EasyHookSvc Requires Administrative Rights.

Mar 7, 2009 at 12:42 AM
I don't know how to re-open an issue so I figured I would post here instead.  This is regarding Issue #12670.

A random channel name is generated and then EasyHookXXSvc.exe is launched with the random channel name passed in as an argument to the created application.

When EasyHookSvc launches, it uses the random channel name to create an IPCServer with BuiltInAdministratorsSid which EasyHook.WOW64Bypass.Install tries to connect to shortly after.  If the injecting application doesn't have administrative rights it will be unable to connect to EasyHookSvc and therefor injection of EasyHook into the target process will fail.

Both functions are entirely in the EasyHook source code and out of the control of the end-programmer (short of changing the EasyHook source code as I did).
Mar 7, 2009 at 7:07 AM
Edited Mar 7, 2009 at 7:28 AM
Well OK... I see a solution. I will set the AdminSid only if IsAdministrator returns true within the service...