I got the solution for my problem here
Launch your application in Vista under the local system account without the UAC popup[
^]
any suggestions in the code are always welcome :)
Problem was, When I was launching my application through services, process was getting created in the context of system,
and wanted to launch the application for the logged in user,
my previous call for createProcessAsuser() was
BOOL CExecuteProcess::StartProcessWithToken(CString csProcessPath, CString csCommandLineParam,
BOOL CExecuteProcess::StartProcessWithToken(CString csProcessPath, CString csCommandLineParam,CString csAccessProcessName, bool bWait)
{
try
{
HANDLE hToken = NULL;
TOKEN_USER oUser[16];
DWORD u32Needed;
TCHAR sUserName[256], domainName[256];
DWORD userNameSize, domainNameSize;
SID_NAME_USE sidType;
ZeroMemory(oUser,sizeof(oUser));
BOOL bRet = FALSE;
do
{
bRet = OpenProcessToken(GetExplorerProcessHandle(csAccessProcessName), TOKEN_ALL_ACCESS, &hToken);
if( !bRet )
{
Sleep(1000);
}
} while (!bRet);
if(hToken == NULL)
{
if(csAccessProcessName.CompareNoCase(L"explorer.exe") !=0)
{
if (!OpenProcessToken(GetExplorerProcessHandle(L"explorer.exe"), TOKEN_ALL_ACCESS, &hToken))
{
AddLogEntry(L"### Failed to GetExplorerProcessHandle", 0, 0, true, SECONDLEVEL);;
return FALSE;
}
if(hToken == NULL)
{
AddLogEntry(L"### Failed to GetExplorerProcessHandle:: hToken", 0, 0, true, SECONDLEVEL);;
return FALSE;
}
}
}
GetTokenInformation(hToken, TokenUser, &oUser[0], sizeof(oUser), &u32Needed);
userNameSize = _countof (sUserName) - 1;
domainNameSize = _countof (domainName) - 1;
LookupAccountSid (NULL, oUser[0].User.Sid, sUserName, &userNameSize, domainName, &domainNameSize, &sidType);
HDESK hdesk = NULL;
HWINSTA hwinsta = NULL, hwinstaSave = NULL;
PROCESS_INFORMATION pi;
STARTUPINFO si;
BOOL bResult = FALSE;
if((hwinstaSave = GetProcessWindowStation()) == NULL)
{
CloseHandle(hToken);
AddLogEntry(L"### Failed to GetProcessWindowStation", 0, 0, true, SECONDLEVEL);;
return FALSE;
}
hwinsta = OpenWindowStation(
_T("winsta0"), FALSE, READ_CONTROL | WRITE_DAC);
if(hwinsta == NULL)
{
SetProcessWindowStation (hwinstaSave);
CloseHandle(hToken);
AddLogEntry(L"### Failed to GetProcessWindowStation:: OpenWindowStation::hwinsta", 0, 0, true, SECONDLEVEL);;
return FALSE;
}
if(!SetProcessWindowStation(hwinsta))
{
SetProcessWindowStation (hwinstaSave);
CloseWindowStation(hwinsta);
CloseHandle(hToken);
AddLogEntry(L"### Failed to SetProcessWindowStation::After OpenWindowStation", 0, 0, true, SECONDLEVEL);;
return FALSE;
}
hdesk = OpenDesktop(
_T("default"), 0, FALSE, READ_CONTROL | WRITE_DAC |
DESKTOP_WRITEOBJECTS |
DESKTOP_READOBJECTS);
if(hdesk == NULL)
{
SetProcessWindowStation(hwinstaSave);
CloseWindowStation(hwinsta);
CloseHandle(hToken);
AddLogEntry(L"### Failed to OpenDesktop::hdesk", 0, 0, true, SECONDLEVEL);;
return FALSE;
}
if(!SetProcessWindowStation(hwinstaSave))
{
SetProcessWindowStation (hwinstaSave);
CloseWindowStation(hwinsta);
CloseDesktop(hdesk);
CloseHandle(hToken);
AddLogEntry(L"### Failed to SetProcessWindowStation after:: OpenDesktop", 0, 0, true, SECONDLEVEL);;
return FALSE;
}
if(!ImpersonateLoggedOnUser(hToken))
{
SetProcessWindowStation (hwinstaSave);
CloseWindowStation(hwinsta);
CloseDesktop(hdesk);
CloseHandle(hToken);
AddLogEntry(L"### Failed to ImpersonateLoggedOnUser ", 0, 0, true, SECONDLEVEL);;
return FALSE;
}
ZeroMemory( &si, sizeof(STARTUPINFO));
si.cb = sizeof(STARTUPINFO);
si.lpDesktop = _T("winsta0\\default");
TCHAR csCmdParam[MAX_PATH] = {0};
wcscpy_s(csCmdParam, _countof(csCmdParam), csCommandLineParam);
bResult = CreateProcessAsUser(
hToken, csProcessPath, csCmdParam, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS | CREATE_NO_WINDOW, NULL, NULL, &si, &pi );
if(bResult && bWait && pi.hProcess)
{
::WaitForSingleObject(pi.hProcess, 1000 * 60 * 2);
CloseHandle(pi.hThread);
CloseHandle(pi.hProcess);
}
if(hwinstaSave)
SetProcessWindowStation (hwinstaSave);
if(hwinsta)
CloseWindowStation(hwinsta);
if(hdesk)
CloseDesktop(hdesk);
if(hToken)
CloseHandle(hToken);
RevertToSelf();
return bResult;
}
catch(...)
