I Have been able to resolve this issue myself, thanks for all of those who have looked at this question.
Ok, so as i mentioned above - the Token belongs to a process which is running in session 0...
so what i have done...is looked for a token of a process that is not running in session 0.
when you take it's process id as the parameter for OpenProcessToken.
than the CreateProcessAsUser will create the process in the same session (and probably with the same cridentals as the process you have chosen);
The problem was that i couldn't have get any details on most of the processes using the function: QueryFullProcessImageName - because it has a bug, and it doesn't work on proccesses that are created from a path that contains spaces (like C:Program files for instance)
and another issue with that function i guess is that because i'm running the original process using a user cridentals i can't access the information of a process that is running using the Local-system account. which is pretty bad because i wanted to take the winlogon.exe as my process (because it indicate a new opened session).
also in order to succeeed in that trick, you must play a little bit with the security of the system, in order to allow the process to ask for elevated security:
what i have chosen to get elevated for is :
SeDebugPrivilege - for finding information on the running processes
SeAssignPrimaryTokenPrivilege - in order to run a new process with the token i extracted from the user session process(i.e explorer.exe)
SeCreateTokenPrivilege - i dont know if it is needed but i did it anyway because it sounds related.
in order to succeed in elevating this Privileges - you must add the user that run the process to the relevant users in all of this Privileges in run->gpedit.msc or run->secpol.msc (under Local Computer PolicyComputer Configuration Windows SettingsSecurity settings LocalPoliciesUser Rights Assignments)
add your account to the following rights(compaitable with the Previleges above) :
Create a token object
Debug Programs
Replace a Process level token
and that is it! :)
it has been working Great!
Btw, you might want to disable all the UAC stuff...i dont know if it is related or not, but it has made the working with 2008 less painful - no more annoying popups.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…