Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
microsoft.public.win32.programmer.kernel
+ new post
About this group
Subscribe to this group
This is a Usenet group - learn more
Message from discussion How to impersonate without password
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Ivan Brugiolo [MSFT]  
View profile  
 More options Dec 12 2002, 6:30 pm
Newsgroups: microsoft.public.win32.programmer.kernel
From: "Ivan Brugiolo [MSFT]" <ivanb...@online.microsoft.com>
Date: Thu, 12 Dec 2002 15:26:49 -0800
Local: Thurs, Dec 12 2002 6:26 pm
Subject: Re: How to impersonate without password
Print | View thread | Show original | Report this message | Find messages by this author
You can write RSH if you have a "daemon" process with the
SeCreatePrimaryToken privilege,
but the created token would belong to the system logon session, and the
token would have
no chance to do much apart from the local machine.

The phylosophically correct approach would be to use SSPI
to correclty create the identity of the remote account in the local machine.
There would be no password transmission.
The API to look at would be InitialzieSecurityContext on the client-side,
followed by a chain of AcceptSecurityContext on the server side.
When the negotiation has happened, the Server would call
ImpersonateSecurityContext.
If the SSPI is going to use Kerberos as the authentication package,
then you can even delegate the credentials of the remote user.

--
This posting is provided "As Is" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

"Garfield Lewis" <gale...@ca.ibm.com> wrote in message

news:e3M0u8hoCHA.2328@TK2MSFTNGP11...
> This is an interesting answer, how would one then write a compliant RSH
> daemon on Windows without first knowing the password of every possible
user
> who could run a rsh command against it? Remember that rsh its requests in
a
> specific format and a password is not part of this data stream.

> Just a thought...

> --
> Garfield A. Lewis
> DB2 UDB Development,
> IBM Canada Laboratory

> "Egbert Nierop (MVP for IIS)" <egbert_nie...@nospam.com> wrote in message
> news:e$WbDOcoCHA.2188@TK2MSFTNGP09...
> > "Yoshiki" <yosh...@wanaROOdooDOO.fr> wrote in message
> > news:uXwrZDYoCHA.2360@TK2MSFTNGP09...
> > > Hi,

> > > Does anybody know a way to impresonate a process which is running
under
> > > the SYSTEM account to an other account for which the process doesn't
> > > know the password ?

> > This is *not* possible, if it were, windows-hell broke... the idea of
> having
> > passwords on a system would be voided.

> > > (Sorry if it's not the right place to ask my question. If not, please
> > > tell me where I can do it :-)

> > > Thanks a lot !

> > > Antoine.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google