Jump to content

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here. X
X


Photo

Enable/Disable Hidden Admin Account

admin account

  • Please log in to reply
14 replies to this topic

#1 Chimaera

Chimaera

    Sorry .. Where am i again?

  • Active Members
  • PipPipPipPipPipPip
  • 1,949 posts

Posted 24 April 2012 - 01:05 PM

A little something from me that will maybe help someone

AutoIt         
#RequireAdmin #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Outfile=Admin Unlocker.exe #AutoIt3Wrapper_Res_Fileversion=1.0.0.0 #AutoIt3Wrapper_Res_requestedExecutionLevel=requireAdministrator #AutoIt3Wrapper_AU3Check_Parameters=-d -w 1 -w 2 -w 3 -w- 4 -w 5 -w 6 -w- 7 #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #cs ----------------------------------------------------------------------------     AutoIt Version: 3.3.8.0     Author:      Chimaera     Requirements:    Windows 7     Script Function: Enable / Disable Hidden Admin Acc     Credits:        guinness, Rover, spudw2k #ce ---------------------------------------------------------------------------- #include <GUIConstantsEx.au3> #include <WindowsConstants.au3> ; ------------------------------------------------------------------------------ Global $GetName    = _GetLocalAdmin() ; ------------------------------------------------------------------------------ Local $GUI_Start = GUICreate("Admin Account", 200, 120, -1, -1, BitXOR($GUI_SS_DEFAULT_GUI, $WS_MINIMIZEBOX))  ; non resize gui Local $ButtonEnable = GUICtrlCreateButton("Enable Hidden Admin Acc", 10, 20, 180, 35) GUICtrlSetFont(-1, 10, "", "", "Tahoma") Local $ButtonDisable = GUICtrlCreateButton("Disable Hidden Admin Acc", 10, 64, 180, 35) GUICtrlSetFont(-1, 10, "", "", "Tahoma") Local $sAdminTest = _IsAdminEnabled()     If $sAdminTest = True Then GUICtrlSetState($ButtonEnable, $GUI_DISABLE)     If $sAdminTest = False Then GUICtrlSetState($ButtonDisable, $GUI_DISABLE) GUISetState() While 1     Local $nMsg = GUIGetMsg()     Switch $nMsg         Case $GUI_EVENT_CLOSE             Exit         Case $ButtonEnable                 _EnableAdminAcc()         Case $ButtonDisable                 _DisableAdminAcc()     EndSwitch WEnd Func _EnableAdminAcc()     If _IsAdminEnabled() = False Then         Run(@ComSpec & ' /c ' & 'net user ' & $GetName & ' /active:yes', "", @SW_HIDE) ; enables the hidden account         SplashTextOn("Working", "Hidden Admin Account Enabled", 300, 50)         Sleep(2000)         SplashOff()     Else         SplashTextOn("Warning", "Admin Account Is Already Enabled", 300, 50)         Sleep(2000)         SplashOff()     EndIf EndFunc   ;==>_EnableAdminAcc Func _DisableAdminAcc()     If _IsAdminEnabled() = True Then         Run(@ComSpec & ' /c ' & 'net user ' & $GetName & ' /active:no', "", @SW_HIDE) ; disables the hidden account         SplashTextOn("Working", "Hidden Admin Account Disabled", 300, 50)         Sleep(2000)         SplashOff()     Else         SplashTextOn("Warning", "Admin Account Is Already Disabled", 300, 50)         Sleep(2000)         SplashOff()     EndIf EndFunc   ;==>_DisableAdminAcc Func _IsAdminEnabled() ; By Rover, guinness & spudw2k ; checks if the hidden account is enabled     Local $oWMIService = ObjGet('winmgmts:\\localhost\root\CIMV2')     Local $oColItems = $oWMIService.ExecQuery('Select Disabled From Win32_UserAccount Where LocalAccount = True AND SID Like "%-500"', "WQL", 0x30)     If IsObj($oColItems) Then         For $oItem In $oColItems             Return $oItem.Disabled = False         Next     EndIf     Return True EndFunc   ;==>_IsAdminEnabled Func _GetLocalAdmin() ; Credits to spudw2k Checks for correct name of local account     Local $admin     Local $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & @ComputerName & "\root\cimv2")     Local $colItems = $objWMIService.ExecQuery("SELECT Name from Win32_UserAccount WHERE LocalAccount = True AND SID like '%-500'")     For $acct In $colItems         $admin = $acct.Name     Next     $objWMIService = 0     $colItems = 0     Return $admin EndFunc


Have Fun ;)

Edited by Chimaera, 14 May 2012 - 03:40 PM.

If Ive just helped you ... miracles do happen. Chimaera 

 

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()








#2 guinness

guinness

    all-consuming swarm in inconspicuous disguise

  • Developers
  • 17,173 posts

Posted 24 April 2012 - 01:22 PM

Ideal for a technician.

A couple of points, try not to declare variables within loops as it's known to cause a decrease in speed, if only minimal and...

In the spirit of using 'net user' here is how to extract the information on whether or not the Admin account is enabled.
#include <Constants.au3> ConsoleWrite(_IsAdminEnabled() & @CRLF) ; Check if the Administrator account is enabled. Func _IsAdminEnabled()     Local $iPID = Run(@ComSpec & ' /c net user Administrator', @SystemDir, @SW_HIDE, $STDOUT_CHILD + $STDERR_CHILD), $sReturn = ''     While 1         $sReturn &= StdoutRead($iPID)         If @error Then             ExitLoop         EndIf     WEnd     Local $aReturn = StringRegExp($sReturn, 'Account actives*(.*?)r', 3)     If @error Then         Return SetError(1, 0, False)     EndIf     Return $aReturn[0] = 'Yes' EndFunc   ;==>_IsAdminEnabled

Example List: _AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrGeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()LockFile()Mapping CtrlIDsParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...
Updated: 30/07/2014


#3 Chimaera

Chimaera

    Sorry .. Where am i again?

  • Active Members
  • PipPipPipPipPipPip
  • 1,949 posts

Posted 24 April 2012 - 02:00 PM

Updated Main Post with guinness loop suggestion

Edited by Chimaera, 24 April 2012 - 02:14 PM.

If Ive just helped you ... miracles do happen. Chimaera 

 

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()


#4 spudw2k

spudw2k

    passionately misinformed

  • Active Members
  • PipPipPipPipPipPip
  • 1,279 posts

Posted 09 May 2012 - 05:39 PM

I'm pretty sure the net user command will fail if say the administrator account has been renamed.

How about using the local admin SID?

Edited by spudw2k, 09 May 2012 - 05:40 PM.


#5 spudw2k

spudw2k

    passionately misinformed

  • Active Members
  • PipPipPipPipPipPip
  • 1,279 posts

Posted 10 May 2012 - 06:31 PM

Here's a little snippet to retrieve the Local Admin account name via WMI.
#RequireAdmin msgbox(0,"",_GetLocalAdmin()) Func _GetLocalAdmin()     $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!" & @ComputerName & "rootcimv2")     $colItems = $objWMIService.ExecQuery("SELECT Name from Win32_UserAccount WHERE LocalAccount = True AND SID like '%-500'")     For $acct In $colItems         $admin = $acct.Name     Next     $objWMIService = 0     $colItems = 0     Return $admin EndFunc

Edited by spudw2k, 10 May 2012 - 06:32 PM.


#6 Chimaera

Chimaera

    Sorry .. Where am i again?

  • Active Members
  • PipPipPipPipPipPip
  • 1,949 posts

Posted 10 May 2012 - 10:44 PM

Im not following this m8

if the account is a hidden account created when windows is installed or a mass produced pc etc

The account should always be the same name?

I can see that error checking on the account maybe be usefull like your example but is your example finding the same account?

If Ive just helped you ... miracles do happen. Chimaera 

 

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()


#7 spudw2k

spudw2k

    passionately misinformed

  • Active Members
  • PipPipPipPipPipPip
  • 1,279 posts

Posted 11 May 2012 - 10:27 PM

If your intent is for this script to only work on English Windows Deployments, or system where people have not renamed the admin account then there is no problem.

This was just my suggestion to correctly identify the admin account in any deployment, any windows OS (on which AutoIT runs of course) and any language (untested).

Perhaps you can "expect" the account to exist with the default name, but if that fails this will provide the correct admin account. Up to you how to implement (if at all).

Edited by spudw2k, 11 May 2012 - 10:28 PM.


#8 Chimaera

Chimaera

    Sorry .. Where am i again?

  • Active Members
  • PipPipPipPipPipPip
  • 1,949 posts

Posted 12 May 2012 - 06:35 AM

Ok i see what your saying now, basically not looking at the bigger picture.

Ok ill look into that thx again

If Ive just helped you ... miracles do happen. Chimaera 

 

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()


#9 burnell

burnell

    Wayfarer

  • Active Members
  • Pip
  • 55 posts

Posted 12 May 2012 - 10:43 AM

If you start the prog the first time, you don´t know, if it enabled or disabeled.
So it would be cool, if over the buttons a label or something else what it is.

#10 Chimaera

Chimaera

    Sorry .. Where am i again?

  • Active Members
  • PipPipPipPipPipPip
  • 1,949 posts

Posted 13 May 2012 - 08:31 AM

Updated First Post

Added Admin Account Name Check creds spudw2k
And buttons now enable/disable depending on account status

If Ive just helped you ... miracles do happen. Chimaera 

 

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()


#11 guinness

guinness

    all-consuming swarm in inconspicuous disguise

  • Developers
  • 17,173 posts

Posted 13 May 2012 - 08:52 AM

Nice function spudw2k.

I would add some error checking just in case using IsObj.
ConsoleWrite(_GetLocalAdmin() & @CRLF) Func _GetLocalAdmin() ; By spudw2k.     Local $oWMIService = ObjGet('winmgmts:{impersonationLevel=impersonate}!' & @ComputerName & 'rootcimv2')     Local $oColItems = $oWMIService.ExecQuery('Select Name From Win32_UserAccount Where LocalAccount = True AND SID Like "%-500"')     If IsObj($oColItems) Then         For $oItems In $oColItems             Return $oItems.Name         Next     EndIf     Return SetError(1, 0, '') EndFunc   ;==>_GetLocalAdmin

Example List: _AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrGeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()LockFile()Mapping CtrlIDsParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...
Updated: 30/07/2014


#12 Chimaera

Chimaera

    Sorry .. Where am i again?

  • Active Members
  • PipPipPipPipPipPip
  • 1,949 posts

Posted 13 May 2012 - 08:04 PM

Updated _GetLocalAdmin revision

If Ive just helped you ... miracles do happen. Chimaera 

 

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()


#13 spudw2k

spudw2k

    passionately misinformed

  • Active Members
  • PipPipPipPipPipPip
  • 1,279 posts

Posted 13 May 2012 - 10:59 PM

@guinness - You're right about the error handling. Thanks for the input.

@Chimaera - Couple last critiques.

Your IsAdminEnabled function:
It still calls "Administrator" instead of the $GetName var you implemented. You may also wish to add the "LocalAccount = True" param that I used if you intend to run the script in a "domain" environment ever, else it will search the entire domain which may signifcantly slow down your query depending on the number of accounts in the domain and network config. Also, "selecting" just the Disabled property as opposed to * may improve the return time of the query.

And last, your $GetName variable:
I would recommend just assigning it at the beggining of the script rather than calling each after each press (Not sure why'd you'd bother checking to see if the admin account name changed in between button presses).
Also if you assign it before you call IsAdminEnabled then you'd have the $GetName var ready.


I hope this doesn't come across as being cocky. I'm no expert, but I have learned a lot in the last 5+ years of using AutoIt. Just my two cents on how to shape things up. Take it or leave it. ;)

Edited by spudw2k, 13 May 2012 - 11:01 PM.


#14 guinness

guinness

    all-consuming swarm in inconspicuous disguise

  • Developers
  • 17,173 posts

Posted 13 May 2012 - 11:04 PM

Your IsAdminEnabled function:
It still calls "Administrator" instead of the $GetName var you implemented.

My fault.
Func _IsAdminEnabled() ; By Rover, guinness & spudw2k ; checks if the hidden account is enabled     Local $oWMIService = ObjGet('winmgmts:localhostrootCIMV2')     Local $oColItems = $oWMIService.ExecQuery('Select Disabled From Win32_UserAccount Where LocalAccount = True AND SID Like "%-500"', "WQL", 0x30)     If IsObj($oColItems) Then         For $oItem In $oColItems             Return $oItem.Disabled = False         Next     EndIf     Return True EndFunc   ;==>_IsAdminEnabled

Edited by guinness, 13 May 2012 - 11:06 PM.

Example List: _AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrGeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()LockFile()Mapping CtrlIDsParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...
Updated: 30/07/2014


#15 Chimaera

Chimaera

    Sorry .. Where am i again?

  • Active Members
  • PipPipPipPipPipPip
  • 1,949 posts

Posted 14 May 2012 - 03:41 PM

1st post updated to correct errors

Thx for making it better

If Ive just helped you ... miracles do happen. Chimaera 

 

CopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices()





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users