Escalate program out of Session 0 - c++

My program uses the DXGI API to interact with DXGI Outputs and Adapters.
I am developing it using mostly command line tools, since I don't need any GUI yet.
I am also accessing my PowerShell instance through Bitvise SSH Server - whenever I run my compiled program.exe through this PowerShell instance, as far as I can tell it means that my program is running in Session 0, and that means I only have access to a subset of the DXGI functionality (see Use Direct3D in Session 0 Processes).
Is there any way that I can somehow hack around this requirement? Is there a flag I can pass to program.exe that pops it out of session 0 somehow?

If not via WinAPI and if you can use and launch additional exe to start your program.exe, I think you can try using psexec utility: http://technet.microsoft.com/en-us/sysinternals/bb897553.
I guess there are similar utilities around as well.
EDIT:
You can use psexec for starting processes on local box as well, see reference for "computer" argument:
computer Direct PsExec to run the application on the computer or computers specified. If you omit the computer name PsExec runs the application on the local system and if you enter a computer name of "\*" PsExec runs the applications on all computers in the current domain.
Another EDIT
I was able to launch notepad.exe in my session emulating what you might have had:
psexec -i 0 psexec -s -i 1 C:\windows\system32\Notepad.exe
This command line starts uses psexec to start itself in session 0 (under system account), then that new psexec calls notepad.exe to be shown in my session (session 1). And it kind of does work.
Of course, you'll need admin rights to run these commands.

Related

ssh timeout error while training a deep learning model on GCP VM

I am trying to train a deep learning model on GCP VM which is supposed to run 10-12 hours. But every time it runs for few epoch (few hours), it gives ssh timeout error.
I have set the following parameters on the config file but still the same error.
Can this be a code issue or something to do with VM config parameter.
The first step is to understand the problem, then select the solution.
When you create an SSH connection to a host (your VM), this opens a TCP connection on port 22. The SSH server then runs a shell program in this SSH session. When the SSH session closes or is interrupted, the shell program is killed, which kills most processes that the shell started.
Home Internet providers often reset long-running connections. This is to prevent you from running servers or large downloads over a home Internet connection. There are other reasons that the Internet provider might reset connections that are normal. You need to understand that this will happen and select options to manage this.
There are several programs that are available. Look into tmux and screen.
I use both programs and prefer tmux. Both programs are free and very popular. There are additional methods and programs from running your program in the background & to using nohup.
From Wikipedia:
tmux is a terminal multiplexer for Unix-like operating systems. It allows multiple terminal sessions to be accessed simultaneously in a single window. It is useful for running more than one command-line program at the same time. It can also be used to detach processes from their controlling terminals, allowing SSH sessions to remain active without being visible.
GNU Screen is a terminal multiplexer, a software application that can be used to multiplex several virtual consoles, allowing a user to access multiple separate login sessions inside a single terminal window, or detach and reattach sessions from a terminal. It is useful for dealing with multiple programs from a command line interface, and for separating programs from the session of the Unix shell that started the program, particularly so a remote process continues running even when the user is disconnected.

Network Access As Local System Running Exe From Network Share

I am running a Dotnet 3.5 executable in Windows 7 Ent, as a GPO computer startup script in a domain. The script resides on a network share. The exe is run as Local System. The exe runs correctly.
I would like to access a web Service in this exe, but it appears that the Local System does not have access to network resources per documentation. However if the same exe is copied to the C Drive and run from there under the same account and same conditions (i.e. GPO startup script) then the Web Service can be accessed.
How is it that the Local System has access to the web service when running from C: drive, but not from the Network Share? Is there anything that can be done to make it work from the network share, without first being copied to the local drive? is Local System same as SYSTEM and same as NTAuthority\system?
I have tried the following so far to make it work. None of these work:
Impersonate a domain user in code.
Give Full Trust to all zones in .Net Security Configuration
Add the network share to Trusted Sites in IE.
Use the netbios name instead of the fully qualified name of the fileserver, i.e. \server\share, rather than \server.domain.com\share
The following things I cannot do to fix this problem:
Change the logon account of the Group Policy Client service to a domain user
Run the exe as logon script. It has to be startup script.
To reproduce this problem I do the following:
Create an simple exe with some network function, i.e. WebClient.DownloadString("http://www.google.com")
Deploy exe to a network share
Run as normal user to show there is no error
Run whoami to show the current user
run psexec -s -i cmd.exe
Cmd will start as SYSTEM (Local System or NT Authority\System)
Run whoami to show the current user
Run exe from network share to show it will fail to download the page.
Copy the exe to C Drive.
Run exe to show the page is downloaded.