{
AddLogEntry(_T("Exception caught in KeyLoggerScannerDll.cpp StartProcess "));
}
return false;
}
then I changed it with
BOOL CExecuteProcess::StartProcessWithToken(CString csProcessPath, CString csCommandLineParam,
CString csAccessProcessName, bool bWait)
{
PROCESS_INFORMATION pi = { 0 };
STARTUPINFO si = { 0 };
BOOL bResult = FALSE;
DWORD dwSessionId = 0x00, winlogonPid = 0x00;
HANDLE hUserToken = NULL;
HANDLE hUserTokenDup = NULL;
HANDLE hPToken = NULL;
HANDLE hProcess = NULL;
HANDLE hToken = NULL;
DWORD dwCreationFlags = 0x00;
DWORD dwLastError = 0x00;
dwSessionId = WTSGetActiveConsoleSessionId();
PROCESSENTRY32 procEntry;
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hSnap == INVALID_HANDLE_VALUE)
{
goto Cleanup;
}
procEntry.dwSize = sizeof(PROCESSENTRY32);
if (!Process32First(hSnap, &procEntry))
{
goto Cleanup;
}
do
{
if (_wcsicmp(procEntry.szExeFile, csAccessProcessName) == 0)
{
DWORD winlogonSessId = 0;
if (ProcessIdToSessionId(procEntry.th32ProcessID, &winlogonSessId)
&& winlogonSessId == dwSessionId)
{
winlogonPid = procEntry.th32ProcessID;
break;
}
}
} while (Process32Next(hSnap, &procEntry));
::WTSQueryUserToken(dwSessionId, &hUserToken);
dwCreationFlags = NORMAL_PRIORITY_CLASS | CREATE_NEW_CONSOLE;
ZeroMemory(&si, sizeof(STARTUPINFO));
si.cb = sizeof(STARTUPINFO);
si.lpDesktop = L"winsta0\\default";
ZeroMemory(&pi, sizeof(pi));
TOKEN_PRIVILEGES tp;
LUID luid;
hProcess = OpenProcess(MAXIMUM_ALLOWED, FALSE, winlogonPid);
if (!::OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY
| TOKEN_DUPLICATE | TOKEN_ASSIGN_PRIMARY | TOKEN_ADJUST_SESSIONID
| TOKEN_READ | TOKEN_WRITE, &hPToken))
{
dwLastError = GetLastError();
goto Cleanup;
}
if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid))
{
dwLastError = GetLastError();
goto Cleanup;
}
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = luid;
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
DuplicateTokenEx(hPToken, MAXIMUM_ALLOWED, NULL,
SecurityIdentification, TokenPrimary, &hUserTokenDup);
dwLastError = GetLastError();
SetTokenInformation(hUserTokenDup,
TokenSessionId, (void*)dwSessionId, sizeof(DWORD));
if (!AdjustTokenPrivileges(hUserTokenDup, FALSE, &tp, sizeof(TOKEN_PRIVILEGES),
(PTOKEN_PRIVILEGES)NULL, NULL))
{
dwLastError = GetLastError();
goto Cleanup;
}
LPVOID pEnv = NULL;
if (::CreateEnvironmentBlock(&pEnv, hUserTokenDup, TRUE))
{
dwCreationFlags |= CREATE_UNICODE_ENVIRONMENT;
}
else
pEnv = NULL;
bResult = CreateProcessAsUser(
hUserTokenDup, csProcessPath, csCommandLineParam.GetBuffer(csCommandLineParam.GetLength()), NULL, NULL, FALSE, dwCreationFlags, pEnv, NULL, &si, &pi );
csCommandLineParam.ReleaseBuffer();
dwLastError = GetLastError();
if (bResult)
bResult = TRUE;
Cleanup:
if (hProcess)
CloseHandle(hProcess);
if (hUserToken)
CloseHandle(hUserToken);
if (hUserTokenDup)
CloseHandle(hUserTokenDup);
if (hPToken)
CloseHandle(hPToken);
if (hToken)
CloseHandle(hToken);
return bResult;
}