节点Windows-在登录屏幕上运行GUI应用 [英] Node-Windows - Run GUI app on Logon screen
问题描述
我需要在Windows 7到10的登录屏幕上运行GUI应用程序.
I need to run a GUI app on the logon screen on Windows 7 to 10.
我有一个nodejs应用程序注册为服务,该应用程序使用node-windows模块作为SYSTEM(默认)运行.这似乎是我需要的先决条件,但还需要更多.
I have a nodejs app registered as a service which runs as SYSTEM (the default), using node-windows module. This seems to be a prerequisite to what I need, but something more is necessary.
该应用程序只是连接到套接字服务器的基本套接字客户端,到目前为止还没有什么特别的.
The app is just a basic socket client that connects to a socket server, nothing special as of yet.
我在想,如果我使用child_process.spawn()打开提升的命令提示符和/或以其他用户身份运行-但是是哪个用户? SYSTEM不会执行此操作.我在想运行什么winlogon.exe,但这似乎不是SYSTEM,即使这是任务管理器中显示的内容.
I am thinking maybe if I use child_process.spawn() to open an elevated command-prompt and/or runas another user-- but what user? SYSTEM doesn't do it. I'm thinking whatever winlogon.exe runs as, but that doesn't seem to be SYSTEM even though that's what it shows as in task manager.
如果您具有系统级别的访问权限,是否有Windows命令在登录屏幕上运行GUI?
Is there a windows command to run a GUI in the logon screen if you have SYSTEM-level access?
更新:
好的.到目前为止,我有一个类似于telnet的反向客户端,作为SYSTEM用户下的Windows服务在远程主机"上运行.它定期连接到测试服务器文本界面(也是节点),您可以从中输入nodejs命令-基本上是自家制JS REPL.
Ok. As of now I have a reverse telnet-like client running on the "remote host" as a Windows Service under the SYSTEM user. It periodically connects to a test server text interface (also node), from which you can enter nodejs commands-- basically a home-brew JS REPL.
我能够在Session 0下生成一个隐藏的,交互式Windows命令提示符,键入命令并通过我的反向命令行终端获取输出.
I am able to spawn a hidden, interactive windows commands prompt under Session 0, type commands and get output through my little reverse command-line terminal.
在这里,加密和安全性很重要,但是目前Windows正在笔记本电脑上的Linux内的VM中运行,并且这些应用仅通过仅主机虚拟网络上的专用NIC相互通信,这样数据包就不会溢出到真实网络中.
Obvi, encryption and security will be important here, but for now Windows is running in a VM inside Linux on my laptop, and the app(s) only talk to each other through private NIC's on a Host-only Virtual Network, so packets are not spilling out onto the the real network.
在会话0的Windows命令提示符下,我尝试运行远程控制GUI应用程序.我没有显示GUI,而是出现以下错误:
At my windows command prompt in Session 0, I tried running my remote-control GUI app. Instead of being presented with a GUI, I get the following error:
[5472:5492:0828/031356.901:ERROR:gpu_process_transport_factory.cc(1024)]丢失了UI共享上下文.
[5472:5492:0828/031356.901:ERROR:gpu_process_transport_factory.cc(1024)] Lost UI shared context.
如果我任务列表,我得到:
winlogon.exe 2140控制台3 6,704 K未知NT AUTHORITY \ SYSTEM 0:00:00 N/A
LogonUI.exe 4772控制台3 19,104 K未知NT AUTHORITY \ SYSTEM 0:00:00 N/A
winlogon.exe 2140 Console 3 6,704 K Unknown NT AUTHORITY\SYSTEM 0:00:00 N/A
LogonUI.exe 4772 Console 3 19,104 K Unknown NT AUTHORITY\SYSTEM 0:00:00 N/A
因此,我可以看到winlogon.exe和LogonUI.exe在会话3中以用户'SYSTEM'的身份运行.
So, I can see winlogon.exe and LogonUI.exe are running in session 3 as user 'SYSTEM'.
如何将服务放在winlogon和logonui的GUI上下文中,或在其中生成我的应用程序?
How can I put the service in the GUI context of winlogon and logonui, or spawn my app in it's ?
是否有Windows命令来执行此操作? Node.js的命令/模块/功能?
Is there a windows commands to do this? A nodejs command/module/function?
更多信息:
它必须是我可以在程序中使用的程序化,可自动化解决方案-无需使用其他GUI应用程序进行手动调整即可使其正常工作.
It needs to be a programmatic, automatable solution I can work into the program-- no manual tweaking using another GUI app to get it working.
注册表编辑或通过节点或Windows控制台命令可完成的任何操作都应该是可以接受的,因为我可以将其合并到我的代码中.
Registry edits or anything accomplishable via node or windows console commands should be acceptable, however, since those I can incorporate into my code.
背景:这主要是为了运行我编写的远程桌面应用,非常类似于Screen-Connect或LogMeIn.它的工作原理非常好-除了它在您调用UAC或进入登录屏幕的任何时间都会暂停的部分之外,这对于远程IT工作而言尚不实用.
