First of all I want to explain my scenario a little bit: I have to maintain a legacy software product (25+ years old) based on plain old WinAPI. The difficulty is, that we have no code for that, and the original author company is long gone (RIP @ 1997), but they left us a plugin API, and some statements like we are free to do with it what we want. So we did some x86 reverse engineering and have written a lot of plugin code and theoretically everything is fine. And the application still does its job perfectly. It even does its job perfectly on Windows 10 beside one little issue:
As soon as a user tries to save its data to the user documents folder the application sometimes (not always!) has no access to create&write/overwrite a file there. We have tracked that down to some old fopen
, fwrite
, fprintf
calls, which are prevented when the Windows 10 Defender ransomware protection is enabled.
e.g.
mov ecx, [esp+3Ch+access]
push ecx
lea edx, [esi+eax+400h]
push edx
call _fopen
Or
push offset SomeDataOffset
push eax
push edx
push offset FormatOffset
push ebx
call _fprintf
(And many more.)
The thing is that I don't want to tell the users to run the application in administrator mode to (maybe?) bypass that, because in some cases the even can't. And I'm not even sure whether this works. So my best choice would be some replacement code, which does some elevation or general asking for permission to the system/user, which then allows to write the data to that directory/file.
So the question is, what can I do about it? I know how to replace that code, but not by what.
TL;DR
Is there any magical WinAPI or whatever function/code, that allows me requesting permission (maybe with a system popup for the user) to write to a specific file path? (But which does not require administrator permissions)