|
| static bool | RunAsRestrictedUser (string fileName, string DesktopName) |
| | Runs the specified file as a restricted user in a separate desktop session.
|
| |
|
| enum | TOKEN_INFORMATION_CLASS {
TokenUser = 1
, TokenGroups
, TokenPrivileges
, TokenOwner
,
TokenPrimaryGroup
, TokenDefaultDacl
, TokenSource
, TokenType
,
TokenImpersonationLevel
, TokenStatistics
, TokenRestrictedSids
, TokenSessionId
,
TokenGroupsAndPrivileges
, TokenSessionReference
, TokenSandBoxInert
, TokenAuditPolicy
,
TokenOrigin
, TokenElevationType
, TokenLinkedToken
, TokenElevation
,
TokenHasRestrictions
, TokenAccessInformation
, TokenVirtualizationAllowed
, TokenVirtualizationEnabled
,
TokenIntegrityLevel
, TokenUIAccess
, TokenMandatoryPolicy
, TokenLogonSid
,
MaxTokenInfoClass
} |
| |
|
| static bool | SaferCreateLevel (SaferScope scope, SaferLevel level, SaferOpenFlags openFlags, out IntPtr pLevelHandle, IntPtr lpReserved) |
| | Creates a new Safer level and returns a handle to the level.
|
| |
| static bool | SaferComputeTokenFromLevel (IntPtr LevelHandle, IntPtr InAccessToken, out IntPtr OutAccessToken, int dwFlags, IntPtr lpReserved) |
| | Computes a token from the specified level handle and input access token, and returns the result.
|
| |
| static bool | SaferCloseLevel (IntPtr hLevelHandle) |
| | Closes a SAFER level handle.
|
| |
| static bool | ConvertStringSidToSid (string StringSid, out IntPtr ptrSid) |
| | Converts a string representation of a security identifier (SID) to a binary SID and returns a value indicating whether the conversion was successful.
|
| |
| static bool | CloseHandle (IntPtr hObject) |
| | Closes an open object handle.
|
| |
| static IntPtr | LocalFree (IntPtr hMem) |
| | Frees the memory block allocated by LocalAlloc and LocalReAlloc and invalidates the handle.
|
| |
| static Boolean | SetTokenInformation (IntPtr TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, IntPtr TokenInformation, UInt32 TokenInformationLength) |
| | Sets the token information for a specified token.
|
| |
| static bool | CreateProcessAsUser (IntPtr hToken, string lpApplicationName, StringBuilder lpCommandLine, IntPtr lpProcessAttributes, IntPtr lpThreadAttributes, bool bInheritHandles, uint dwCreationFlags, IntPtr lpEnvironment, string lpCurrentDirectory, ref STARTUPINFO lpStartupInfo, out PROCESS_INFORMATION lpProcessInformation) |
| | Creates a new process using the specified user token and startup information.
|
| |
|
| static bool | GetRestrictedSessionUserToken (out IntPtr token) |
| | Retrieves a restricted session user token and returns it.
|
| |
| static bool | SafeCloseHandle (IntPtr hObject) |
| | Safely closes the specified handle if it is not a null pointer and returns a boolean value indicating the success of the operation.
|
| |
◆ SaferLevel
| Enumerator |
|---|
| Disallowed | |
| Untrusted | |
| Constrained | |
| NormalUser | |
| FullyTrusted | |
◆ SaferOpenFlags
◆ SaferScope
◆ TOKEN_INFORMATION_CLASS
| Enumerator |
|---|
| TokenUser | |
| TokenGroups | |
| TokenPrivileges | |
| TokenOwner | |
| TokenPrimaryGroup | |
| TokenDefaultDacl | |
| TokenSource | |
| TokenType | |
| TokenImpersonationLevel | |
| TokenStatistics | |
| TokenRestrictedSids | |
| TokenSessionId | |
| TokenGroupsAndPrivileges | |
| TokenSessionReference | |
| TokenSandBoxInert | |
| TokenAuditPolicy | |
| TokenOrigin | |
| TokenElevationType | |
| TokenLinkedToken | |
| TokenElevation | |
| TokenHasRestrictions | |
| TokenAccessInformation | |
| TokenVirtualizationAllowed | |
| TokenVirtualizationEnabled | |
| TokenIntegrityLevel | |
| TokenUIAccess | |
| TokenMandatoryPolicy | |
| TokenLogonSid | |
| MaxTokenInfoClass | |
◆ CloseHandle()
| static bool Hidden_handler._ProcessHelper.CloseHandle |
( |
IntPtr | hObject | ) |
|
|
private |
Closes an open object handle.
