Recreate Process Token

   Eh in that case I would just have the thread impersonate the token I wanted and then do a CreateProcessAsUser, although I was just curious if someone has actually tried to recreate a process token before (and perhaps give some feedback on if it is do-able or not) 

It's more of an experimental project than anything else (want to see if it will be possible to modify a token using a higher token to replace a lower one, which in turn could "Enable" privileges not held[Removed Privileges]), but I figured I might as well ask first before I try it eventually, just to know incase it is not possible and I start flipping out about how much time I wasted on a deadend project haha.

Author	Message Share Topic Printable Version Delicious Digg Facebook Furl Google MySpace Newsvine reddit StumbleUpon Translate Twitter Windows Live Yahoo Bookmarks Topic Search Topic Options Post Reply Create New Topic
Matts_User_Name Members Profile Send Private Message Find Members Posts Visit Members Homepage Add to Buddy List Senior Member Joined: 10 August 2006 Location: USA Online Status: Offline Posts: 675	Post Options Post Reply Quote Matts_User_Name Report Post Quote Reply Topic: Recreate Process Token Posted: 08 August 2008 at 8:41pm
	Eh in that case I would just have the thread impersonate the token I wanted and then do a CreateProcessAsUser, although I was just curious if someone has actually tried to recreate a process token before (and perhaps give some feedback on if it is do-able or not) It's more of an experimental project than anything else (want to see if it will be possible to modify a token using a higher token to replace a lower one, which in turn could "Enable" privileges not held[Removed Privileges]), but I figured I might as well ask first before I try it eventually, just to know incase it is not possible and I start flipping out about how much time I wasted on a deadend project haha.
	My PE Fix - Run On Startup

Diablo Members Profile Send Private Message Find Members Posts Visit Members Homepage Add to Buddy List Senior Member Joined: 16 July 2008 Location: Western Sahara Online Status: Offline Posts: 251	Post Options Post Reply Quote Diablo Report Post Quote Reply Posted: 08 August 2008 at 8:09pm
	You can create process yourself, reproduce all windows steps and try to create appreciate token for the process.

Matts_User_Name Members Profile Send Private Message Find Members Posts Visit Members Homepage Add to Buddy List Senior Member Joined: 10 August 2006 Location: USA Online Status: Offline Posts: 675	Post Options Post Reply Quote Matts_User_Name Report Post Quote Reply Posted: 08 August 2008 at 7:33pm
	Hey there. I am wondering if it is possible to Recreate a process's token without restarting it? I know you can with a thread (using impersonation), so I am curious if the same can be done with a process, where its token can possibly be changed as well. I know the caller will need SeAssignPrimaryTokenPrivilege and will have to have TOKEN_ASSIGN_PRIMARY (Token-Specific Object access right) to the target's token object (handle). Once I have this privilege (in the caller's token) and access right (to the targets token) do you know of an API that will do this (Replace the current token with the new one that I specify, without having to rerun the prcoess?) I was thinking one these might work: NtCreateToken CreateRestrictedToken SetTokenInformation Any Ideas?
	My PE Fix - Run On Startup