0

I wrote the function GetProcessHandleAndID() as below code:

bool GetProcessHandleAndID( char* _processName, PROCESS_INFORMATION* _processInfo /* out */ )
{
    HANDLE SnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );

    if( SnapShot == INVALID_HANDLE_VALUE )
    {
        return false;
    }

    PROCESSENTRY32 procEntry;
    procEntry.dwSize = sizeof( PROCESSENTRY32 );

    if( !Process32First( SnapShot, &procEntry ) )
    {
        CloseHandleSafely(SnapShot);
        return false;
    }

    do
    {
        if( strcmp( procEntry.szExeFile, _processName ) == 0 )
        {
            HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, procEntry.th32ProcessID);
            if(hProcess != NULL)
            {
                _processInfo->hProcess = hProcess;
                _processInfo->dwProcessId = procEntry.th32ProcessID;
                CloseHandleSafely(SnapShot);
                return true;
            }           
        }
    }
    while( Process32Next( SnapShot, &procEntry ) );

    CloseHandleSafely(SnapShot);
    return false;
}

OpenProcess(PROCESS_ALL_ACCESS, FALSE, procEntry.th32ProcessID)work fine on Administrator account, But it will return NULL with GetLastError() = 5 = Access_Denied when run on Normal accounts.

Note that I have called function EnableDebugPriv() before GetProcessHandleAndID().

void EnableDebugPriv()
{
    HANDLE hToken;
    LUID luid;
    TOKEN_PRIVILEGES tkp;

    OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken);

    LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid);

    tkp.PrivilegeCount = 1;
    tkp.Privileges[0].Luid = luid;
    tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

    AdjustTokenPrivileges(hToken, false, &tkp, sizeof(tkp), NULL, NULL);

    CloseHandle(hToken); 
}

I have search and read more about this error, but I don't know how to make it work fine on normal user without making it "Run As Administrator"!

Many thanks,

T&T

TTGroup
  • 3,575
  • 10
  • 47
  • 79
  • 1
    This is a duplicate of http://stackoverflow.com/questions/20725051/winapi-openprocess-returns-error-5-with-sedebugprivilege-enabled-for-host-pro and http://stackoverflow.com/questions/20720283/getting-error-access-is-denied-in-openprocess-after-enabling-privileges Ehy is everybody hitting this problem all of a sudden? Did somebody assign it as a homework problem? – Raymond Chen Dec 22 '13 at 02:24
  • Thank you! But It do not solve yet! – TTGroup Dec 22 '13 at 02:31
  • Don't ask for all access. Ask just for the access you need. All access include WRITE_DAC which basically hands over the keys to the house. – Raymond Chen Dec 22 '13 at 02:37

0 Answers0