Background: This is mostly to run a remote-desktop app I wrote, much like Screen-Connect or LogMeIn. It works great-- except for the part where it pauses anytime you invoke anything calling up the UAC or enter the logon screen, making it not yet practical for remote IT work.
nodejs Windows服务应用程序本身也可以很好地发挥作用,它可以在启动时作为服务自动启动,无需登录或持续连接即可自动连接/重新连接到测试服务器,并且可以持续保持活动状态.
The nodejs windows service app also works good for it's part, autostarts as a service at boot time, autoconnects/reconnects to the test server without requiring login or a continuous connection, and stays alive persistently.
基本上,我在考虑是否可以在登录屏幕中运行它的实例,然后它应该能够捕获桌面视频捕获以输出到网络,并从网络调用远程鼠标和键盘输入.
Basically I am thinking if I can run an instance of it in the logon screen it should be able to then grab desktop video capture for output to the network, and invoke remote mouse and keyboard input from the network.
使用NW.js和运行在远程主机上的child_process.spawn()ed基于robotjs的套接字客户端完成桌面捕获.
The desktop-capture is done using NW.js, and child_process.spawn()ed robotjs-based socket-client running on the remote host.
不幸的是,在服务应用程序中植入robotjs无效-我尝试了一下,因为我至少想在controller-app中拥有一个自定义的远程登录屏幕,并让robotjs在远程应用程序中输入密码pc的登录屏幕-但没有运气.看来我只得到旧版Desktop 0,而不是基于robotjs的键盘/鼠标输入的登录屏幕.
Unfortunately, implanting robotjs in the service app doesn't work-- I tried that as I was thinking at the very least I could have a custom remote logon screen in the controller-app and have robotjs input the password in the remote pc's logon screen-- but no luck. It appears I am only getting the legacy Desktop 0, not the logon screen for robotjs-based keyboard/mouse input.
我真的希望我所需要的只是运行"其他用户或进程. **注意:我正在寻找一种不涉及自动登录,重新启动或解决方法的方法.我知道MicroSoft已经正式支持完成这些任务的方式-但是我还没有找到一种通过Node而不是C来完成此任务的方法.如果有一个使用本机代码来完成此任务的节点模块,那对我来说很好.我只希望我的代码是JavaScript.
I am really hoping all I need is to 'runas' some other user or process. **Note: I am looking for a way to do this that does not involve auto-logon, reboots, or workarounds. I know MicroSoft has officially supported ways for accomplishing such tasks-- but I have yet to find a way to do it through Node rather than C. If there's a node-module using native code to do it, that's fine by me. I just want my code to be JavaScript.
无论如何,这是我要提出的实际目标-在登录屏幕上运行我的远程桌面应用程序以抓取视频并调用鼠标操作和击键.
Anyway, that is the actual goal I'm asking this question for-- to run my remote desktop app on the logon screen to grap video and invoke mouse actions and keystrokes.
如果有更好的方法与标题中的问题不匹配,请回答,如果可行,我将对问题进行编辑以匹配答案.
If there is a better way that doesn't match the question in the title, please do answer and I will edit the question to match the answer, if it works.
推荐答案
答案是"paexec". psexec的工作原理完全相同,但是paexec是开源的,可以自由分发,并且可以在您的应用程序中用于个人和商业应用程序.
The answer is 'paexec'. psexec works exactly the same, but paexec is open-source, freely distributable, and usable in your apps for both personal and commercial applications.
要求:
下载paexec.exe.
Download paexec.exe .
将其放置在可执行的位置,或将cd放入放置的文件夹中,或将其放置在命令路径中,或将放置在其中的文件夹添加到命令路径中,或按路径名引用它(即c :\ folder \ subfolder \ paexec-您的选项).
Place it where you can execute it, OR cd to the folder you put it in, OR place it in the command path, OR add the folder you put it in to the command path, OR reference it by pathname (i.e. c:\folder\subfolder\paexec -your_options).
推荐:
从Windows服务(在我的情况下为npm node-windows服务)执行此操作.这使您可以将其作为SYSTEM运行.还有其他方法,但是这种方法似乎效果最好.
Execute this from a Windows Service (in my case an npm node-windows service). This allows you to run it as SYSTEM. There are other ways, but this one seems to work the best.
示例用法:
paexec -d -s -x -w c:\path\to\your\app_folder cmd /c app.exe -your_options
这是如何工作的:
How this works:
-d防止paexec等待应用退出,因此允许非阻塞.
-d prevent paexec from waiting for app to exit, therefore allows non-blocking.
-s以SYSTEM用户身份执行.
-s executes as SYSTEM user.
-x使其在登录屏幕上运行
-x causes it to run on the logon screen
-w设置当前工作目录
-w sets the current working directory
cmd/c yourappname.exe允许您使用先前的选项运行GUI交互式应用程序(似乎没有先打开提示就无法使用).
cmd /c yourappname.exe allows you to run a GUI interactive app with the previous options (it doesn't seem to work without opening the prompt first).
