We Keep Coding

How to open Windows Settings Pages from code in C#?

How do I open Windows settings like the ones below from code in C#? I'm not trying to manipulate them, but to just open them for the user.
Sorry, I don't even know the right keywords for this question.
(Screenshots are in German.)
Edit: (in addition to the answers)
Search in C:\Windows\System32\ for *.cpl or *.msc. A few interesting ones:
firewall.cpl
hdwwiz.cpl

try this to run Network-Adapter-Settings
ProcessStartInfo startInfo = new ProcessStartInfo("NCPA.cpl");
startInfo.UseShellExecute = true;
Process.Start(startInfo);

You can open both via:
Process.Start("ncpa.cpl");
Process.Start("explorer.exe", #"shell:::{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}");

You can just use;
System.Diagnostics.Process.Start("NCPA.cpl");

OS Command Injection from Process.Start

My application is using Process.Start for opening another application to run. VeraCode [a security software scanning tool] reported this command as OS Command Injection Vulnerable. I would like to get some comment. I have found a lot of information on the web regarding to filter the input or to constraint the program name; however, I am curious to see if there's any other alternatives of using Process.Start?
Edit:
Thanks for the comment, here is one of the sample, and yes, it is getting input from users:
public static void Run(string fileName, string arguments, bool waitForExit)
{
Process p = Process.Start(fileName, arguments);
if (waitForExit)
p.WaitForExit();
}
Thanks!

This is a command injection vulnerability because you have not filtered out the users input from the function and directly appended to the process.start()
Due to this, the tool has marked it as a vulnerability.
To avoid this issue you should use regex method to filter out the bad characters and depending on what that function is going to do when it gets run.
for eg. you function is created only to check from this path c:/users/docs.txt
then that function should not get executed for c:/admin/docs.txt.
This is how you need to validate before sending the user data directly into the process.
For more information refer this awesome link : https://dotnet-security-guard.github.io/SG0001.htm
or
https://www.veracode.com/security/dotnet/cwe-78

The Process class is nothing else then a Managed wrapper class the the Native Create Process and its Variations like Create Process As User .
Process MSDN
Process
SourceCode
I don't think that there is another way to start a process than this, because every other solution would also call the WinAPI function. ( because this function (or its overloads and Variations) is the only way to start a process in Windows).
Personally, I have not heard anything about a problem with Process.Start please clarify the problem
regards

I ran into this as well. You need to set the UseShellExecute property to false. Then Veracode will not consider it a vulnerability.
using (WinProcess myProcess = new WinProcess())
{
myProcess.StartInfo.FileName = "notepad.exe";
myProcess.StartInfo.Arguments = Path.GetFileName(fullPath);
myProcess.StartInfo.UseShellExecute = false;
myProcess.StartInfo.WorkingDirectory = Path.GetDirectoryName(fullPath);
myProcess.StartInfo.RedirectStandardOutput = false;
myProcess.Start();
}

Open Internet Properties and wait until user close it C#

Is there any possibility to open Internet Properties window..
Code:
System.Diagnostics.Process p;
p = System.Diagnostics.Process.Start("InetCpl.Cpl", ",4");
..and wait until user close it? (and then check internet connection and continue)
This code not work:
p.WaitForExit();
I think this problem is related to Open explorer window and wait for it to close but solution for this contains only tips specific for windows explorer browser window.
Can I do this in C#?
Solution
Someone put here (only for a short moment) this full command how to open Internet Properties window:
C:\Windows\system32\rundll32.exe C:\Windows\system32\shell32.dll,Control_RunDLL C:\Windows\system32\inetcpl.cpl,,4
I tried it .. and really .. it works!
System.Diagnostics.Process p;
p = System.Diagnostics.Process.Start("rundll32.exe",
#"C:\Windows\system32\shell32.dll,Control_RunDLL"
+ " C:\Windows\system32\inetcpl.cpl,,4");
p.WaitForExit();
MessageBox.Show("Properties closed");
I get "Properties closed" message only after I close Properties window.
No PID needed .. easy and perfectly elegant solution.
If the user that wrote the original response with this command write it again, I accept his solution.

Use the below Code to open control panel in separate process:
System.Diagnostics.Process.Start(#"C:\Windows\system32\rundll32.exe"
, #"C:\Windows\system32\shell32.dll,Control_RunDLL"
+ " C:\Windows\system32\inetcpl.cpl,,4");
and then you can WaitForExit();

Display the "Devices and Printers" window via C#?

