[Xearinox]

Hello.

I want run some process in Screen Saver Desktop for my homework. :D
But documentation for usermode api SwitchDesktop ( http://msdn.microsoft.com/en-us/library ... 85%29.aspx ) in MSDN says:

The SwitchDesktop function fails if the desktop belongs to an invisible window station. SwitchDesktop also fails when called from a process that is associated with a secured desktop such as the WinLogon and ScreenSaver desktops.

Is possible switch to screen saver from documented/undocumented kernel mode function?

Thanks.

[EP_X0FF]

SwitchDesktop->NtUserSwitchDesktop->syscall->ShadowSSDT::NtUserSwitchDesktop->xxxSwitchDesktop

I doubt you can hack this queue because it has multiple checkings on different levels, for example WSF_NOIO (is this non-interactive desktop?) checks in few places. Better create your own desktop and run process within it. Safe, fast and documented way.