Jump to content
Sign in to follow this  
PhoenixXL

Runas System

Recommended Posts

PhoenixXL

I tried to run an app under LSA
using impersonate user, Runas Func and much more
but nothing helped
finally i found how to go ahead

Herez the script for anyone having the same problem

As per the License
Q: How many copies of Sysinternals utilities may I freely load or use on computers owned by my company?
A: There is no limit to the number of times you may install and use the software on your devices or those you support.
Installation and use will not cause any violation of the License

 

#NoTrayIcon
#include-once
Opt("MustDeclareVars", 1)


_Runas_SYSTEM('notepad.exe', '-heya')

;$sRunProgramAsSystem : The Program which has to be run under LSA
;$sParams : The parameters which have to be passed to the specific program
;$sSession : if the program is GUI based then the Session should be the Current Session Usually 1 , if null Console Session is used
;$sPriority : -low, -belownormal, -abovenormal, -high, -background or -realtime
Func _Runas_SYSTEM($sRunProgramAsSystem, $sParams = '', $sSession = 1, $sPriority = '-abovenormal'); Your Program Goes here.

    Local $sPath = @ScriptDir & '\PsExec.exe'
    If Not FileExists($sPath) Then
        MsgBox(16, 'Error', 'Please download the PsExec.exe from the upcoming site')
        ShellExecute('http://technet.microsoft.com/en-us/sysinternals/bb897553')
        Return SetError(1, 0, -1)
    EndIf

    If $sParams Then $sParams = ' ' & $sParams
    Local $aResult = ShellExecuteWait($sPath, '-i ' & $sSession & ' ' & $sPriority & ' -d -s -h "' & $sRunProgramAsSystem & '"' & $sParams, @SystemDir, 'open', @SW_HIDE)
    If @error Then ConsoleWrite('! > Error Occured  Error Code: ' & @error)
    Return $aResult

EndFunc   ;==>_Runas_SYSTEM

Regards
Phoenix XL

Edited by PhoenixXL

My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites
Skitty

Nice. There is also a by user wraithdu that does not need any 3rd party executable to run things under LSA "Local System Account".


Things that I've done..

Icon Resource Editor: icon resource editor 

AutoIt Piano: a piano

AutoIt Unlocker: unlocks files when you want to delete them

Colorful tooltips: a wrapper for the tool tips UDF

Rouge GoogleBot: a full screen animation

ASciTE text editor: a text editor written in autoit

Warning: Posts by this user are subject to change or may disappear without notice.

Share this post


Link to post
Share on other sites
PhoenixXL

There is also a by user wraithdu that does not need any 3rd party executable to run things under LSA "Local System Account".

I have tried that but as I said i didnt had luck

therefore i made this script


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites
joakim

It is difficult to run apps interactively from the system account since nt6.x was introduced (session separation). In nt5.x it was far easier. NtCreateThreadEx works fine here on my Windows 7 SP1 x64 in combination with WinExec, but is surely a dirty method. Something like CreateProcessAsUser and DuplicateTokenEx would probably be a much cleaner approach, but last time I tried this I failed. Anyway (and regardless of what api you use), at best you can run cmdline apps interactively across sessions on nt6.x, meaning any gui is blocked/not visible across sessions. Switching sessions will of course let you interact with gui's. Administrator privileges is of course necessary in order to run as the system account, unless you found a way to invalidate the Windows security model.

Share this post


Link to post
Share on other sites
PhoenixXL

yup i agree with u joakim

in my computer it worked therefore i shared it :P


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites
jazzyjeff

What do I do if I receive this message?

!!!NOT RELOCATABLE MODULE. I WILL TRY BUT THIS MAY NOT WORK!!!

Share this post


Link to post
Share on other sites
PhoenixXL

Ignore that Message or just comment out that line from the Script

The PSEXEC.exe isnt a Relocatable Module therefore the message is popped


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites
DeltaRocked

Hi Phoenix,

i am using W2k3 Enterprise and notepad is being executed as an admin but not system.

Rgds

deltar

[EDIT]

It is working as per the documentation.

Edited by deltar

Share this post


Link to post
Share on other sites
PhoenixXL

@deltarocked ,

Is the name of your LSA, System or other programs start with the username SYSTEM ?

Edited by PhoenixXL

My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites
DeltaRocked

Hi Phoenix ,

My appologies. its working as per the documentation. the only change which I have done is to remove '&$sSession&'

Regards

DeltaR

Edited by deltar

Share this post


Link to post
Share on other sites
DoomsDayDanny

What a laughably stupid fucking script. You imply too much credit to yourself silly.

For one, you don't give any credit to Mark Russinovich, who created that executable you're executing in memory using Trancexxs code.

