Page 1 of 2
					
				
				Posted: Tue Jul 16, 2002 4:08 pm
				by BackupUser
				Restored from previous forum. Originally posted by Skully.
 Does anyone have or know how to make a runas-like command that accepts a password parameter as well?
If you are not sure of what run-as does, it changes the user-context that windows is running under and any spawned child processes.
fyi:
http://www.microsoft.com/technet/treevi ... /runas.asp
Skully
Edited by - skully on 16 July 2002  17:11:13
 
			 
			
					
				
				Posted: Wed Jul 17, 2002 3:19 am
				by BackupUser
				Restored from previous forum. Originally posted by Shawn.
 Hi.
I am not sure what you are trying to do, so there may be a better solution. You could try posting in the Beginners forum.
 
This solution uses the runas command and a sendkeys function that was kindly posted by PB yesterday. See the Tips and Tricks forum for the code.
 
Code: Select all
RunProgram("runas.exe","/user:MyComputerOrDomain\SomeUser notepad",0)
Delay(1000)
SendKeys(0,"C:\WINNT\System32\Runas.exe","ThePassword{ENTER}")
 
Hope this helps.
 
Shawn
 
			 
			
					
				
				Posted: Wed Jul 17, 2002 6:12 am
				by BackupUser
				Restored from previous forum. Originally posted by Skully.
 Thats what I do now, but with a keyboard capture program the password is easily compromised.
Skully
Http://24.69.16.68/
Edited by - skully on 17 July 2002  07:14:34
 
			 
			
					
				
				Posted: Wed Jul 17, 2002 6:29 am
				by BackupUser
				Restored from previous forum. Originally posted by PB.
 > Does anyone know how to make a runas-like command that accepts a password
> parameter as well?
Does the "RunAs" command accept a password parameter?  The link you provided, at
Microsoft's web site, doesn't seem to show a password parameter?
Anyway, is the "RunAs" command is just a normal command at a prompt?  It appears
so, so please provide an example of what you would physically type at the prompt
and I will be able to give you a way to do it in PureBasic.
PB - Registered PureBasic Coder
			 
			
					
				
				Posted: Wed Jul 17, 2002 7:12 am
				by BackupUser
				Restored from previous forum. Originally posted by Skully.
 Absolutely..
I would *like* to be able to type:
RunAs %environmentvarb%\path.exe /user:domain\username password
Which stays consistent with the way "net use" works 
Its essential that the password not be keyboard captureable
Skully
Edited by - skully on 17 July 2002  08:13:54
			 
			
					
				
				Posted: Wed Jul 17, 2002 10:07 am
				by BackupUser
				Restored from previous forum. Originally posted by PB.
 > I would *like* to be able to type:
> RunAs %environmentvarb%\path.exe /user:domain\username password
Try the RunProgram command with it like so...
RunProgram("RunAs","%environmentvarb%\path.exe /user:domain\username password",0)
...but I don't think it will work.  It's hard for me to test as I don't have the
same setup as you, but anything that is typed at a command prompt can be done via
the RunProgram command, so just play with it a bit.
PB - Registered PureBasic Coder
Edited by - PB on 17 July 2002  11:08:05
			 
			
					
				
				Posted: Wed Jul 17, 2002 2:01 pm
				by BackupUser
				Restored from previous forum. Originally posted by Shawn.
 Hi.
It seems that the API equivalent is called CreateProcessWithLogonW()
http://msdn.microsoft.com/library/en-us ... frame=true
Although, I get the message that CreateProcessWithLogonW_() is not a function... etc.
There are links on the above page for using LogonUser() and CreateProcessAsUser() as an alternate method. 
I am interested too. Could someone post an example showing how we should call these API functions properly?
Here is my code that fails on the last function:
Code: Select all
 
