-
August 20th, 2009, 10:41 AM
#1
[RESOLVED] Executing a InitiateSystemShutdown() from a service running as Local System
We have this computer management tool that runs as a service, which runs as Local System. I have been asked, to write something that will enable some administrators to shut down a bunch of computers at some designated time. I think this is a bad idea, but my opinion in this matter is not being asked.
The InitiateSystemShutdown Function requires the SE_SHUTDOWN_NAME privilege.
Local System Account has this privilege, but it is disabled.
I have been reading the API stuff on AdjustTokenPrivileges Function, but I am getting a bit confused.
I am confused on two fronts. The first is, do I have all the privileges to enable the SE_SHUTDOWN_NAME privilege on "Local System".
The next is, how do I do that? I am not sure how to get the current process access token. Furthermore, my experience with tokens is to get a token, and then to "CreateProcessWithTokenW".
What is different here is that I want to affect the current token I am running under to execute an API call I am not normally allowed to call.
To make it harder, I can't debug and test very well because I am not running as Local System. Admin users can shut down the system, so that would succeed for me if I were trying to test.
If anyone has some code snippets I can build around, I would greatly appreciate it.
-
August 20th, 2009, 01:15 PM
#2
Re: Executing a InitiateSystemShutdown() from a service running as Local System
Originally Posted by DeepT
Well, if you follow your own link and scroll all the way down that page you'll see an example of how you can adjust that privilege:
http://msdn.microsoft.com/en-us/libr...61(VS.85).aspx
-
August 20th, 2009, 04:48 PM
#3
Re: Executing a InitiateSystemShutdown() from a service running as Local System
I am not sure I understand that Java code, but I might make sense of it. That works for local system, right? It seems you just OpenProcessToken from the current process, then lookup the LIUD, and then adjust the privilege and in place, you instantly get the ability to use that function. No impersonation or anything.
Ill pursue it and see.
Oh, and that link isn't to any page I linked to.
-
August 20th, 2009, 09:04 PM
#4
Re: Executing a InitiateSystemShutdown() from a service running as Local System
Originally Posted by DeepT
I am not sure I understand that Java code...
You need the code sample from MSDN page, not the user comment at the bottom. The sample is written in C++, but if you need Java help then you're posting in the wrong forum.
-
August 21st, 2009, 07:43 AM
#5
Re: Executing a InitiateSystemShutdown() from a service running as Local System
No, this is a c++project.
-
September 12th, 2009, 05:49 PM
#6
Re: [RESOLVED] Executing a InitiateSystemShutdown() from a service running as Local S
Hi,
It says [RESOLVED], but I don't see a hint of a solution?
I'm currently trying to achieve the same thing, also from a service. Despite following the example to the letter, it doesn't work *IN A SERVICE*.
HOWEVER... as a stand-alone EXE running from a normal admin account - no problems.
HOW was this resolved? My code is in assembler, but those that understand C++ should at least see how it is working sufficiently to spot any errors with what I'm doing from an API stand-point:
Code:
invoke GetCurrentProcessId
invoke OpenProcessToken, eax, TOKEN_ADJUST_PRIVILEGES, addr hToken
mov TP.PrivilegeCount, 1
mov TP.Privileges[0].Attributes, SE_PRIVILEGE_ENABLED
invoke LookupPrivilegeValue, ebx, addr SEShutName, addr TP.Privileges[0].Luid
invoke AdjustTokenPrivileges, hToken, FALSE, addr TP, NULL, NULL, NULL
invoke InitiateSystemShutdown, 0, 0, 0, TRUE, FALSE
eax is a register, but you can consider it a 32-bit variable if it helps. Functions return their results in eax unless the API defines otherwise.
I've also tried running the service as Administrator, and even permitted it to interact with the desktop, but none of this worked.
Best regards,
AstroTux.
Last edited by AstroTux; September 12th, 2009 at 05:53 PM.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|