C++

Forum

 
Windows Service Cannot Create Process or Modify Registry?

Jun 29, 2013 at 11:37pm
notajew (8)
Working on a helper windows process in Win7 with VC++ 10.0. I want the service to start a process if it's not started, but both CreateProcess() and ShellExecute() fail. I thought, it's fine as long as I could create a startup entry in the registry, but no luck. I know it works because the line right before it begins the registry line, creates a file called 'hello.txt' in C:, and it does.

Is there a reason it cannot execute or create processes, or write to the registry (HKLM)? I'm an admin so i don't think it's a priviledge thing.

Code: 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
 
while (WaitForSingleObject(g_ServiceStopEvent, 0) != WAIT_OBJECT_0)
    {        

		   STARTUPINFO siStartupInfo;
   PROCESS_INFORMATION piProcessInfo;
   memset(&siStartupInfo, 0, sizeof(siStartupInfo));
   memset(&piProcessInfo, 0, sizeof(piProcessInfo));
   siStartupInfo.cb = sizeof(siStartupInfo);
   std::ofstream o("C:\\Helloee.txt");
	
		char *path = "C:\\Users\\Henry\\Desktop\\WinXP + Word Documents\\IRCbot Console\\Debug\\test.exe";
		HKEY hndKey;
		hndKey= NULL;//Write Registry Key
		RegCreateKeyEx(HKEY_LOCAL_MACHINE,L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\",0,NULL,REG_OPTION_NON_VOLATILE,KEY_ALL_ACCESS,NULL, &hndKey, NULL);
		RegSetValueEx(hndKey,L"TESTETESTETSET",0, REG_SZ,(const unsigned char *)path,strlen(path));
		RegCloseKey(hndKey);//End of registry key
    }
Jun 30, 2013 at 12:16am
andywestken (4094)
Is the service configured to run under your account? Or is it using the Local System Account or Local Service Account?

And what are the error code returned by CreateProcess and the Registry API calls? You could log them to your "Helloee" file, too?

Andy
Last edited on Jun 30, 2013 at 12:21am
Jun 30, 2013 at 12:28am
notajew (8)
I tried but it doesn't write anything to the file. It's weird, I was able to copy 'test.exe' to the startup folder in the programdata hidden folder.

Maybe it somehow doesn't have write access?

How would I know which account it was using? I just know I'm an admin.
Jun 30, 2013 at 12:51am
andywestken (4094)
How would I know which account it was using?

Check how it's configured using the Computer Management Console.

If it's not configured to use your account, then it probably doesn't have the rights to access your user folder.

Andy

PS It would be better to put a shortcut to your app in the Startup folder, rather than the app itself.

Jun 30, 2013 at 1:57am
modoran (2077)
The default account for services is Local System.

If it is so, then you cannot launch child processes in interactive desktop. There is a way by "stealing" autentication token from a process that already runs there (explorer.exe for example or winlogon.exe if you want administrator rights without UAC intervention) and then spawn the child process as usual using CreateProcessAsUser().
Jun 30, 2013 at 5:04am
notajew (8)
So Modoran, how would I use that technique using CreateProcessAsUser() to spawn a process? Would I just use the admin user or what? I don't want users to have to change a bunch of settings to get it to work.

Beginning to think it's not possible on Windows7 after looking at http://www.codeproject.com/Articles/36581/Interaction-between-services-and-applications-at-u, It just gives me an access denied.
Last edited on Jun 30, 2013 at 6:29am
Jun 30, 2013 at 7:42am
modoran (2077)
So Modoran, how would I use that technique using CreateProcessAsUser() to spawn a process?

This is a code I tested myself and it works:
http://www.codeproject.com/Articles/18367/Launch-your-application-in-Vista-under-the-local-s

Would I just use the admin user or what? I don't want users to have to change a bunch of settings to get it to work.


The sample code uses the same access level as winlogon.exe (administrator privileges). Just use HKEY LOCAL MACHINE to store the settings you need if you don't want other users to change them.

Beginning to think it's not possible on Windows7


It is perfectly possible in windows 7.



Put ALL your code inside child.exe, NOT inside the service itself.
Jun 30, 2013 at 6:52pm
notajew (8)
@Modoran

I'm reading through the source and can't tell, since the author says it's communicating between a client and service, does it require any messages sent between the service and app?

Thanks.
Jun 30, 2013 at 7:19pm
modoran (2077)
Well, a service is always running, even if no user is logged on.


It all depends of what you want to do, tehnically it is no required to communicate between a service and client app, but for most practical cases this is almost the case.

What else do you need a service in the first place if you don't want/need to communicate with it ?

You say in your first post:
I want the service to start a process if it's not started,


Yes, but in what conditions ? At user logged on ? Why not use Run registry key or Startup folder then ?

Jun 30, 2013 at 7:54pm
notajew (8)
I just need a helper service. I'm going to have the service check periodically to see if a process is running, for example, test.exe. If test.exe is not in the list of running process, it creates the process again. That's all I need it to do.

EDIT: Hell yea I think I got it, I just used the function from the code you sent me. Well, I got it open a process finally (notepad.exe).

Question for you, should the service be able to check if a process is running or not? I haven't implemented the code yet, but right now there's no communication between the processes, which I don't really need, like I said above.
Last edited on Jun 30, 2013 at 8:03pm
Topic archived. No new replies allowed.