Suggest adding the "No Elevated (UAC)" implementation with WTSQueryUserToken.

Question

MouriNaruto opened this issue 6 years ago · 3 comments

I think it is better than using the Task Scheduler or search the explorer.exe process token.

How to:

Get the current session's winlogon.exe process token and duplicate its returned token.
Enable SE_TCB_NAME privilege on the duplicated token.
Get the current process's Session ID. (Reason: https://forums.mydigitallife.net/threads/nsudo-a-powerful-system-administration-tool.59268/page-7#post-1348433 )
Call WTSQueryUserToken and duplicate its returned token.

For more information, you can read the source code of the NSudo project.

Mouri.

done

Answer 1 · 2018-12-06T12:48:32.000Z

WORKING IN PROGRESS

Answer 2 · 2018-12-08T00:59:13.000Z

app branch done. we need merge to master