Skip to content

Commit

Permalink
feat: try to get session id via WTSEnumerateSessions when in the remo…
Browse files Browse the repository at this point in the history 
…te session
  • Loading branch information
@KamenRiderKuuga
KamenRiderKuuga committed May 25, 2022
1 parent 702edca commit 9c15c9d
Showing 1 changed file with 72 additions and 4 deletions.
76 changes: 72 additions & 4 deletions ProcessGuard.Common/Utility/ApplicationLoader.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,17 @@ public struct PROCESS_INFORMATION
public uint dwThreadId;
}

[StructLayout(LayoutKind.Sequential)]
private struct WTS_SESSION_INFO
{
public readonly uint SessionID;

[MarshalAs(UnmanagedType.LPStr)]
public readonly string pWinStationName;

public readonly WTS_CONNECTSTATE_CLASS State;
}

#endregion

#region Enumerations
Expand Down Expand Up @@ -76,6 +87,20 @@ private enum SW : int
SW_FORCEMINIMIZE = 11,
}

private enum WTS_CONNECTSTATE_CLASS
{
WTSActive,
WTSConnected,
WTSConnectQuery,
WTSShadow,
WTSDisconnected,
WTSIdle,
WTSListen,
WTSReset,
WTSDown,
WTSInit
}

#endregion

#region Constants
Expand Down Expand Up @@ -117,6 +142,12 @@ private extern static bool DuplicateTokenEx(IntPtr ExistingTokenHandle, uint dwD
[DllImport("wtsapi32.dll", SetLastError = true)]
private static extern uint WTSQueryUserToken(uint SessionId, ref IntPtr phToken);

[DllImport("wtsapi32.dll", SetLastError = true)]
private static extern int WTSEnumerateSessions(IntPtr hServer, int Reserved, int Version, ref IntPtr ppSessionInfo, ref int pCount);

[DllImport("wtsapi32.dll", SetLastError = false)]
public static extern void WTSFreeMemory(IntPtr memory);

#endregion

/// <summary>
Expand All @@ -140,11 +171,10 @@ public static bool StartProcessInSession0(string applicationFullPath, string sta
{
procInfo = new PROCESS_INFORMATION();

// 获取当前正在使用的系统用户的session id,每一个登录到系统的用户都有一个唯一的session id
// 使用两种方法获取当前正在使用的系统用户的session id,每一个登录到系统的用户都有一个唯一的session id
// 这一步是为了可以正确在当前登录的用户界面启动程序
uint dwSessionId = WTSGetActiveConsoleSessionId();

if (WTSQueryUserToken(dwSessionId, ref hPToken) == 0)
if (WTSQueryUserToken(WTSGetActiveConsoleSessionId(), ref hPToken) == 0 &&
WTSQueryUserToken(GetSessionIdFromEnumerateSessions(), ref hPToken) == 0)
{
return false;
}
Expand Down Expand Up @@ -210,6 +240,44 @@ out procInfo // 用于接收新创建的进程的信息
return result;
}

/// <summary>
/// Get session id via WTSEnumerateSessions
/// </summary>
/// <returns></returns>
private static uint GetSessionIdFromEnumerateSessions()
{
var pSessionInfo = IntPtr.Zero;
try
{
var sessionCount = 0;

// Get a handle to the user access token for the current active session.
if (WTSEnumerateSessions(IntPtr.Zero, 0, 1, ref pSessionInfo, ref sessionCount) != 0)
{
var arrayElementSize = Marshal.SizeOf(typeof(WTS_SESSION_INFO));
var current = pSessionInfo;

for (var i = 0; i < sessionCount; i++)
{
var si = (WTS_SESSION_INFO)Marshal.PtrToStructure(current, typeof(WTS_SESSION_INFO));
current += arrayElementSize;

if (si.State == WTS_CONNECTSTATE_CLASS.WTSActive)
{
return si.SessionID;
}
}
}

return uint.MaxValue;
}
finally
{
WTSFreeMemory(pSessionInfo);
CloseHandle(pSessionInfo);
}
}

/// <summary>
/// 执行命令行并且获取输出的内容(包括输出内容和错误内容)
/// </summary>
Expand Down

0 comments on commit 9c15c9d

Please sign in to comment.