Starting sas job from remote computer

I have a scheduling program running on Server A running Windows 2008 RS. Server B is my SAS server under Windows 2008 R2. How do I kick-off a job on SAS server from my scheduling server? I can either use the sas.exe or a batch file to start my job. Owners of the SAS server tell me that I cannot add an application or Windows service to the SAS server. Is this even possible?
Below is a copy of my answer to a slightly different question (source: http://www.runsubmit.com/questions/260/hide-sas-batch-jobs-winxp). I'm copy/pasting it here for perpetuity and also because it's more likely to help people searching:
You can use PsExec which is part of Microsoft/Sysinternals list of utility programs. This file will go on the scheduling server. Grab it from here:
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
The tool is designed to allow you to execute jobs on remote machines. For example, if you want to launch a SAS program from the command line you could run:
psexec \\machinename sas.exe -sysin remotedrivename:\remotefolder\myprogram.sas
This would launch SAS.EXE on the remote machine and run the supplied program that exists on the remote machine. When it launches SAS it appears to launch it within a PsServ service. Because it's running within a service no interface will be displayed. I'm not even sure if you would see it appear as it's own process or application in windows task manager. If you use SysInternals other program, ProcessExplorer, instead of Task Manager you can see this happening.
Note that the REMOTE MACHINE and the LOCAL machine can be the same machine.
PROS: Many other uses for this technique. It's free. PsExec is only required on the machine that is making the call, not both machines.
CONS: Its a bit of a roundabout way to do things. Need to install a third party program (although it is now a MS tool). Some antivirus programs/network admins may not allow it.
Note that if your SAS jobs access network resources then you will probably need to make the network resource available first using the net map command. I suggest running your sas job in a batch file like so (or use the 'x' command from within your SAS file to call the 'net use' commands):
Command executed from local machine:
psexec \\machinename -sysin remotedrivename:\remotefolder\myprogram.BAT
Contents of batch file on remote machine:
net use m: \\fileserver\sharedfolder /USER:mynetworkdomainname\myusername mypassword
sas.exe -sysin remotedrivename:\remotefolder\myprogram.sas
net use m: /delete

Qt::How to identify/detect if the system is Remotely access by other system in Linux

I am developing an application in ubuntu to access the other system remotely through QT. Both system are running some Qt applications.I want to check / make changes to the other system remotely using Qt programming.
I want to add a pushbutton (as a quit screen) at remote system that should be "Enable only if the system is remotely accessed", so that i can use it to close the remote access screen.
Is there any way through programming we can get the status whenvever it is remotely accessed???
I got through some solutions on forum but they are particularly for Windows. I am looking for some solution in Linux.
Please provide suggestion/links so that i can overcome this issue.
Thanks in Advance
If you are using the remote display abilities of the X11 protocol, you could check the value of the DISPLAY variable. For a local connection, it usually starts with :0; for a distant connection, it contains the hostname of the displaying server. For a connection thru ssh -X it could be localhost:10 and ssh is also setting SSH_CLIENT and SSH_CONNECTION environment variables.
Otherwise, you should define better what is a remote access for you (i.e. explain more your application). Your Qt application may also be e.g. some TCP/IP server. Perhaps the getpeername(2) syscall might be relevant.
If you just are interested in what remote connections flow into your box (independently of a particular application) you could read (e.g. using popen) the output of command netstat -a -n or use some /proc/net/ directory.

How to start a process on a remote machine in C++ under Windows

I'm using Dev-C++ under Windows. My question is how can i start a process on a remote machine? I know that PsExec can do that, but if it's possible, i want to avoid to use it.
If someone can give some example code, i would appreciate it :)
Thanks in advance!
kampi
If this was easy, hackers would be starting up malware on all machines exposed to the internet.
PSExec uses the Services Control Manager over a LAN to start a service EXE from 'here', i.e. the machine where you run it. It requires a lot of security privileges - e.g. admin rights.
If you don't want to do this, you can look into SSH (there are open source examples) or Remote Command Prompt (in Windows Resource Kit).
You can use WMI... (C# example so you'll have to find the equivalent C++)
ConnectionOptions connectOptions = new ConnectionOptions();
connectOptions.Username = "Administrator";
connectOptions.Password = "TopSecret";
ManagementScope scope = new ManagementScope(
#"\\" + machine + #"\root\cimv2",
connectOptions);
scope.Connect();
ManagementPath path = new ManagementPath(#"Win32_Process");
ManagementClass proc = new ManagementClass(scope, path, new ObjectGetOptions());
ManagementBaseObject args = proc.GetMethodParameters("Create");
args["CommandLine"] = "C:\\Windows\\notepad.exe";
proc.InvokeMethod("Create", args, null);
It would be best if you already have a service running on the remote machine which you can ask to run a program. Windows itself does not provide anything useful out of the box; it does ship with a remote shell service (which is usually deactivated or not even installed).
IIUC, what psexec does is this:
copy a the binary onto the remote machine, using an administrative share
install the binary remotely as a service, using remote registry operations
start the service remotely, using the service control manager API.
If you don't want to use psexec, you could still do the same. Notice that you need quite some privileges to do so.
The simple answer is that you can't. All you can do is send a message to the remote machine asking it to start the process for you. PsExec runs on the remote machine listening for specific messages and starting processes in response to them.
You can either use an existing protocol, like PsExec, or create your own. Creating your own requires that you can install a service on the remote machine. If the remote machine is not under your control then this isn't possible. If you do design your own system you must be careful when designing the protocol as you don't want to inadvertently open a security hole in your system.