Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1830
  • Last Modified:

Initialize Security attributes for CreateJobObject()


Hi All,
       Unfortunately, I've never gotten a chance to  pass a non-NULL value to a LPSECURITY_ATTRIBUTES before.
And now, when I tried I'm doomed. Well, let me explain what I'm trying to do.

       I create a Job object with CreateJobObject(). Then I try to assign a process handle to it using AssignProcessToJobObject().

This is  what I tried.
1) Called OpenProcess() on my target processID with following access rights.
   PROCESS_CREATE_THREAD |
   PROCESS_QUERY_INFORMATION |
   PROCESS_VM_OPERATION |
   PROCESS_SET_QUOTA |
   PROCESS_TERMINATE |
   PROCESS_VM_WRITE |
   PROCESS_VM_READ,

     Success !! I got the handle.

2) Called CreateJobObject(NULL, NULL).
    Wow! I got a  job handle with default rigths.

3) I called AssignProcessToJobObject() with the above 2 handles
    Duh!! Error 5, Access Denied !!!

    The error here could be because of the access rights of the Process object OR the Job Object.
I dont think the process object is the bad guy because I specify all the required flags to perform the Assign operation.
So, I believe my Job handle doesnot come with JOB_OBJECT_ASSIGN_PROCESS right, which I thought a part of default rights.
   
    In brief, my question is : How to Initialize a SECURITY_ATTRIBUTES with JOB_OBJECT_ASSIGN_PROCESS rights, which I can pass to CreateJobObject(), or how to setup SECURITY_ATTRIBUTES structure in general for a given access right.

    I tried searching Google for CreateJobObject JOB_OBJECT_ASSIGN_PROCESS and and all I'm finding is MSDN library entry for CreateJobObject in English and Japanese :)

    I'd be glad if you could provide me with some code snippets.
    Please dont give me MSDN links again..  

Thanks
~ J
0
mxjijo
Asked:
mxjijo
  • 5
  • 4
1 Solution
 
_nn_Commented:
Experiments :

1) Called OpenProcess() on my target processID with following access rights.
   PROCESS_ALL_ACCESS

     Success !! I got the handle.

2) Called CreateJobObject(NULL, NULL).
    Wow! I got a  job handle with default rigths.

3) I called AssignProcessToJobObject() with the above 2 handles
    Yikes ! It works ! (well, at least, it returns TRUE)


Let's try to reduce the rights on the process handle :

1) Called OpenProcess() on my target processID with following access rights.
   STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | PROCESS_SET_QUOTA | PROCESS_TERMINATE

     Success !! I got the handle.

2) Called CreateJobObject(NULL, NULL).
    Wow! I got a  job handle with default rigths.

3) I called AssignProcessToJobObject() with the above 2 handles
    Yikes ! It works again ! (returns TRUE)

0
 
mxjijoAuthor Commented:

Thanks _nn_ for responding, but it does not seem to be working for me.
My AssignProcessToJobObject() still returns error. Let me give you a little more details.

I grab SE_DEBUG_NAME token privilage at the begning, so that I can open any process in the system. I dont know if thats what messing thigs up.

Back in my mind I still doubt the JobObject, does the default rights include JOB_OBJECT_ASSIGN_PROCESS ??

thanks
~ J
0
 
_nn_Commented:
>> Back in my mind I still doubt the JobObject, does the default rights include JOB_OBJECT_ASSIGN_PROCESS ??

Since it works for me, I'd tend to believe it does. At least on my "normal" W2Kpro under administrator account.

>> I grab SE_DEBUG_NAME token privilage at the begning,

Well, it doesn't seem needed, unless...

>> so that I can open any process in the system.

What processes are you actually opening ? In my (successful) tests, I just started some notepads under the same session/account.
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
mxjijoAuthor Commented:
>Since it works for me, I'd tend to believe it does. At least on my "normal" W2Kpro >under administrator account.
     Interesting ...  I have a Win2k Server. But I dont knowif that matters..


>> I grab SE_DEBUG_NAME token privilage at the begning,
>Well, it doesn't seem needed, unless...
     I do need this, as I mentioned before I need to open *all* processes in the system (including PID 0 and 8). Unless I have this privilage, I cannot open any of those.

     I am not loggin as "administrator" but I have admin privilages. May be I should try it on Win2k Prof as well, just to see if there is a diff.

~ J
0
 
mxjijoAuthor Commented:

Yes, It is Win2k Server!!!

Its works on Win2k Pro. !! (with te same user account)

:)
0
 
_nn_Commented:
*sigh* Microsoft... >_<

Well, that doesn't solve the problem, but it sheds some light. Currently, I don't have a Win2Kserver to trash around, so I'm afraid, I won't be able to help further, at least in the very near future. I'll keep trying though.

Could it be that specifically on a W2Ksrv, some processes are already attached to some job object ? Or are you confident it's access-rights related ?
0
 
_nn_Commented:
FWIW, browsing around I found this :
http://www.codeproject.com/system/secdesc.asp

It might come handy, so I figured I'd post the link.
0
 
mxjijoAuthor Commented:
Thank you _nn_. I appreciate. I'll try that !

>Could it be that specifically on a W2Ksrv, some processes are already attached to >some job object ? Or are you confident it's access-rights related ?

I have not digged into it yet. We can't rule out the possibility that a process could be a part of another job. But currently we do not have evidence for that. All I'm getting is a "Access Denied" Error. The only one point which sheds som elight here is that on Win2k Prof, I get the above error on *all* processes, no matter whether it is "notepad.exe" or "system". I don't think the newly created processes like notepad would immediately be a part of a job, which hold it exclusively.
0
 
mxjijoAuthor Commented:

_nn_,

That code was definitly something I've been looking for - was very helpful.
But my problem still persists. If I specify any JOB_OBJECT_XXX privilages to that class, it fails (Both on Win2k server and prof). Anyway.. I think I got to ding more in to this.

But you have answered my original qn. So, you get points :)

thanks
~ J
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now