Using C#, how can I display the "Devices and Printers" window as shown in this screenshot?

An application can open the Control Panel programmatically by executing control.exe in a new process. MSDN states that the preferred method to invoke a control panel item is to use its canonical name, which is nonlocalized and stable across versions. Beginning with Windows Vista, each Control Panel item has a canonical name; MSDN provides a list for the standard Windows control panel items. This list indicates that the canonical name for the Devices and Printers item is Microsoft.DevicesAndPrinters.
Control panel items can be opened in a new process by invoking control.exe with the canonical name as a parameter (/name <canonical name or GUID>):
//note: assumes (using System.Diagnostics and System.IO)
string controlpath = Path.Combine(
Environment.GetFolderPath(Environment.SpecialFolder.System),
"control.exe"); // path to %windir%\system32\control.exe
// (ensures the correct control.exe)
Process.Start(controlpath, "/name Microsoft.DevicesAndPrinters");

You can open the Devices & Printers window by running the command control printers in a Command Prompt.
Knowing that, you can run cmd with the /C argument to tell it to run that command:
Process.Start("cmd", "/C control printers");
If you'd prefer the Command Prompt not to show, you can use:
var Process = new Process();
var ProcessStartInfo = new ProcessStartInfo("cmd", "/C control printers");
ProcessStartInfo.WindowStyle = ProcessWindowStyle.Hidden;
Process.StartInfo = ProcessStartInfo;
Process.Start();

How to give IIS AppPool Desktop Rights

The action I need help about, is to execute a EXE file on own servers disk from a intranet-webpage, which IIS are on same server-installation. The webpage use a business layer to execute a ProcessStart together with given parameters.
When I perform the execution from web, the taskmanager show me that the application are starting up with the IIS AppPool of webpage as user. Few seconds later it's killed. In my database logs, I can see;
The Microsoft Jet database engine cannot open the file '\\computer\pathfile.ext'. It is already opened exclusively by another user, or you need permission to view its data.
That's correct. The EXE tool are, in turn, loading files from other computers. This is a special behavior which are well studied and well working while using the tool from desktop.
My goal/question,
I want this web-function-call behave with desktop rights. Is it possible at all?
The IIS AppPool have a regular setup with account ApplicationPoolIdentity. I appeared to be "lucky unwise", without knowledge about how much IIS 7.5 and Windows Server 2008 R2 raised the security model since <=IIS6.
I tried to change the app-pool user to NetworkService, Administrator.
I tried to set the application with app-pool as exec/read right
I even tried to let webapp to run a batch-file with a call to application inside..
Then I was begin to change the ProcessStart-behavior. And here, I
don't know much of what to do. I tried to add VERB runas. Force a
password prompt is not a solution here. I tried to simulate a
username/password. No luck there. I also tried to add runas /user:
blabla as parameters with ProcessStart, after used /savecred in a
desktop command window once. No luck there.
Maybe this should work but I just don't understand the correct setup of properties. I add the ProcessStart code snippet below, also added some commented code to let you see what I tried.
public string RunProcess(ApplicationType type, int param)
{
currentSelection = GetApplicationType(type);
ProcessStartInfo info = new ProcessStartInfo(currentSelection.Path);
info.CreateNoWindow = false;
info.UseShellExecute = true;
//info.UseShellExecute = false;
//info.ErrorDialog = false;
//info.UserName = "dummyUsEr";
//info.Password = this.SecurePwd("DummyPWd");
info.WindowStyle = ProcessWindowStyle.Normal;
info.Arguments = string.Format(" {0}", param.ToString());
using (Process exec = Process.Start(info))
{
try
{
exec.WaitForExit();
}
catch
{
}
}
return output;
}
EDIT
Just to be clear, and perhaps help some another guy/girl browsing to this question, I attach the snippet of Password-generation,
protected System.Security.SecureString SecurePwd(string pwd)
{
SecureString securePwd = new SecureString();
foreach (char ch in pwd.ToCharArray())
securePwd.AppendChar(ch);
return securePwd;
}

I see that you've tried putting in a specific username and password for the process start impersonation, but you say that the process accesses files on another computer and I don't see any mention of specifying a domain name which presumably you would need to access remote files?
So like this:
info.Domain = "domainname";
info.UserName = "dummyUsEr";
info.Password = "DummyPWd";
Also, what does this.SecurePwd() do and have you tried it with just the straight password string that you're passing into it?