- Parameters
-
| hObject | A handle to an open object. |
- Returns
- True if the function succeeds, false if the function fails. To get extended error information, call GetLastError.
This method closes an open object handle. If the function succeeds, the return value is true. If the function fails, the return value is false. To get extended error information, call GetLastError.
◆ ConvertStringSidToSid()
| static bool Hidden_handler._ProcessHelper.ConvertStringSidToSid |
( |
string | StringSid, |
|
|
out IntPtr | ptrSid ) |
|
private |
Converts a string representation of a security identifier (SID) to a binary SID and returns a value indicating whether the conversion was successful.
- Parameters
-
| StringSid | The string representation of the SID to be converted. |
| ptrSid | When this method returns, contains the pointer to the binary SID if the conversion was successful; otherwise, null. |
- Returns
- True if the conversion was successful and the ptrSid parameter contains the pointer to the binary SID; otherwise, false.
- Exceptions
-
| System.ComponentModel.Win32Exception | Thrown when the conversion fails and the last Win32 error is set. |
◆ CreateProcessAsUser()
| static bool Hidden_handler._ProcessHelper.CreateProcessAsUser |
( |
IntPtr | hToken, |
|
|
string | lpApplicationName, |
|
|
StringBuilder | lpCommandLine, |
|
|
IntPtr | lpProcessAttributes, |
|
|
IntPtr | lpThreadAttributes, |
|
|
bool | bInheritHandles, |
|
|
uint | dwCreationFlags, |
|
|
IntPtr | lpEnvironment, |
|
|
string | lpCurrentDirectory, |
|
|
ref STARTUPINFO | lpStartupInfo, |
|
|
out PROCESS_INFORMATION | lpProcessInformation ) |
|
private |
Creates a new process using the specified user token and startup information.
- Parameters
-
| hToken | A handle to the primary token that represents a user. |
| lpApplicationName | The name of the module to be executed. |
| lpCommandLine | The command line to be executed. |
| lpProcessAttributes | A pointer to a SECURITY_ATTRIBUTES structure for the new process object. |
| lpThreadAttributes | A pointer to a SECURITY_ATTRIBUTES structure for the new thread object. |
| bInheritHandles | If this parameter is true, each inheritable handle in the calling process is inherited by the new process. |
| dwCreationFlags | The flags that control the priority class and the creation of the process. |
| lpEnvironment | A pointer to an environment block for the new process. |
| lpCurrentDirectory | The full path to the current directory for the process. |
| lpStartupInfo | A pointer to a STARTUPINFO structure that specifies how the application is to be shown. |
| lpProcessInformation | A pointer to a PROCESS_INFORMATION structure that receives identification information about the new process. |
- Returns
- True if the function succeeds, false if it fails. To get extended error information, call GetLastError.
◆ GetRestrictedSessionUserToken()
| static bool Hidden_handler._ProcessHelper.GetRestrictedSessionUserToken |
( |
out IntPtr | token | ) |
|
|
inlinestaticprivate |
Retrieves a restricted session user token and returns it.
- Parameters
-
| token | When this method returns, contains the restricted session user token if the method succeeded, or IntPtr.Zero if the method failed. |
- Returns
- True if the restricted session user token was successfully retrieved; otherwise, false.
This method retrieves a restricted session user token by creating a Safer level with NormalUser scope and opening it. It then computes a token from the Safer level and sets the integrity level to "S-1-16-8192". The retrieved token is stored in the token parameter.
◆ LocalFree()
| static IntPtr Hidden_handler._ProcessHelper.LocalFree |
( |
IntPtr | hMem | ) |
|
|
private |
Frees the memory block allocated by LocalAlloc and LocalReAlloc and invalidates the handle.
- Parameters
-
| hMem | A handle to the local memory object. |
- Returns
- If the function succeeds, the return value is NULL. If the function fails, the return value is equal to a handle to the local memory object. To get extended error information, call GetLastError.
◆ RunAsRestrictedUser()
| static bool Hidden_handler._ProcessHelper.RunAsRestrictedUser |
( |
string | fileName, |
|
|
string | DesktopName ) |
|
inlinestatic |
Runs the specified file as a restricted user in a separate desktop session.
