How to start a new process without administrator privileges from a process with administrator privileges?

by

What you are trying to achieve cannot be done very easily and is not supported. However, it is possible using a modicum of hacking. Aaron Margosis wrote an article describing one technique.

To quote the pertinent section, you will need to carry out these steps:

  1. Enable the SeIncreaseQuotaPrivilege in your current token
  2. Get an HWND representing the desktop shell (GetShellWindow)
  3. Get the Process ID (PID) of the process associated with that window (GetWindowThreadProcessId)
  4. Open that process (OpenProcess)
  5. Get the access token from that process (OpenProcessToken)
  6. Make a primary token with that token (DuplicateTokenEx)
  7. Start the new process with that primary token (CreateProcessWithTokenW)

The article contains a download link for some demo C++ source from which it should be simple enough to translate to C#.

More Related Contents:

  1. How to rename the Windows Guest Account using C# code?
  2. How to detect Windows 64-bit platform with .NET?
  3. Create folder and file on Current user profile, from Admin Profile
  4. Programmatically Determine a Duration of a Locked Workstation?
  5. How can I run an EXE program from a Windows Service using C#?
  6. Windows Application Startup Error Exception code: 0xe0434352
  7. How to detect Windows shutdown or logoff
  8. Unique file identifier in windows
  9. C# – Detect time of last user interaction with the OS
  10. minimize app to system tray
  11. .NET (C#): Getting child windows when you only have a process handle or PID?
  12. Virtual webcam input as byte stream
  13. How to check the OS version at runtime, e.g. on Windows or Linux, without using a conditional compilation statement
  14. Accordion in Windows Forms DataGridView
  15. Launching a process in user’s session from a service
  16. Can I get Memcached running on a Windows (x64) 64bit environment?
  17. Winforms issue – Error creating window handle [duplicate]
  18. Launch a process under another user’s credentials
  19. Can’t see localhost from UWP app
  20. How to get DPI scale for all screens?
  21. C# – Regex for file paths e.g. C:\test\test.exe
  22. Convert System.Drawing.Icon to System.Media.ImageSource
  23. Why is infinity printed as “8” in the Windows 10 console?
  24. Set environment variables for a process
  25. csc.exe reference external .dll file
  26. How to find an EXE’s install location – the proper way?
  27. Install Windows Service created in Visual Studio
  28. C#.NET: Acquire administrator rights?
  29. Detect if non DPI-aware application has been scaled/virtualized
  30. How to know when was Windows started or shutdown?

Leave a Comment