Load driver and Inject DLL using impersonate
Posted: Thu Jan 28, 2016 1:23 am
Hello guys,
What's wrong whith my code? I'd like to load driver and inject DLL using impersonte, but it doesn't work at all.
The user SVC-SA.XXD.AAA is Domain admin end is in the local administrator group in end user computer
The function Impersonate is ok. Working fine. I'm using mdCodeHook 3.0
is possible to do it using impersonate? There is another way to do this when applications is loaded by single user, but in code use impersonate?
Thank you so much.
Eli Oliveira.
What's wrong whith my code? I'd like to load driver and inject DLL using impersonte, but it doesn't work at all.
Code: Select all
function Impersonate(const User, PW: string): Boolean;
var
LogonType, LogonProvider: Integer;
strAdminUser, strAdminDomain, strAdminPassword: string;
TokenHandle: THandle;
begin
LogonType := LOGON32_LOGON_INTERACTIVE;
LogonProvider := LOGON32_PROVIDER_DEFAULT;
strAdminUser := USER;
strAdminDomain := '';
strAdminPassword := PW;
Result := LogonUser(PChar(strAdminUser), nil,
PChar(strAdminPassword), LogonType, LogonProvider, TokenHandle);
if Result then
begin
Result := ImpersonateLoggedOnUser(TokenHandle);
end;
end;
if Impersonate('SVC-SA.XXD.AAA', 'B#01Va##R$#@!*&') then
begin
LoadInjectionDriver('Myprog', 'Prog32.sys', 'Prog64.sys');
StartInjectionDriver('Myprog');
InjectLibrary('Myprog', 'Prog32.dll', ALL_SESSIONS, true)
RevertToSelf;
end;The function Impersonate is ok. Working fine. I'm using mdCodeHook 3.0
is possible to do it using impersonate? There is another way to do this when applications is loaded by single user, but in code use impersonate?
Thank you so much.
Eli Oliveira.