go-win64api
go-win64api copied to clipboard
iamacarpet
Can Add RunAs function like autoit RunAs/RunAsWait?
This project is awesome.I used it on my work. thanks.
Is there a way to RunAs another windows user like this? https://www.autoitscript.com/autoit3/docs/functions/RunAs.htm
Hello @frocelu ,
That is functionality that would be awesome to have, but I'm afraid I don't have time to implement it at the moment, so I'll mark it as "help wanted": if you managed to implement it yourself, please share upstream.
This might help with something I looked into a while ago, which is doing what things like A/V do and having a master process running as "NT AUTH\SYSTEM" that looks for active user sessions and then injects a tray icon / GUI app into them, for the user to see the app is running and provide a point of interaction: there were some guides around online with a rough example of how to do this, but ultimately we didn't need it enough and it was a massive piece of work.
Thanks. Now I use the func CreateProcessWithLogonW of win32 api in temporary.
If I have the ability to contribute this project I will glad to do.But for now, I still need a lot of works for doing this. If You have some guides about this function, please give me, thanks.
@frocelu well, nice one! I haven’t heard of that library before, it’s useful to see a lot of other Windows API stuff is already implemented there.
I notice the function you referenced requires a user / pass to run as the user, where as there is another function that takes a user session handle (for if the user is already logged in), for the ability to execute in their existing session: this will probably be more useful for my use case listed above.
To implement this, we'll first need the ability to create tokens, detailed in https://github.com/iamacarpet/go-win64api/issues/29
CreateProcessWithLogonW doesn't work as "NT AUTH\SYSTEM" and requires a user's full credentials.
Creating a session token, then using CreateProcessAsUser should allow us to become anyone without credentials.