Interactive Session 0 in Windows 7

I'm trying to launch cmd.exe in session 0. So far I've done the following from an elevated command prompt:

sc config UI0Detect start= auto
net start UI0Detect

And the response indicates that the service was started correctly. It is at this point that I assumed if I switched to session 0, cmd.exe would be running.

I switch to session 0 using the following command:

rundll32 winsta.dll,WinStationSwitchToServicesSession

This successfully switches me to session 0, but the only window that's available is the one that has the option to return to session 1.

How do I get cmd.exe to launch in session 0?

Solution 1:

To launch cmd.exe in session 0, use psexec from Sysinternals

psexec.exe -s 0 cmd.exe

Now you have a console running in session 0,

you can also start cmd.exe in session 0 and display GUI:

psexec.exe -s -i 0 cmd.exe

that way when you switch to session 0, the cmd.exe will be waiting for you there.

you have as many rights as you can get in Windows 7:

whoami /all

if you use other PsTools, remember to use the /accepteula switch:

pslist /accepteula

otherwise the program pops up a message box to ask to accept the Eula, the program will hang because there is no UI in session 0 to close the message box.

To verify that you are running in session 0, you can use qprocess:

qprocess /ID:0

you will see your 'cmd.exe' among all the service processes.

Solution 2:

It won't work. It merely starts a process as System.

Services are programs written in a special way to accept commands from the service control manager.

MS has a utility that allows running a program as a service. It's called Srvany and is in the Windows 2003 Resource Kit Tools.

Download Windows Server 2003 Resource Kit Tools