J
jay
I am attempting to impersonate an account in ASPNET. I am using
aspnet_setreg to store the username and passwords. I have given the
ASPNET account permisision to read the registry values. However, the
application throws:
"Could not create Windows user token from the credentials specified in
the config file. Error from the operating system 'A required privilege
is not held by the client'."
This occurs even when the ASPNET account has TCB privileges.
When moitoring the registry with regmon I see the following:
67 3.69724321 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
0x20019
68 3.69729805 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second BUFFER
OVERFLOW
69 3.69735813 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second SUCCESS 01
00 00 00 D0 8C 9D DF ...
70 3.69899845 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
71 3.69913554 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
0x20019
72 3.69917965 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first BUFFER
OVERFLOW
73 3.69923687 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first SUCCESS 01
00 00 00 D0 8C 9D DF ...
74 3.70052648 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
75 3.71294332 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
0x20019
76 3.71299791 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second BUFFER
OVERFLOW
77 3.71305823 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second SUCCESS 01
00 00 00 D0 8C 9D DF ...
78 3.71464062 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
79 3.71477723 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
0x20019
80 3.71482134 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first BUFFER
OVERFLOW
81 3.71487856 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first SUCCESS 01
00 00 00 D0 8C 9D DF ...
82 3.71617508 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
I'm not sure what's causing the buffer overflow.
Other info: Server 2000, .NET Framework v1.1.4322
Thanks for your input.
-Jay
aspnet_setreg to store the username and passwords. I have given the
ASPNET account permisision to read the registry values. However, the
application throws:
"Could not create Windows user token from the credentials specified in
the config file. Error from the operating system 'A required privilege
is not held by the client'."
This occurs even when the ASPNET account has TCB privileges.
When moitoring the registry with regmon I see the following:
67 3.69724321 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
0x20019
68 3.69729805 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second BUFFER
OVERFLOW
69 3.69735813 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second SUCCESS 01
00 00 00 D0 8C 9D DF ...
70 3.69899845 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
71 3.69913554 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
0x20019
72 3.69917965 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first BUFFER
OVERFLOW
73 3.69923687 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first SUCCESS 01
00 00 00 D0 8C 9D DF ...
74 3.70052648 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
75 3.71294332 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
0x20019
76 3.71299791 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second BUFFER
OVERFLOW
77 3.71305823 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\second SUCCESS 01
00 00 00 D0 8C 9D DF ...
78 3.71464062 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
79 3.71477723 aspnet_wp.exe:2212 OpenKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS Access:
0x20019
80 3.71482134 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first BUFFER
OVERFLOW
81 3.71487856 aspnet_wp.exe:2212 QueryValue HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG\first SUCCESS 01
00 00 00 D0 8C 9D DF ...
82 3.71617508 aspnet_wp.exe:2212 CloseKey HKLM\SOFTWARE\FortyTwo\Extra\ASPNET_SETREG SUCCESS
I'm not sure what's causing the buffer overflow.
Other info: Server 2000, .NET Framework v1.1.4322
Thanks for your input.
-Jay