*lpUsername = AllocateMemory(0, 1024, 0) 
PokeS(*lpUsername,"SomeUsername")
*lpDomain = AllocateMemory(2, 1024, 0) 
PokeS(*lpDomain,"SomeDomain")
*lpPassword = AllocateMemory(3, 1024, 0) 
PokeS(*lpPassword,"SomePassword")
*lpApplicationName = AllocateMemory(4, 1024, 0) 
PokeS(*lpApplicationName,"notepad.exe")
*lpToken = AllocateMemory(5, 4, 0)
 
;This one gets "is not a function..."
;CreateProcessWithLogonW_(*lpUsername,*lpDomain,*lpPassword,0,*lpApplicationName,0,0,0,0,0,0)
 
LogonUser_(*lpUsername, *lpDomain, *lpPassword, #LOGON32_LOGON_BATCH, #LOGON32_PROVIDER_DEFAULT,*lpToken)
CreateProcessAsUser_(*lpToken,*lpApplicationName,0,0,0,False,"",0,0,0,0)
Thanks.
 
Shawn
 
			 
			
					
				
				Posted: Wed Jul 17, 2002 2:40 pm
				by BackupUser
				Restored from previous forum. Originally posted by Rings.
 If the functions is not recognize by Pure (maybe OS-Specific), use the 
LIBRARY Function to call them.
Its a long way to the top if you wanna .....CodeGuru
			 
			
					
				
				Posted: Wed Jul 17, 2002 5:41 pm
				by BackupUser
				Restored from previous forum. Originally posted by Skully.
 Ref:
LogonUser_(*lpUsername, *lpDomain, *lpPassword, #LOGON32_LOGON_BATCH, #LOGON32_PROVIDER_DEFAULT,*lpToken)CreateProcessAsUser_(*lpToken,*lpApplicationName,0,0,0,False,"",0,0,0,0)
I did notice that in the description on the microsoft site states:
The CreateProcessWithLogonW function is similar to the CreateProcessAsUser function, except that the caller does not need to call the LogonUser function to authenticate the user and get a token. 
Which doesnt solve the calling problem but might save a headache later.
Hey, does purebasic allow connection to .net framework etc?
Skully
			 
			
					
				
				Posted: Wed Jul 17, 2002 9:29 pm
				by BackupUser
				Restored from previous forum. Originally posted by El_Choni.
 About CreateProcessWithLogonW, you can use this piece of code. In Win 98, it shows the error message so, for me, it works.
Code: Select all
If OpenLibrary(0, "ADVAPI32.DLL")
  CreateProcessWithLogonW = IsFunction(0, "CreateProcessWithLogonW")
  If CreateProcessWithLogonW
    CallFunctionFast(CreateProcessWithLogonW, *lpUsername, *lpDomain, *lpPassword, 0, *lpApplicationName, 0, 0, 0, 0, 0, 0)
  Else
    MessageRequester("Error:", "CreateProcessWithLogonW supported only in Windows 2000 or later.", 0)
  EndIf
  CloseLibrary(0)
Else
  MessageRequester("Error:", "ADVAPI32.DLL not available.", 0)
EndIf
Bye,
El_Choni
 
			 
			
					
				
				Posted: Thu Jul 18, 2002 1:41 am
				by BackupUser
				Restored from previous forum. Originally posted by Shawn.
 Thanks El_Choni.
The problem now is that we need to figure out the correct parameters. Here is my revised code: 
Code: Select all
 
MyUserName.s = "UserName"
MyDomainName.s = "." ; use . for a local user, and the domain for a domain user.
MyPassword.s = "password"
MyApplication.s = "C:\winnt\notepad.exe"
*lpProcessInfo = AllocateMemory(0,4,0)
If OpenLibrary(0, "ADVAPI32.DLL")
  *F = IsFunction(0, "CreateProcessWithLogonW")
  If *F
    If CallFunctionFast(*F, 0, @MyUserName, @MyDomain, @MyPassword, 0, @MyApplication,0,0,0,0,*lpProcessInfo) 
      MessageRequester("","Success!",0)
    Else
      Buffer.s = Space(200)
      LastError.l = GetLastError_()
      FormatMessage_(#FORMAT_MESSAGE_FROM_SYSTEM, 0, LastError, #LANG_NEUTRAL, @Buffer, 200, 0)
      MessageRequester("Error",Str(LastError)+" "+Buffer,0)
    EndIf
  Else
    MessageRequester("","Sorry - this function is not available.",0) 
  EndIf
  CloseLibrary(0)
EndIf
The error is number 87, (the parameter is incorrect).
Shawn
Edited by - shawn on 18 July 2002  02:42:50
 
			 
			
					
				
				Posted: Thu Jul 18, 2002 2:19 am
				by BackupUser
				Restored from previous forum. Originally posted by El_Choni.
 The first argument of the calling function shouldn't be there, but before the last one, like this:
Code: Select all
If CallFunctionFast(*F, @MyUserName, @MyDomain, @MyPassword, 0, @MyApplication,0,0,0,0,0,*lpProcessInfo) 
And you should allocate space for the returned PROCESS_INFORMATION structure values, let's say like this:
And then give the function the pointer to it: @lpProcessInfo.
Can't tell you anything else now, since I only have Windows 98 here.
Bye,
El_Choni
Edited by - El_Choni on 18 July 2002  11:25:23
 
			 
			
					
				
				Posted: Thu Jul 18, 2002 5:54 am
				by BackupUser
				Restored from previous forum. Originally posted by Skully.
 PB,
Sorry.. I guess I wasn't very clear about that.  The password cannot be input through the keyboard buffer.. that is a HUGE security hole being taken advantage of by many people at the moment.
The built-in runas command does not accept the password parameter either 

 Thus why I need a new RunAs.exe command, maybe ExeAs.exe or something.  
I just realized though that the runas command has a /profile parameter which is important as well.. it allows installations under the regular users HKCU registry tree but with privelages of the specified user name to allow access to the HKLM tree.  Thats under the context which I need it for anyway. - obviously Win2000
If this works, I think I'll have to get PB
> I would *like* to be able to type:
> RunAs %environmentvarb%\path.exe /user:domain\username password
Try the RunProgram command with it like so...
RunProgram("RunAs","%environmentvarb%\path.exe /user:domain\username password",0)
...but I don't think it will work.  It's hard for me to test as I don't have the
same setup as you, but anything that is typed at a command prompt can be done via
the RunProgram command, so just play with it a bit.
PB - Registered PureBasic Coder
Edited by - PB on 17 July 2002  11:08:05
Edited by - skully on 18 July 2002  06:57:01
 
			 
			
					
				
				Posted: Thu Jul 18, 2002 6:13 am
				by BackupUser
				Restored from previous forum. Originally posted by PB.
 > I think I'll have to get PB
Definitely, because we can't help if you can't run our test code with the demo.
PB - Registered PureBasic Coder
			 
			
					
				
				Posted: Thu Jul 18, 2002 6:37 am
				by BackupUser
				Restored from previous forum. Originally posted by Skully.
 PB:
If I shelled out coin every time I looked at a language to assess its capabilities it would cost me a fortune.. expecially in my line of work where its kinda part of my job to know of emerging tech.
However, that being said... I figure that since I can't actually make anything in 200 lines of code that would satisfy my curiosity with the language when you consider the depth of the disabilites, I figure that if Shawn and the bunch are able to figure this out then that kind of demonstrates something significant to me.
Shawn:
The CreateProcessWithLogonW function is very promising looking! See right now I am using AutoIt by hiddensoft to "run" a "runas" command and then pipes the password through the keyboard into the dos window (you can't see it)
But....  There are lots of keyboard capture programs out there and its just too easy to compromise the password... what I am looking for is 2 things.  This new ExeAs command, and a language that lets me make my own cool commands 

 lol  Especially if I can encrypt the code itself 

 but I can do that part 
 
Skully