- Parameters
-
| fileName | The path of the file to be executed. |
| DesktopName | The name of the desktop session in which the file should be executed. |
- Exceptions
-
| ArgumentException | Thrown when fileName is null or whitespace. |
- Returns
- True if the file was successfully executed as a restricted user; otherwise, false.
This method attempts to run the specified file as a restricted user in a separate desktop session. It first checks if the fileName is valid, and then obtains the restricted user token using the GetRestrictedSessionUserToken method. It then creates a new process using the CreateProcessAsUser method, passing in the restricted user token and other necessary parameters. If successful, it returns true; otherwise, it returns false. The method ensures that the restricted user token is properly closed after execution using the CloseHandle method.
◆ SafeCloseHandle()
| static bool Hidden_handler._ProcessHelper.SafeCloseHandle |
( |
IntPtr | hObject | ) |
|
|
inlinestaticprivate |
Safely closes the specified handle if it is not a null pointer and returns a boolean value indicating the success of the operation.
- Parameters
-
| hObject | The handle to be closed. |
- Returns
- True if the handle is a null pointer or if the operation to close the handle is successful; otherwise, false.
This method checks if the input handle hObject is a null pointer. If it is, the method returns true indicating that the handle is already closed. If the handle is not a null pointer, the method attempts to close the handle using the CloseHandle function and returns true if the operation is successful; otherwise, it returns false.
◆ SaferCloseLevel()
| static bool Hidden_handler._ProcessHelper.SaferCloseLevel |
( |
IntPtr | hLevelHandle | ) |
|
|
private |
Closes a SAFER level handle.
- Parameters
-
| hLevelHandle | The handle to the SAFER level to be closed. |
- Returns
- True if the handle is closed successfully; otherwise, false.
◆ SaferComputeTokenFromLevel()
| static bool Hidden_handler._ProcessHelper.SaferComputeTokenFromLevel |
( |
IntPtr | LevelHandle, |
|
|
IntPtr | InAccessToken, |
|
|
out IntPtr | OutAccessToken, |
|
|
int | dwFlags, |
|
|
IntPtr | lpReserved ) |
|
private |
Computes a token from the specified level handle and input access token, and returns the result.
- Parameters
-
| LevelHandle | The handle to the level. |
| InAccessToken | The input access token. |
| OutAccessToken | When this method returns, contains the computed token if the call to the method succeeded, or IntPtr.Zero if the call failed. |
| dwFlags | Flags that control the behavior of the function. |
| lpReserved | Reserved for future use; must be IntPtr.Zero. |
- Returns
- True if the method succeeds; otherwise, false.
- Exceptions
-
| System.EntryPointNotFoundException | The specified entry point in the unmanaged DLL is not found. |
◆ SaferCreateLevel()
Creates a new Safer level and returns a handle to the level.
- Parameters
-
| scope | The scope of the Safer level. |
| level | The Safer level to be created. |
| openFlags | Flags that control the behavior of the Safer level. |
| pLevelHandle | When this method returns, contains a pointer to the handle of the newly created Safer level. |
| lpReserved | Reserved for future use; must be null. |
- Returns
true if the Safer level was successfully created; otherwise, false.
◆ SetTokenInformation()
| static Boolean Hidden_handler._ProcessHelper.SetTokenInformation |
( |
IntPtr | TokenHandle, |
|
|
TOKEN_INFORMATION_CLASS | TokenInformationClass, |
|
|
IntPtr | TokenInformation, |
|
|
UInt32 | TokenInformationLength ) |
|
private |
Sets the token information for a specified token.
- Parameters
-
| TokenHandle | A handle to the access token for which information is to be set. |
| TokenInformationClass | The type of information being assigned to the access token. |
| TokenInformation | A pointer to a buffer that contains the token information to set. |
| TokenInformationLength | The length, in bytes, of the buffer pointed to by the TokenInformation parameter. |
- Returns
- True if the function succeeds, otherwise False.
This method sets the specified token information for a given access token using the advapi32.dll library. The SetLastError property is set to true, indicating that the function will call the SetLastError method to record the last Win32 error.
◆ SE_GROUP_INTEGRITY
| const uint Hidden_handler._ProcessHelper.SE_GROUP_INTEGRITY = 0x00000020 |
|
staticprivate |
The documentation for this class was generated from the following file:
