Databases
StackOverflow2013
Postsdbo
POobtain session id and process id for winlogon.exe
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POobtain session id and process id for winlogon.exe
    text
    copied!<p>I'm trying to create a process that starts up an application that requires a UI. So it can't be in session 0. My idea was to obtain the process id of winlogon.exe of the current logged on user. In this way I could duplicate the winlogon token and run my application using the CreateProcessAsUser function. my code so far:(this is being called when the application i want run is required)</p> <pre><code>#include &lt;windows.h&gt; #include &lt;tlhelp32.h&gt; #include &lt;tchar.h&gt; this function() { HANDLE hProcessSnap; HANDLE hProcess; PROCESSENTRY32 pe32; DWORD dwPriorityClass; // Take a snapshot of all processes in the system. hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 ); // Set the size of the structure before using it. pe32.dwSize = sizeof( PROCESSENTRY32 ); //get the active session id DWORD sessionID = WTSGetActiveConsoleSessionId(); // Now walk through the snapshot of processes //I want to narrow this down to processes called winlogon //if multiple users logged on system i want to make sure the active user //will get the application run the their screen do { // Retrieve the priority class. dwPriorityClass = 0; //here i want to compare the sessionID with session IDs of each winlogon process //stuck for implementation here //when i find a match i can use the processID to gain the token and create //a duplicate so it can be used in CreateAsUser function. }while( Process32Next( hProcessSnap, &amp;pe32 ) ); } </code></pre> <p>So basically i need some help narrowing down the snapshot of the processes to just "winlogon" and iterating through the session IDs of these processes to match sessionID of the active user. Thanks in advance:D</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload