23 replies to this topic

[AvvA]

Hi!

UAC Pass aims to make UAC-free shortcuts.
It was made to reduce the hassle of UAC prompts for frequently used applications requiring elevation, without shutting down the UAC protection (UAC is a great step forward about security).
UAC-free shortcuts are shortcuts pointing to scheduled tasks, these scheduled tasks being run with their creator's rights, it bypasses the prompt usually made by User Account Control.



Out of typical features related to scheduled tasks (session's start and multiple/single instance), I also implemented in 1.5 an easy way to use UAC Pass with programs located on a removable device such as a USB stick, it consists of storing into a batch file the relative path to shortcuts stored on the removable device that will produce UAC-free shortcuts on batch execution. With version 1.7 I added a list of freeing-tasks created, where you can launch and delete them, it aims to ease the USB Mode usage.

The script in itself works well under Windows 7 x64 and x86, theoretically all versions (Pro, family...), it should also work well under Vista despite I already get returns about something that doesn't work and which you can know about by reading the FAQ (Time pass and still no more return about Vista, as I don't have access to it, perhaps it was occasional bugs, or permanent ones, I can't know without Vista's users feedback).

• It requires to be logged in with an administrative account,
• It is fully portable,
• It works with drag & drop, single or multiple files,
• It can make shortcut to almost anything (not only applications),
• it keeps shortcuts' parameters,
• it can restore the original shortcut (and destroy the scheduled task & UAC-free shortcut),
• it has support for command-line.
• it has several working modes (CL, direct D&D onto uacpass.exe or a shortcut to it, or D&D over main gui).

It is useless for people that can't log in as administrators, it is also useless for people that want to make shortcuts that would bypass this UAC prompt under a common user account.


Despite it is only in English and in French, It should work with any localized Windows language (I would welcome feedback about pinning, or about non-ANSI characters in shortcut names).
I welcome any correction to English language.
About additional translations, I will welcome you to send me all translated variables and leave me update my program so it takes in account your language.

The source code is available and modifiable, but please, remember that UAC Pass itself is under Creative Commons (BY-NC-ND). If you wish to make a custom version, either to only change colors settings or to translate it in another language, please contact me.

Before asking anything, please, read UAC Pass inline help, it should cover everything.
Also read the main page and the FAQ. A changelog can be found in the UAC Pass sub-menus on the top left of the main page.


You can come to my site to download the tool or its sources*.
http:freeavvarea.r00t.la/UACPass-en

*Thanks to UEZ, the source code is now only 3 files: the icon, the main au3 program, and a second au3 which contains every pictures as binary strings.


I'd like to thanks: (click on their names to see the pieces of code)
- taz742 (multiple files drag&drop)
- trancexx (drag&drop with elevation)
- UEZ (load image to/from memory, seriously, it's Enormous!) Obviously I didn't used the version linked, but the 14-01-2012 one, whatever, it fulfill its purpose!
- Allow2010 (I used and modified some of the task scheduler COM functions he made)
- KaFu (Thanks for the suggestions about UEZ and Allow2010 work)



Cheers!


edit, 27 April 2012:
- Update to version 1.7a, compiled program and source code (re-updated links ^^').
This version correct a bug that was happening when you drag&drop some files onto UAC Pass GUI without the integrated tasks' list opened. Sorry, it happend because I only tested with this window opened...
It was a very basic error, I corrected it by adding at line 1260: GUISwitch($lat_win)

Edited by AvvA, 24 February 2013 - 11:36 PM.

[Mobius]

Very nice work AvvA, well done.

Ed: you have obviously spent a great deal of time on your work and that alone deserves the stars (if you care for such things).

Ed: worded your handle incorrectly I do apologize.

Edited by Mobius, 25 June 2012 - 07:48 PM.

[AvvA]

Thanks you.

I think similarly to this, obviously, if I didn't this little tool wouldn't be here.

I did pass some time on this, but I would prefer that you use different criteria than this to evaluate it ^^'

Don't worry about my handle, it gets hit whatever the spelling is, I use an advanced visual decoder called myopia, it renders the concept of edge inexistent

[Freedom86]

Hi all, I signed up to the forums just to say that a link/image from this page that links to AvvA's website was flagged by my Sophos software as being malicious due to some HTML scripting it was using. Could be a false positive but just a heads up!

[AvvA]

I updated the first post (and my site) to correct the source code linked which wasn't exactly the latest one. I also did some cleaning because I often speak to much to explain things that don't really need to be explained...

Hi all, I signed up to the forums just to say that a link/image from this page that links to AvvA's website was flagged by my Sophos software as being malicious due to some HTML scripting it was using. Could be a false positive but just a heads up!

Hi, can you be more precise on the warning you're receiving?
I have to update the google +1 button as much as the drupal core, may be that... anyway I would like to know details in order to know exactly from where it comes, if you don't mind.

