Re: Execute program w/ cred from service



Hi,

I did this with NT up to XP, too. To say: a 'real' SrvAny replacement which handles security issues properly.

Following where the steps I made:

- start the service
- impersonate any user under whose credentials the program shoul run
- insert Access allowed ACE into Winsta0 and Default
- launch the app using credentials (CreateProcessAsUser)

This worked fine in pre Vista OSses but Vista defies that.

The process will be started in session 0 and never be visible to the logged on user.

Is there -at all- a way to launch a program from a service that shows up at the glass?

Security risks are recognized and accepted!!
.



Relevant Pages

  • Packet Storm - New Site
    ... Packet Storm Security Launches New Site ... 2010 - Today is the launch of a completely ... advisories, exploits and tools. ...
    (Bugtraq)
  • Re: Running programs from windows service
    ... is not to launch processes from your service. ... Vista is warning the user of a potential security risk, ... avoid launching apps from your service wherever possible - ...
    (microsoft.public.dotnet.framework)
  • Re: Windows 7, another Windows Vista?
    ... and there's protected mode IE. ... reduced security to satisfy the whiners. ... The decision to prompt for UAC settings changes is particularly telling. ... the services that start at OS launch, and made all they could launch on ...
    (comp.sys.mac.advocacy)
  • Re: HTA Coding
    ... there isn't an easy way to transparently launch an .exe via the browser. ... Your users will be exposed to the security message regardless. ... as I know (which isn't really that far since I've never played with HTA) ...
    (microsoft.public.frontpage.client)
  • Re: Subject: Cant Launch Internet Explorer
    ... More security tips at http://www.aumha.org/a/parasite.htm ... Internet Explorer: http://support.microsoft.com/?kbid=276393 ... Also won't launch from ... Downloaded IE6 from Microsoft.com and now get ...
    (microsoft.public.windows.inetexplorer.ie6.browser)