
End Structure
#End Region
#Region "API Constants"
Private Const LOGON_NETCREDENTIALS_ONLY As Integer = &H2
Private Const NORMAL_PRIORITY_CLASS As Integer = &H20
Private Const CREATE_DEFAULT_ERROR_MODE As Integer = &H4000000
Private Const CREATE_NEW_CONSOLE As Integer = &H10
Private Const CREATE_NEW_PROCESS_GROUP As Integer = &H200
Private Const LOGON_WITH_PROFILE As Integer = &H1
#End Region
#Region "API Functions"
Public Declare Unicode Function CreateProcessWithLogon Lib "Advapi32" Alias "CreateProcessWithLogonW" _
(ByVal lpUsername As String,
ByVal lpDomain As String,
ByVal lpPassword As String,
ByVal dwLogonFlags As Integer,
ByVal lpApplicationName As String,
ByVal lpCommandLine As String,
ByVal dwCreationFlags As Integer,
ByVal lpEnvironment As System.IntPtr,
ByVal lpCurrentDirectory As System.IntPtr,
ByRef lpStartupInfo As STARTUPINFO,
ByRef lpProcessInfo As PROCESS_INFORMATION) As Integer
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As System.IntPtr) As Integer
#End Region
Public Function RunProgramold(ByVal UserName As String, ByVal Password As String, ByVal Domain As String, ByVal Application As String, ByVal CommandLine As String)
Dim siStartup As STARTUPINFO
Dim piProcess As PROCESS_INFORMATION
Dim intReturn As Integer
If CommandLine Is Nothing OrElse CommandLine = "" Then CommandLine = String.Empty
siStartup.cb = Marshal.SizeOf(siStartup)
siStartup.dwFlags = 0
intReturn = CreateProcessWithLogon(UserName, Domain, Password, LOGON_WITH_PROFILE, Application, CommandLine, NORMAL_PRIORITY_CLASS Or CREATE_DEFAULT_ERROR_MODE Or CREATE_NEW_CONSOLE Or CREATE_NEW_PROCESS_GROUP, IntPtr.Zero, IntPtr.Zero, siStartup, piProcess)
If intReturn = 0 Then
Dim errorMessage As New Win32Exception(Marshal.GetLastWin32Error())
MsgBox("Cant start program:" & Application & CommandLine & errorMessage.Message)
Throw New System.ComponentModel.Win32Exception(Marshal.GetLastWin32Error())
End If
CloseHandle(piProcess.hProcess)
CloseHandle(piProcess.hThread)
Return intReturn
End Function
End Module
它应以管理员身份运行Reg Add,并将新条目写入注册表中的run文件夹。没有消息产生,我得到的唯一错误是“ 1”。