c++ elevating privileges on an .exe using OpenProcess()

Question

Hi,

I have been reading some of the books by Hoglund and I thought I would have a 'go' at his 'simple debugger'...

Anyway, I have been trying to use the line

hProcess = OpenProcess(PROCESS_ALL_ACCESS | PROCESS_VM_OPERATION, 0, aPID);

Every time I use it on a running process hProcess is being returned as NULL, why is this - the target I was using was an instance of notepad.exe.

I can terminate a process no problem using:

hProcess = OpenProcess( PROCESS_QUERY_INFORMATION |
           PROCESS_VM_READ | PROCESS_TERMINATE, FALSE, aPID );

I am wondering how to elevate privileges, and why it doesn't work.

Thanks, R.

Answer 1

One possibility is given in MSDN:

Windows Server 2003 and Windows XP/2000: The size of the PROCESS_ALL_ACCESS flag increased on Windows Server 2008 and Windows Vista. If an application compiled for Windows Server 2008 and Windows Vista is run on Windows Server 2003 or Windows XP/2000, the PROCESS_ALL_ACCESS flag is too large and the function specifying this flag fails with ERROR_ACCESS_DENIED. To avoid this problem, specify the minimum set of access rights required for the operation. If PROCESS_ALL_ACCESS must be used, set _WIN32_WINNT to the minimum operating system targeted by your application (for example, #define _WIN32_WINNT _WIN32_WINNT_WINXP). For more information, see Using the Windows Headers.

What OS are you targeting, and what value is being used for PROCESS_ALL_ACCESS? If it's an OS before Vista, and the value you are passing is 0xFFFF, this could be the cause of the problem.

Answer 2

Are you using Vista or Windows 7? If so, you need to embed a UAC manifest file in your binary. Set requestedExecutionLevel to requireAdministrator in that manifest. This should make UAC to prompt for admin password and then try to elevate privileges of your application.