OpenProcess fails for certain services.
Vikash
I am writing an application which would list all the privileges
enabled for a particular process. The process could even be running in
SYSTEM account or as a service or both. I am pasting the code below. I
am running the code under an administrator account and having the
following privileges enabled.
SeSecurityPrivilege, SeBackupPrivilege, SeRestorePrivilege,
SeSystemtimePrivilege
SeShutdownPrivilege, SeRemoteShutdownPrivilege,
SeTakeOwnershipPrivilege
SeDebugPrivilege, SeSystemEnvironmentPrivilege,
SeSystemProfilePrivilege
SeProfileSingleProcessPrivilege, SeIncreaseBasePriorityPrivilege,
SeLoadDriverPrivilege
SeCreatePagefilePrivilege, SeIncreaseQuotaPrivilege, SeUndockPrivilege
SeManageVolumePrivilege, SeImpersonatePrivilege,
SeCreateGlobalPrivilege
SeChangeNotifyPrivilege
This I could verify by giving the ProcessId of this process as input
to the process after looking up the PID from taskmgr.
The problems that I am facing is that OpenProcess fails for processes
running under "LOCAL SERVICE" or "NETWORK SERVICE". (eg. svchost.exe
and others). Please guide me where am I going wrong.
Thanks in advance,
Vikash.
===============================================================
#include <windows.h>
#include <stdio.h>
#include <conio.h>
void main()
{
DWORD dwPID=0;
printf("Please enter the PID of the process you want to
investigate:");
scanf_s(" %d",&dwPID);
printf("\nPID=%u\n",dwPID);
HANDLE hProcessHandle = OpenProcess
(PROCESS_QUERY_INFORMATION,false,dwPID);
if(!hProcessHandle)
{
printf("OpenProcess for PID:%u failed last error=%u\n Press any
key",dwPID,GetLastError());
_getch();
ExitProcess(0);
}
HANDLE hTokenHandle;
if(!OpenProcessToken(hProcessHandle,TOKEN_QUERY,&hTokenHandle))
{
printf("OpenProcessToken failed last error=%u\n Press any
key",GetLastError());
_getch();
ExitProcess(0);
}
char* pTokenInformation=NULL;
DWORD dwReturnLength=0;
GetTokenInformation(hTokenHandle,TokenPrivileges,(LPVOID)
pTokenInformation,0,&dwReturnLength);
pTokenInformation=(char*)malloc(dwReturnLength);
if(!GetTokenInformation(hTokenHandle,TokenPrivileges,(LPVOID)
pTokenInformation,dwReturnLength,&dwReturnLength))
{
printf("GetTokenInformation failed last error=%u\n Press any
key",GetLastError());
_getch();
ExitProcess(0);
}
PTOKEN_PRIVILEGES pTokenPrivileges=(PTOKEN_PRIVILEGES)
pTokenInformation;
int i;
for(i=0;i<pTokenPrivileges->PrivilegeCount;i++)
{
char* name=NULL;
DWORD dwNameLength;
dwNameLength=0;
LUID_AND_ATTRIBUTES luid;
luid=pTokenPrivileges->Privileges[i];
LookupPrivilegeNameA(NULL,&(luid.Luid),name,&dwNameLength);
name=(char*)malloc(dwNameLength+1);
LookupPrivilegeNameA(NULL,&(luid.Luid),name,&dwNameLength);
printf("%s\n",name);
free(name);
}
_getch();
}
==================================================================
nico
"Vikash" <vikashr...@gmail.com> wrote in message
news:6b031f05-2b5b-44d6...@r15g2000prh.googlegroups.com...
> This I could verify by giving the ProcessId of this process as input
> to the process after looking up the PID from taskmgr.
>
> The problems that I am facing is that OpenProcess fails for processes
> running under "LOCAL SERVICE" or "NETWORK SERVICE". (eg. svchost.exe
> and others). Please guide me where am I going wrong.
Have you tried to adjust privileges with AdjustTokenPrivileges ?