其他注意事项:
使用'cmd/c',您可以调用.bat或.cmd脚本,并使用'start/b your_app.exe'使cmd.exe窗口消失(否则,您将其卡在登录屏幕上)直到您关闭它或您的应用程序为止.
Using 'cmd /c', you can call a .bat or .cmd script and use 'start /b your_app.exe' to make the cmd.exe window go away (otherwise you are stuck with it on your logon screen until you close it or your app).
您的应用程序在登录后将继续运行,但是不会在用户登录会话中运行,因此,如果您希望您的应用程序同时执行,建议您使用'taskkill/f/im your_app.exe'或其他意味着先停止然后在用户登录会话上运行.
Your app will continue running after logging in, however it won't be running in the users login session, so if you want your app to do both, I recommend using 'taskkill /f /im your_app.exe' or other means to stop in and then running on the users login session.
您可以通过以下方式在用户的桌面会话上运行它:
You can run it on the user's desktop session via:
paexec -d -s -i 1 -w... (the rest is the same as above).
...假设只有一个用户登录,他们将在会话1上.这是'-i 1'选项的作用,它在会话1上运行.如果有多个用户登录, (即通过切换用户等),它们可能具有不同的会话号,因此只需将'-i 1'替换为'-ix',其中'x'是用户的会话ID.
...assuming there is only one user logged in, they will be on Session 1. This is what the '-i 1' option does, is run it on session 1. If there is more than one user logged in (i.e. via Switch User etc.) they may have a different Session number, so just replace '-i 1' with '-i x' where 'x' is the users Session ID.
您可以通过Windows命令'tasklist/v'查找会话ID.
You can lookup the Session id via Windows command 'tasklist /v'.
如果您尝试从node.js服务运行此程序,则需要使用process_child内置模块和 spawn cmd提示符从其运行.有很多示例,因此在此不做介绍.从Windows Service运行它的好处是它不会打开可见的窗口,您可以通过标准的child_process.spawn()方法和事件来提供I/O.
If you're trying run this from a node.js service, you will need to use process_child built-in module and spawn a cmd prompt to run it from. There are lots of examples for this, so not tackling that here. The nice thing about running it from a Windows Service is it won't open a visible window, and you can provide i/o via the standard child_process.spawn() methods and events.
安全性:
通过Windows服务(即通过node-windows和child_process.spawn)运行此程序,不仅使您可以在登录屏幕上在登录屏幕上运行GUI应用,而且可以在登录前(无论是否通过GUI)启动时运行-没有任何典型的不安全黑客,例如自动登录到特殊用户帐户然后锁定屏幕或注销等.它实际上是使用一种工具来镜像MicroSoft/SysInternals自己的工具,以便按照MS的官方规定方法进行操作
Running this from a Windows Service (i.e. via node-windows and child_process.spawn) allows you to run your GUI app not only on the logon screen, but at boot-time before login, GUI or not-- without any of the typical insecure hacks, like autologon to a special user account then locking the screen or logging out, etc. It is actually using a tool that mirrors MicroSoft/SysInternals own tool for doing this under MS's officially prescribed methods.
这里的弱点只是您的应用程序,因此请将其锁定并确保安全!
The weak-point here is only your app, so button it up and be safe!
注意:观察到这是一个复杂的问题,这可能就是为什么似乎没有任何好的答案的原因-可能只有少数知道了答案的人才愿意分享.所以,你去.
Note: Obvi this is a complicated issue, which is probably why there don't seem to be any good answers-- and likely the few who have figured it out don't want to share. So here you go.
享受!
PS:您可能对此真的邪恶. 请不要将其用于邪恶目的.这正是他们使它变得如此困难的原因.做个好人,我们就能从它的力量中受益.
PS: You could be really Evil with this. Please don't use it for nefarious purposes. That's exactly why they have made it so difficult. Be good, so we can all benefit from it's power.
关于任务名称:
如果您希望引用您的节点或nw.js应用程序,并在任务列表和任务管理器中将其视为yourappname.exe,则只需将node.exe和nw.exe可执行文件重命名为您希望它们显示的内容as(即,将nw.exe重命名为myapp.exe,它将显示并在Windows中称为myapp.exe).假设您的应用程序文件夹中有node.exe等的本地副本... 请勿使用全局安装的可执行文件执行此操作!
If you wish to refer to your node or nw.js app, and see it as yourappname.exe in tasklist and task manager, you can simply rename the node.exe and nw.exe executables to whatever you want them to show as (i.e. rename nw.exe to myapp.exe and it will show and be referred to as myapp.exe in Windows). This is assuming you have a local copy of node.exe etc. in your app folder... Don't do this with the globally installed executable!
还有一件事:
如果有人有更好,久经考验的方法,请将其添加为答案!
If anyone has a better, tried and tested method, please add it as an answer!
如果对我有用,我会很乐意拒绝我的回答,并接受您的回答!
If it works for me, I will gladly unaccept my answer and accept yours!!
这篇关于节点Windows-在登录屏幕上运行GUI应用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