[AvvA]

Updated first post to fit latest update (from today).

About False positives alerts on my site, please consider that I'm not owning r00t.la domain, I only use a subdomain freely, thus I'm not related to any other subdomain than freeavvarea.r00t.la.

[AvvA]

I updated links in first post to version 1.7a.
This version correct a bug that was happening when you drag&drop some files onto UAC Pass GUI without the integrated tasks' list opened. Sorry, it happend because I only tested with this window opened...
It was a very basic error, I corrected it by adding at line 1260: GUISwitch($lat_win)

2nd edit to main post: changed the lettercase of the source code link... sorry

Edited by AvvA, 27 April 2012 - 01:10 AM.

[philpav]

That's a useful tool AvvA! Thank you!

I'm currently using Launchy together with Everything as described here
Do you think it is possible to use UAC Pass with this combination in order to bypass the UAC prompt?

With Launchy I can pass a search query directly to Everything but the UAC Pass shortcut doesn't accept arguments or at least I didn't manage to get it working.

Any ideas?
Thanks & regards

[UEZ]

Glad to see that File to Base64 String Code Generator was useful for you.

Nice little useful tool with a nice GUI!


Br,
UEZ

Edited by UEZ, 06 July 2012 - 08:52 PM.

[AvvA]

First, I'm very sorry for the late reply, it seems that this forum doesn't allow to follow a topic more than a few days (weeks?)...

Both of you, thanks for the flowers ^^.

Philpav, I think you can't use UAC Pass to resolve your problem because a scheduled task, when launched, can't receive any other parameter (or at least I didn't find how). Let me know if you found a way.

[TheSaint]

Thanks for sharing!

[wraithdu]

Since I recently upgraded to Win 8 I decided to give UAC a chance. This little app became immediately useful

Suggestion - allow user to specify optional action parameters when dropping an executable or anything other than an existing shortcut.

And maybe a bug - as I understand it, using the Startup preset creates a BAT file which can recreate the startup task, but which should also allow the startup task to be removed if it is dropped on the UACPass dialog. Currently dropping this created BAT file on the UACPass dialog creates another startup task pointing to the BAT file, and overwrites the BAT file with a new one. Correct me if I'm mistaken about how this process works, the help available on this particular mode of operation was little unclear.

Thanks!

Edited by wraithdu, 01 November 2012 - 02:40 PM.

[AvvA]

Sorry for the late reply, I guess I missed the warning ^^'.

About optional parameters on .exe dropping: anyway you'll have to enter data, and this idea would make me code almost the same as a shortcut creation, because if I propose parameters, I could also propose name, comment and so on. Because it's already available and easy to do I think it's better to make a clean shortcut, with an appropriate name, comment and parameters, and then drop it onto UAC Pass, but I'll keep this idea in mind for the next time I'll be on this tool, thanks.

The batch file created with the "startup option" only intends to remove the task, don't drop it onto UAC Pass, launch it then delete it.
Before v1.7 there wasn't "Show UAC freeing tasks" panel (which allows to execute and/or delete any UAC freeing task from within UAC Pass), so this batch file was made to give an easy way of removing the task. It isn't necessary anymore, I'll remove it from the preset default.


Thank you

Edited by AvvA, 27 December 2012 - 08:08 PM.

[martin]

Does this work if the user has only standard rights? I thought that a scheduled task run by a standard user would still need Admin approval even if it was created by an administrator.

[wraithdu]

Nope, scheduled tasks run in whatever context they are created for. So if you specify that a task runs as SYSTEM, then it runs as SYSTEM regardless of who launches it. Same goes if you schedule it to run as a particular user. I haven't tested it since I don't have the setup to do so, but I would assume even a standard user could run a scheduled task that has already been created.

[AvvA]

By default, a scheduled task can only be run by someone having at least the same privilege level as the one required by the task.
With UAC Pass it is required to be an administrator to create, delete or use the tasks created.

It is possible to grant access to an administrative task to a common user, but the task will run on the creator's session.

I think there is no way for a common user to run an administrative task on his session without the administrator's login/password, because if it was possible, UAC would be useless.
I hope I'm right, but I'm not sure, as always with software.

Edited by AvvA, 02 January 2013 - 06:34 PM.

[martin]

Thanks AwA, that fits in with my experience, and my failures to make it otherwise, so I think you are probably correct.

[ptrex]

@Marin,

Tasks that trigger a UAC prompt http://en.wikipedia.org/wiki/User_Account_Control

Sessions, Desktops and Windows Stations

http://blogs.technet.com/b/askperf/archive/2007/07/24/sessions-desktops-and-windows-stations.aspx

Like in every IT concepts everything consists out of 0 and 1

Rgds
ptrex

[Garp99HasSpoken]

download links are broken

[lgvlgv]

YEP, Only says FORBIDDEN