英文:
ctypes.ArgumentError: argument 1: TypeError: Don't know how to convert parameter 1
问题
import ctypes
import win32security
h_token = win32security.OpenProcessToken(ctypes.windll.kernel32.GetCurrentProcess(), win32security.TOKEN_ALL_ACCESS)
lpApplicationName = ctypes.c_wchar_p(rf"C:\\Windows\\System32\\cmd.exe")
lpCommandLine = ctypes.c_wchar_p("")
dwCreationFlags = 0x00000010
lpEnvironment = None
lpProcessAttributes = None
lpThreadAttributes = None
bInheritHandles = False
ctypes.windll.advapi32.CreateProcessWithTokenW(h_token, 0, lpApplicationName, lpCommandLine, dwCreationFlags, lpEnvironment, None, lpProcessAttributes, lpThreadAttributes, bInheritHandles)
Traceback (most recent call last):
File "testx.py", line 96, in <module>
ctypes.windll.advapi32.CreateProcessWithTokenW(h_token, 0, lpApplicationName, lpCommandLine, dwCreationFlags, lpEnvironment, None, lpProcessAttributes, lpThreadAttributes, bInheritHandles)
ctypes.ArgumentError: argument 1: TypeError: Don't know how to convert parameter 1
如何修复它?我做错了什么?感谢阅读和帮助 
英文:
my code..
import ctypes
import win32security
h_token = win32security.OpenProcessToken(ctypes.windll.kernel32.GetCurrentProcess(), win32security.TOKEN_ALL_ACCESS)
lpApplicationName = ctypes.c_wchar_p(rf"C:\\Windows\\System32\\cmd.exe")
lpCommandLine = ctypes.c_wchar_p("")
dwCreationFlags = 0x00000010
lpEnvironment = None
lpProcessAttributes = None
lpThreadAttributes = None
bInheritHandles = False
ctypes.windll.advapi32.CreateProcessWithTokenW(h_token, 0, lpApplicationName, lpCommandLine, dwCreationFlags, lpEnvironment, None, lpProcessAttributes, lpThreadAttributes, bInheritHandles)
my output...
Traceback (most recent call last):
File "testx.py", line 96, in <module>
ctypes.windll.advapi32.CreateProcessWithTokenW(h_token, 0, lpApplicationName, lpCommandLine, dwCreationFlags, lpEnvironment, None, lpProcessAttributes, lpThreadAttributes, bInheritHandles)
ctypes.ArgumentError: argument 1: TypeError: Don't know how to convert parameter 1
how i can fix it? what i'm doing wrong?, thanks for read and help
答案1
得分: 0
The token returned by win32security.OpenProcessToken is a PyHANDLE object. Use int(h_token) to get a value that ctypes will accept. Note that you should set the .argtypes and .restype of a ctypes function or parameters and return value may not convert properly from Python to C.
英文:
The token returned by win32security.OpenProcessToken is a PyHANDLE object. Use int(h_token) to get a value that ctypes will accept. Note that you should set the .argtypes and .restype of a ctypes function or parameters and return value may not convert properly from Python to C.
答案2
得分: 0
以下是您要翻译的内容:
-
[GitHub]: mhammond/pywin32 - Python for Windows (pywin32) Extensions is a Python wrapper over WinAPIs. Documentation (WiP) can be found at [GitHub.MHammond]: Python for Win32 Extensions Help (or [ME.TimGolden]: Python for Win32 Extensions Help)
-
[Python.Docs]: ctypes - A foreign function library for Python
At 1<sup>st</sup> glance, this situation seems to be one of the exceptions, as CreateProcessWithTokenW is not wrapped by PyWin32.
I played a bit with your code after fixing some errors:
-
Pass
h_token.handleto CreateProcessWithTokenW -
Fix Undefined Behavior (check [SO]: C function called from Python via ctypes returns incorrect value (@CristiFati's answer) for a common pitfall when working with CTypes (calling functions))
but I couldn't get it to work (got ERROR_TOKEN_ALREADY_IN_USE). Note that I didn't spend much time investigating (adjusting the token privileges, ...), because I paid more attention to what [MS.Learn]: CreateProcessWithTokenW function (winbase.h) states:
> The process that calls CreateProcessWithTokenW must have the SE_IMPERSONATE_NAME privilege. If this function fails with ERROR_PRIVILEGE_NOT_HELD (1314), use the CreateProcessAsUser or CreateProcessWithLogonW function instead.
