Warning! Newbie issue - Impersonating a user on Win32
Doug Glenn
dglenn at charter.net
Thu Jan 16 17:13:48 EST 2003
I redid this script to try and adjust privileges as outlined by Roger.
No luck. This now includes the ones I have tried, the ones that
outright failed, and those that just gave me another error.
I would like to know those who do have this type of script running. I
would like to see a dump of secpol.msc on the user security privilege
section so I can possibly track down what the differences are.
Also, what version of Python and Pythonwin libraries you are using.
Here is the newer script and information:
<begin sudo.py>
# file to switch users in Windows 2000
# -------------------
import sys
import win32security
import win32con
import win32api
from ntsecuritycon import *
program="sadmin.exe"
#domain=os.getenv('COMPUTERNAME')
domain=None
fail=[]
def AdjustPrivilege(priv, enable = 1):
# Get the process token.
flags = TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY
#flags= TOKEN_QUERY
htoken = win32security.OpenProcessToken \\
(win32api.GetCurrentProcess(), flags)
# Get the ID for the privilege.
id = win32security.LookupPrivilegeValue(None, priv)
# Now obtain the privilege for this process.
# Create a list of the privileges to be added.
if enable:
newPrivileges = [(id, SE_PRIVILEGE_ENABLED)]
else:
newPrivileges = [(id, 0)]
# and make the adjustment.
try:
win32security.AdjustTokenPrivileges(htoken, 0, newPrivileges)
except:
fail.append(priv)
class Impersonate:
def __init__(self, login, password):
self.domain=domain
self.login=login
self.password=password
def logon(self):
self.handel=win32security.LogonUser(self.login,None,
self.password,win32con.LOGON32_LOGON_INTERACTIVE, \\
win32con.LOGON32_PROVIDER_DEFAULT)
win32security.ImpersonateLoggedOnUser(self.handel)
def logoff(self):
win32security.RevertToSelf() #terminates impersonation
self.handel.Close() #guarantees cleanup
if __name__ =='__main__':
#Exception: pywintypes.api_error (1314, 'LogonUser', 'A required
privilege is not held by the client.')
# all of these return None, but the error persists.
AdjustPrivilege(SE_CHANGE_NOTIFY_NAME)
AdjustPrivilege(SE_SYSTEM_PROFILE_NAME)
AdjustPrivilege(SE_DEBUG_NAME)
AdjustPrivilege(SE_SHUTDOWN_NAME)
AdjustPrivilege(SE_SECURITY_NAME)
AdjustPrivilege(SE_PROF_SINGLE_PROCESS_NAME)
AdjustPrivilege(SE_REMOTE_SHUTDOWN_NAME)
AdjustPrivilege(SE_TAKE_OWNERSHIP_NAME)
AdjustPrivilege(SE_INC_BASE_PRIORITY_NAME)
AdjustPrivilege(SE_SYSTEMTIME_NAME)
AdjustPrivilege(SE_SYSTEM_ENVIRONMENT_NAME)
AdjustPrivilege(SE_BACKUP_NAME)
AdjustPrivilege(SE_RESTORE_NAME)
AdjustPrivilege(SE_INCREASE_QUOTA_NAME)
AdjustPrivilege(SE_INCREASE_QUOTA_NAME)
AdjustPrivilege(SE_INC_BASE_PRIORITY_NAME)
AdjustPrivilege(SE_CREATE_PAGEFILE_NAME)
# These settings hit the 'fail' list from the try routine on the
#AdjustPrivileges function.
# ------------------------
#AdjustPrivilege(SE_AUDIT_NAME)
#AdjustPrivilege(SE_MACHINE_ACCOUNT_NAME)
#AdjustPrivilege(SE_TCB_NAME)
#AdjustPrivilege(SE_ASSIGNPRIMARYTOKEN_NAME)
#AdjustPrivilege(SE_LOCK_MEMORY_NAME)
# api_error: (1313, 'LookupPrivilegeValue', 'A specified privilege
# does not exist.')
# privileges generating the above error are:
# -----------------------------------
#AdjustPrivilege(SE_CREATE_PERMANENT_NAME)
#AdjustPrivilege(SE_CREATE_TOKEN_NAME)
#AdjustPrivilege(SE_UNSOLICITED_INPUT_NAME)
a=Impersonate('desktop', 'help4u')
try:
a.logon() #become the user
b=AdjustPrivilege(SE_SYSTEM_PROFILE_NAME)
try:
#os.execvp(program)
print win32api.GetUserName() #show you're someone else
finally:
a.logoff() #return to normal
except:
print 'Exception:',sys.exc_type , sys.exc_value
print #stops debugger with values still listed.
-----
Doug
More information about the Python-list
mailing list