2

I am calling Vipre's command line utility from C# in an ASP.Net application to scan a file for malware. I am an administrator on the machine where all of this is taking place. When I:

  • run the actual command line tool under my user (administrator) from the command line, it works (exit code 1 or 0)
  • start the process in C# while debugging my ASP.Net project debugging in Visual Studio under my user, it works (exit code 1 or 0)
  • start the process in C# while running in IIS with the Application Pool identity set to the default, it returns an exit code of -1073741502
  • start the process in C# while running in IIS with the Application Pool identity set to my user, it works (exit code 0 or 1)

Okay, very clearly, it needs to be run under an administrative user. So, I had the thought that I would simply start the process under my credentials using the following code. This is where my troubles and confusion begin:

var proc = new Process
{
    StartInfo = new ProcessStartInfo
    {
        Arguments = string.Format($"/scanfile \"{filePath}\""),
        FileName = Settings.CommandLineScannerPath,
        CreateNoWindow = true,
        UseShellExecute = false,

        Domain = "domain",
        UserName = "username",
        Password = GetSecureString("password")
    }
};

proc.Start();
proc.WaitForExit();
if (proc.ExitCode != 0
    && proc.ExitCode != 1)
{
    throw new Exception($"Unexpected result: " + proc.ExitCode);
}
return proc.ExitCode == 0 ? AntivirusScanResult.Clean : AntivirusScanResult.Dirty;

To my surprise, it behaves exactly the same way:

  • start the process in C# while debugging my ASP.Net project debugging in Visual Studio under my user, it works (exit code 1 or 0)
  • start the process in C# while running in IIS with the Application Pool identity set to the default, it returns an exit code of -1073741502
  • start the process in C# while running in IIS with the Application Pool identity set to my user, it works (exit code 0 or 1)

What is different about these cases? They are all technically under my user since I am starting the Process under my user... right? What am I missing? Why should it behave any different depending the exact mechanism it came about to run under my user?

NOTE: I am also reaching out to Vipre to find out what that exit code means

Nathan
  • 31
  • 3
  • From where exactly do you start the process? Where is the file being processed? Maybe it's just an impersonator problem of the application; check https://msdn.microsoft.com/en-us/library/xh507fc5.aspx – Giulio Caccin Sep 28 '17 at 22:53
  • Not all processes support being called by an IIS hosted web app as there are session isolation and resources limit. Talk to the vendor of the executable for instructions and support. – Lex Li Sep 29 '17 at 12:05
  • Thanks all. I got a little farther this morning. If I impersonate my user before I create the file, I now get an access denied exception trying to open the process. – Nathan Sep 29 '17 at 12:26

0 Answers0