獲取winlogon.exe的會話ID和進程ID

Question

我試圖創建一個啓動需要UI的應用程序的進程。所以它不能在會話0中。 我的想法是獲取當前登錄用戶的winlogon.exe的進程ID。通過這種方式，我可以複製winlogon令牌並使用CreateProcessAsUser函數運行我的應用程序。 到目前爲止我的代碼（這是被調用的時候，應用程序，我想需要運行）

#include <windows.h> 
#include <tlhelp32.h> 
#include <tchar.h> 

this function() 
{ 
    HANDLE hProcessSnap; 
    HANDLE hProcess; 
    PROCESSENTRY32 pe32; 
    DWORD dwPriorityClass; 

    // Take a snapshot of all processes in the system. 
    hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); 

    // Set the size of the structure before using it. 
    pe32.dwSize = sizeof(PROCESSENTRY32); 

    //get the active session id 
    DWORD sessionID = WTSGetActiveConsoleSessionId(); 

    // Now walk through the snapshot of processes 
    //I want to narrow this down to processes called winlogon 
    //if multiple users logged on system i want to make sure the active user 
    //will get the application run the their screen 
    do 
    { 
    // Retrieve the priority class. 
    dwPriorityClass = 0; 

    //here i want to compare the sessionID with session IDs of each winlogon process 
    //stuck for implementation here 
    //when i find a match i can use the processID to gain the token and create 
    //a duplicate so it can be used in CreateAsUser function. 
    }while(Process32Next(hProcessSnap, &pe32)); 

} 

所以基本上我需要一些幫助縮小進程的快照，只是從「Winlogon」，並迭代通過會話這些進程的ID與活動用戶的sessionID匹配。 在此提前感謝：D

Answer 1

您可以使用ProcessIdToSessionId獲取與「winlogon.exe」匹配的每個進程的會話ID，然後將結果與WTSGetActiveConsoleSessionId進行比較。

這裏有一個剪斷，你可以在你的循環使用：

if (_wcsicmp(pe32.szExeFile, L"winlogon.exe") == 0) 
{ 
    DWORD ProcessSessionId = 0; 
    ProcessIdToSessionId(pe32.th32ProcessID, &ProcessSessionId); 
    if (ProcessSessionId == sessionID) 
    { 
     DoYourMagic(pe32.th32ProcessID); 
     break; 
    } 
}