| EvoCorp Home | IridiumX Assist Home |
The CreateInjectedProcessAsUser function creates a new process using CreateProcessAsUser, running the executable lpApplicationName in the security context of the user represented by the hToken parameter.
Once lpApplicationName has been loaded, but before it is run, the library lpLibraryFileName is loaded and initialized within the address space of the new process. It is therefore fair to state that lpLibraryFileName will be run BEFORE lpApplicationName.
Parameters
hToken
Handle to a primary token that represents a user. Please refer to Microsoft's site for more information regarding the meaning of hToken within the context of CreateProcessAsUser.
lpApplicationName
Pointer to a null-terminated string that specifies the module to execute. Please refer to Microsoft's site for more information regarding the meaning of lpApplicationName within the context of CreateProcessAsUser.
lpLibraryFileName
Pointer to a null-terminated string that specifies the module to attach to the new process. This string must specify the full path and file name of the module to attach, as this function does not search for lpLibraryFileName within the search path. This parameter must not be NULL.
lpCommandLine
Pointer to a null terminated string that specifies the command line to execute. Please refer to Microsoft's site for more information regarding the meaning of lpCommandLine within the context of CreateProcessAsUser.
lpProcessAttributes
Pointer to a SECURITY_ATTRIBUTES structure that determines whether the returned handle can be inherited by child processes. Please refer to Microsoft's site for more information regarding the meaning of lpProcessAttributes within the context of CreateProcessAsUser.
lpThreadAttributes
Pointer to a SECURITY_ATTRIBUTES structure that determines whether the returned handle can be inherited by child processes. Please refer to Microsoft's site for more information regarding the meaning of lpThreadAttributes within the context of CreateProcessAsUser.
bInheritHandles
Boolean value. If this parameter TRUE, each inheritable handle in the calling process is inherited by the new process. If the parameter is FALSE, the handles are not inherited. Please refer to Microsoft's site for more information regarding the meaning of bInheritHandles within the context of CreateProcessAsUser.
dwCreationFlags
Flags that control the priority class and the creation of the process. Please refer to Microsoft's site for more information regarding the meaning of dwCreationFlags within the context of CreateProcessAsUser.
lpEnvironment
Pointer to an environment block for the new process. If this parameter is NULL, the new process uses the environment of the calling process. Please refer to Microsoft's site for more information regarding the meaning of lpEnvironment within the context of CreateProcessAsUser.
lpCurrentDirectory
Pointer to a null-terminated string that specifies the current drive and directory for the new process. Please refer to Microsoft's site for more information regarding the meaning of lpCurrentDirectory within the context of CreateProcessAsUser.
lpStartupInfo
Pointer to a STARTUPINFO structure that specifies the window station, desktop, standard handles, and appearance of the main window for the new process. Please refer to Microsoft's site for more information regarding the meaning of lpStartupInfo within the context of CreateProcessAsUser.
lpProcessInformation
Pointer to a PROCESS_INFORMATION structure that receives identification information about the new process. Please refer to Microsoft's site for more information regarding the meaning of lpProcessInformation within the context of CreateProcessAsUser.
Return Values
| E_INVALIDARG | Can mean any of the following: The module lpApplicationName could not be found, or The module lpLibraryFileName could not be found |
| E_FAIL | The associated call to CreateProcessAsUser failed. Call the Windows function "GetLastError" to obtain more information as to why CreateProcessAsUser failed. |
| E_HANDLE | After calling CreateProcessAsUser, the hProcess variable of lpProcessInformation was zero. Call the Windows function "GetLastError" to obtain more information as to why CreateProcessAsUser failed. |
| ERROR_BAD_EXE_FORMAT | The module lpApplicationName does not contain a valid PE image header. |
| E_ACCESSDENIED | An unknown error occurred attempting to load the module lpLibraryFileName into the address space of the new process. |
| S_OK | A new process was successfully created from lpApplicationName, and lpLibraryFileName was successfully loaded and initialized within the address space of the new process. |
Remarks
This function is based on the standard Windows Kernel32 function "CreateProcessAsUser". For errors where the return value is either E_FAIL or E_HANDLE, call the Windows Kernel32 function "GetLastError" to obtain a more indicative reason as to why this method failed.
| Export Definition | |
| Delphi |
function CreateInjectedProcessAsUser( hToken: THandle; lpApplicationName, lpLibraryFileName, lpCommandLine: string; lpProcessAttributes, lpThreadAttributes: PSecurityAttributes; bInheritHandles: Boolean; dwCreationFlags: DWORD; lpEnvironment: Pointer; lpCurrentDirectory: string; const lpStartupInfo: TStartupInfo; var lpProcessInformation: TProcessInformation): HRESULT; |