code00.py:
#!/usr/bin/env python
import sys
import win32api as wapi
import win32con as wcon
import win32process as wproc
import win32security as wsec
def main(*argv):
token = wsec.OpenProcessToken(wproc.GetCurrentProcess(), wsec.TOKEN_ALL_ACCESS)
app_name = "C:\\Windows\\System32\\cmd.exe"
creation_flags = wcon.CREATE_NEW_CONSOLE
si = wproc.STARTUPINFO()
hproc, hthr, pid, tid = wproc.CreateProcessAsUser(token, app_name, None,
None, None, 0, creation_flags,
None, None, si)
print("New PId: {:d}".format(pid))
wapi.CloseHandle(token)
if __name__ == "__main__":
print("Python {:s} {:03d}bit on {:s}\n".format(" ".join(elem.strip() for elem in sys.version.split("\n")),
64 if sys.maxsize > 0x100000000 else 32, sys.platform))
rc = main(*sys.argv[1:])
print("\nDone.")
sys.exit(rc)
Output:
> [cfati@CFATI-5510-0:e:\Work\Dev\StackOverflow\q075358233]> "e:\Work\Dev\VEnvs\py_pc064_03.10_test0\Scripts\python.exe" ./code00.py
> Python 3.10.9 (tags/v3.10.9:1dd9be6, Dec 6 2022, 20:01:21) [MSC v.1934 64 bit (AMD64)] 064bit on win32
>
> New PId: 20512
>
> Done.
And a new Cmd window popped up. Note that my user has full administrative (God like) privileges.
Similar situations:
-
[SO]: Get the title of a window of another program using the process name (@CristiFati's answer)
-
[SO]: Python3 get process base-address from PID (@CristiFati's answer)
英文:
It's not a good idea to mix libraries / tools / frameworks, when things can be done in one of them. In this case:
-
[GitHub]: mhammond/pywin32 - Python for Windows (pywin32) Extensions is a Python wrapper over WinAPIs. Documentation (WiP) can be found at [GitHub.MHammond]: Python for Win32 Extensions Help (or [ME.TimGolden]: Python for Win32 Extensions Help)
-
[Python.Docs]: ctypes - A foreign function library for Python
At 1<sup>st</sup> glance, this situation seems to be one of the exceptions, as CreateProcessWithTokenW is not wrapped by PyWin32.
I played a bit with your code after fixing some errors:
-
Pass
h_token.handleto CreateProcessWithTokenW -
Fix Undefined Behavior (check [SO]: C function called from Python via ctypes returns incorrect value (@CristiFati's answer) for a common pitfall when working with CTypes (calling functions))
but I couldn't get it to work (got ERROR_TOKEN_ALREADY_IN_USE). Note that I didn't spend much time investigating (adjusting the token privileges, ...), because I paid more attention to what [MS.Learn]: CreateProcessWithTokenW function (winbase.h) states:
> The process that calls CreateProcessWithTokenW must have the SE_IMPERSONATE_NAME privilege. If this function fails with ERROR_PRIVILEGE_NOT_HELD (1314), use the CreateProcessAsUser or CreateProcessWithLogonW function instead.
code00.py:
#!/usr/bin/env python
import sys
import win32api as wapi
import win32con as wcon
import win32process as wproc
import win32security as wsec
def main(*argv):
token = wsec.OpenProcessToken(wproc.GetCurrentProcess(), wsec.TOKEN_ALL_ACCESS)
#print(wsec.GetTokenInformation(token, wsec.TokenType))
app_name = "C:\\Windows\\System32\\cmd.exe"
creation_flags = wcon.CREATE_NEW_CONSOLE
si = wproc.STARTUPINFO()
hproc, hthr, pid, tid = wproc.CreateProcessAsUser(token, app_name, None,
None, None, 0, creation_flags,
None, None, si)
print("New PId: {:d}".format(pid))
wapi.CloseHandle(token)
if __name__ == "__main__":
print("Python {:s} {:03d}bit on {:s}\n".format(" ".join(elem.strip() for elem in sys.version.split("\n")),
64 if sys.maxsize > 0x100000000 else 32, sys.platform))
rc = main(*sys.argv[1:])
print("\nDone.\n")
sys.exit(rc)
Output:
>
> [cfati@CFATI-5510-0:e:\Work\Dev\StackOverflow\q075358233]> "e:\Work\Dev\VEnvs\py_pc064_03.10_test0\Scripts\python.exe" ./code00.py
> Python 3.10.9 (tags/v3.10.9:1dd9be6, Dec 6 2022, 20:01:21) [MSC v.1934 64 bit (AMD64)] 064bit on win32
>
> New PId: 20512
>
> Done.
>
And a new Cmd window popped up. Note that my user has full administrative (God like) privileges.
Similar situations:
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论