All geek questions in one place

Is it possible to duplicate the following credential process in VB.NET?

Solution (view):

It turns out that this impersonation with .NET security allows only at the application level. Since the COM object is at the system level, the issued user still cannot create it. I realized this by right-clicking the executable file and selecting "Run As ...", the program functioned normally. I found out that it runs the program with system access (provided that the user you are working with has these credentials). Now I am creating an external program that launches this application using this method.

Thanks for the tips: D

I have a Windows XP installation in a virtual machine. This is part of my domain, but the registered user is only a local user. Obviously, if I try to access a network resource, it will offer the user / password:

alt text http://i40.tinypic.com/wchl5l.jpg

The program that I am testing in a virtual machine uses a COM object to interact with data from another program. If I do not give myself in hand, I get errors because I do not have the appropriate credentials.

I did some research on this and found several sites that had a decent amount of VB.NET information. The problem that I am experiencing with the code I wrote is access to network resources, but I cannot create an instance of a COM object.

(), , . , -, WinXP , . , :

Public Sub BeginImpersonation()
    Const LOGON32_PROVIDER_DEFAULT As Integer = 0
    Const LOGON32_LOGON_INTERACTIVE As Integer = 2
    Const SecurityImpersonation As Integer = 2

    Dim win32ErrorNumber As Integer

    _tokenHandle = IntPtr.Zero
    _dupeTokenHandle = IntPtr.Zero

    If Not LogonUser(_username, _domainname, _password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, _tokenHandle) Then
        win32ErrorNumber = System.Runtime.InteropServices.Marshal.GetLastWin32Error()
        Throw New ImpersonationException(win32ErrorNumber, GetErrorMessage(win32ErrorNumber), _username, _domainname)
    End If

    If Not DuplicateToken(_tokenHandle, SecurityImpersonation, _dupeTokenHandle) Then
        win32ErrorNumber = System.Runtime.InteropServices.Marshal.GetLastWin32Error()

        CloseHandle(_tokenHandle)
        Throw New ImpersonationException(win32ErrorNumber, "Unable to duplicate token!", _username, _domainname)
    End If

    Dim newId As New System.Security.Principal.WindowsIdentity(_dupeTokenHandle)
    _impersonatedUser = newId.Impersonate()
    _impersonating = True
End Sub

, . , :

Enum LOGON32_LOGON
    INTERACTIVE = 2
    NETWORK = 3
    BATCH = 4
    SERVICE = 5
    UNLOCK = 7
    NETWORK_CLEARTEXT = 8
    NEW_CREDENTIALS = 9
End Enum
Enum LOGON32_PROVIDER
    [DEFAULT] = 0
    WINNT35 = 1
    WINNT40 = 2
    WINNT50 = 3
End Enum
Enum SECURITY_LEVEL
    Anonymous = 0
    Identification = 1
    Impersonation = 2
    Delegation = 3
End Enum
+3
4

: : TqcRunas: http://www.quimeras.com/Products/products.asp . , .

, , :

        Dim myProcessStartInfo As ProcessStartInfo = New ProcessStartInfo

    With myProcessStartInfo

        .FileName = "file path and name"

        .Domain = "domainname"
        .UserName = "username"

        'password needs to be a SerureString
        Using NewPassword As New Security.SecureString
            With NewPassword
                For Each c As Char In "password".ToCharArray
                    .AppendChar(c)
                Next c
                .MakeReadOnly()
            End With
            .Password = NewPassword.Copy
        End Using

        'UseShellExecute must be false for impersonated process
        .UseShellExecute = False

    End With

    Using Process As New System.Diagnostics.Process
        With Process
            .StartInfo = myProcessStartInfo
            .Start()
        End With
    End Using
+1

,

LogonUser(_username, _domainname, _password, LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_WINNT50, _tokenHandle)

, . , . , .

0

. , , , :

  • , Impersonate , CloseHandle, .

  • , , RevertToSelf, .

, , . :

Declare Auto Function CloseHandle Lib "kernel32.dll" (ByVal handle As IntPtr) As Long
Declare Auto Function RevertToSelf Lib "advapi32.dll" () As Long
0

. "" SecureString VB.NET?

0

Source: https://habr.com/ru/post/1707611/

More articles:


All Articles