模拟用户和使用Web应用程序调用cmd.exe [英] impersonating user and Invoking cmd.exe using Web Application
问题描述
我正在使用MVC应用程序,我想冒充用户并调用cmd.exe并将agruments传递给命令行。
我想检查在哪个帐户下调用命令提示符,所以我在命令行中使用了whoami命令。但我会调用powershell
并在命令行中传递agruments。
如果我删除RunAs动词并只是调用命令提示符,则显示 iis apppool\defaultapppool。
但我想使用带有用户名和密码的runas动词来调用命令提示符
string _commandParameter = @" whoami" ;;
try
{
var process = new Process
{
StartInfo =
{
CreateNoWindow = true,
UseShellExecute = false,
RedirectStandardOutput = true,
RedirectStandardInput = true,
RedirectStandardError = true,
Verb =" runas",
FileName = @" C :\ Windows \ System32 \ cmd.exe",
Domain =" dir",
UserName = userID,
Password = GetSecureString(userpassword),
A rguments = _commandParameter
}
};
process.Start();
string readToEndOutput = process.StandardOutput.ReadToEnd();
string readToEndError = process.StandardError.ReadToEnd();
process.WaitForExit();
}
catch(Exception ex)
{
log.Info("错误,输入ActionResult中的StackTrace异常 - " + ex.StackTrace.ToString());
log.Info("输入ActionResult中的消息异常错误 - " + ex.Message.ToString());
}
public static SecureString GetSecureString(string str)
{
SecureString result = new SecureString();
try
{
if(string.IsNullOrWhiteSpace(str))
返回null;
else
{
foreach(str.ToCharArray()中的char c)
result.AppendChar(c);
返回结果;
}
}
catch(exception ex)
{
log.Info("无法创建密码 - " + ex.StackTrace.ToString ());
}
返回结果;
}
输出
但我收到错误,我可以在Windows事件查看器中查看
相同代码,如果我通过控制台应用程序运行正常工作。
我建议您在MVC论坛中发布您的问题,因为它在特定的安全环境中运行:
https://forums.asp.net/1146.aspx/1?MVC
I'm using a MVC application and I want to impersonate user and invoke cmd.exe and pass agruments to the command line.
I want to check under which account the command prompt is being invoked so I have used whoami command in the command line. But I would invoke a powershell and pass agruments in the command line.
If I remove the RunAs verb and simply invoke the command prompt it is showing iis apppool\defaultapppool.
But I want to use runas verb with username and password to invoke command prompt
string _commandParameter = @"whoami"; try { var process = new Process { StartInfo = { CreateNoWindow = true, UseShellExecute = false, RedirectStandardOutput = true, RedirectStandardInput = true, RedirectStandardError = true, Verb = "runas", FileName = @"C:\Windows\System32\cmd.exe", Domain = "dir", UserName = userID, Password = GetSecureString(userpassword), Arguments = _commandParameter } }; process.Start(); string readToEndOutput = process.StandardOutput.ReadToEnd(); string readToEndError = process.StandardError.ReadToEnd(); process.WaitForExit(); } catch (Exception ex) { log.Info("error as StackTrace Exception in Input ActionResult -" + ex.StackTrace.ToString()); log.Info("error as Message Exception in Input ActionResult -" + ex.Message.ToString()); } public static SecureString GetSecureString(string str) { SecureString result = new SecureString(); try { if (string.IsNullOrWhiteSpace(str)) return null; else { foreach (char c in str.ToCharArray()) result.AppendChar(c); return result; } } catch (Exception ex) { log.Info("Cannot create password-" + ex.StackTrace.ToString()); } return result; }
The output
But I'm receiving error which I can view in windows eventviewer
The same code if I run through a console application is working as expected.
I would recommend posting your question in the MVC forum since it operates in a specific security context:
这篇关于模拟用户和使用Web应用程序调用cmd.exe的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!