Skip to content

benmoss/CreateProcessAsUser

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
RunProcessAsUser
RunProcessAsUser
 
 
createjobobject
createjobobject
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
RunProcessAsUser.sln
RunProcessAsUser.sln
 
 

Repository files navigation

CreateProcessAsUser

This project attempts to use CreateProcessAsUser to run a process as a different user. We are exploring this syscall because the syscall used by C#'s Process class is CreateProcessWithLogonW which does not work when run as the SYSTEM user.

In order to run the CreateProcessAsUser syscall, you must grant the current user the privilege to "Replace a process level token". The SYSTEM user has this by default.

In order to run this project, create a user named foobar with the password foobar and add it to the IIS_IUSRS group. This will allow it to logon locally.

When run with an Administrator user with the "Replace a process level token" privilege, we see the subprocess crash with ERROR_ACCESS_DENIED 5 (0x5) when executing the CreateJobObject syscall. If we remove the syscall this program works fine.

About

CreateProcessAsUser experiments

Resources

Readme
Activity

Stars

6 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages