0

我编写了一个 Windows 服务,允许我使用CreateProcessASUser().

HANDLE hTokenDup = NULL;
DuplicateTokenEx(auToken, MAXIMUM_ALLOWED, NULL, SecurityIdentification, TokenPrimary, &hTokenDup);
CreateProcessAsUserW(hTokenDup, NULL, cmdLine, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);

这是我的应用程序源代码:

    static bool first = true;

    TCHAR* getAppDataFolder() {
        TCHAR* pathTchar = (TCHAR*) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, (_MAX_PATH + 1) * sizeof(TCHAR));
        BOOL getAppdata = SHGetSpecialFolderPath(0, pathTchar, CSIDL_APPDATA, false );


        return pathTchar;
    }

    BOOL WriteFileFromWCHAR(HANDLE hFile, 
LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite,
 LPDWORD lpNumberOfBytesWritten)
    {
        BYTE* arr = new BYTE[nNumberOfBytesToWrite];
        TCHAR* buff = (TCHAR*)lpBuffer;
        for(int i = 0; i < nNumberOfBytesToWrite; i++) {
            arr[i] = (BYTE)buff[i];
        }
        return WriteFile( hFile , arr , nNumberOfBytesToWrite , lpNumberOfBytesWritten, NULL);
    }

    int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmd, int show)
    {
        int argc = 0;
        _TCHAR** argv;

        LPTSTR cmdLine = GetCommandLine();
        argv = CommandLineToArgvW(cmdLine, &argc );



        if(argc == 2) {

            TCHAR* path = getAppDataFolder();


            HANDLE hFile = CreateFile( argv[1] , GENERIC_WRITE , 0 , NULL  , CREATE_ALWAYS , 0 , 0 );
            if ( hFile != INVALID_HANDLE_VALUE )
            {

                DWORD lpNumberOfBytesWritten;

                WriteFileFromWCHAR(hFile, path, lstrlen(path), &lpNumberOfBytesWritten);
            }
            else {

            }




        }
        return 0;
    }

我需要在文件中写入此地址(例如:“C:\Users\CurrentUser\AppData\Roaming”)。但是,当我从 Windows 服务检索 appdata 路径时,我得到以下路径 "C:\Windows\system32\config\systemprofile\AppData\Roming" 。如何在 C++ 中编码以允许我的服务执行应用程序并在文件中写入预期路径?

4

1 回答 1

1

在使用任何依赖于用户特定设置的 API 之前,您必须模拟用户(您已经拥有用户的令牌)。您还需要在调用LoadUserProfile()之前调用(使用相同的令牌)CreateProcessAsUser()

于 2014-02-08T21:23:24.380 回答