But my point is, WHY?!? Why for fucking gods sake are you executing it from memory using that code you stupid fucking numb-nut dumbass? Holy shit and I hope you know it is against their user license agreement to distribute their software in any of the worthless crap you fabricate using other peoples shit.

Read their fucking user license agreement you stupid little bitch, before you get into trouble. You half ass script kiddie.

http://technet.microsoft.com/en-us/sysinternals/bb847944

Share this post


Link to post
Share on other sites
BrewManNH

Probably some tool that got banned and decided to do a little unrest.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites
DeltaRocked

Hi Phoenix,

I had tried once converting psexec into the runbinary module but had failed . but this one has helped me immensely and will be utilising it one of my projects. It is being used to launch another autoit script as "System"

Thanks once again and regards

DeltaR

Edited by deltar

Share this post


Link to post
Share on other sites
PhoenixXL

LOL

Anyways if u wish to use then use it orelse dont use

@DoomsDayDanny,

BTW i didnt take any credit of the executable. If u know the name of the author why not make a novel for it <_<

Edited by PhoenixXL

My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites
Shaggi

LOL

Anyways if u wish to use then use it orelse dont use

@DoomsDayDanny,

BTW i didnt take any credit of the executable. If u know the name of the author why not make a novel for it <_<

You are still distributing the program, even though the license clearly says you cant

Ever wanted to call functions in another process? ProcessCall UDFConsole stuff: Console UDFC Preprocessor for AutoIt OMG

Share this post


Link to post
Share on other sites
trancexx

Illegal distribution is illegal.

PhoenixXL be smart. I expect the first thing you'll do when you'd be around is to deal with this.


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites
PhoenixXL

Modified the script which now only installs and executes the executable ,

not violating the license

Explained in the first post


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites
BrewManNH

You are violating the license, see this quote from the link provided above.

Q: May I distribute Sysinternals utilities in my software, on my website, or with my magazine?

A: No. We are not offering any distribution licenses, even if the 3rd party is distributing them for free. We encourage people to download the utilities from our download center where they can be assured to get the most recent version of the utility.

Because you embedded it in your script, you are violating the part in green above. Edited by BrewManNH

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites
PhoenixXL

yup maybe

again updated

Now it checks for PsExec in the script dir, if not present then notifies the User to download it from the website

Now it doesnt seem to be an UDF :mellow:


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Similar Content

    • SanCon
      By SanCon
      Greetings,
      I've found and used @TheDcoder's ProcessEX UDF, and have found it and invaluable tool in my scripting arsenal. Recently, I found myself needing to create a script which then attempts to run another program as a different user. I was able to heavily borrow from the _Process_RunCommand function to create _Process_RunAsCommand:
      ; #FUNCTION# ==================================================================================================================== ; Name ..........: _Process_RunAsCommand ; Description ...: Runs a command or an executable under a different user security privilege. ; Syntax ........: _Process_RunAsCommand($iMode, $sUserName, $sUserPass, $sUserDomain, $sExecutable [, $sWorkingDir = @TempDir [, $iRunOptFlag = $STDERR_MERGED]]) ; Parameters ....: $iMode - Mode in which this function should operate, See Remarks. ; $sUserName - User name under which you would like to run the command/executable. ; $sUserPass - Password for $sUserName. ; $sUserDomain - Domain name to which the $sUserName belongs. ; $sExecutable - The command to run/execute (along with any arguments). ; $sWorkingDir - [optional] The working directroy for the command. Default is @TempDir. $sUserName must have ; privileges to create/modify files on this directory. ; $iRunOptFlag - [optional] The Opt flag for the Run function. Default is $STDERR_MERGED. ; Return values .: Success: Mode $PROCESS_RUN : Will return the process handle & @extended will contain the PID of the command ; Mode $PROCESS_RUNWAIT : Will return the output & @extended will contain the exit code for the function ; Failure: Will return False & @error will contain: ; 1 - If the $iMode flag is invalid ; 2 - If the command is invalid ; Author ........: J. Sanchez, heavily borrowing from code by TheDcoder ; Modified ......: N/A ; Remarks .......: 1. The ONLY valid modes are: $PROCESS_RUN & $PROCESS_RUNWAIT ; $PROCESS_RUN : Will act similarly to Run function, See Return values ; $PROCESS_RUNWAIT : Will act similarly to RunWait function, See Return values ; If you use $PROCESS_RUN then use _Process_GetExitCode to get the exit code & use StdoutRead to get the output of the command ; 2. Use $PROCESS_COMMAND to run commands like this: $PROCESS_COMMAND & "ping 127.0.0.1" ; 3. Add $PROCESS_DEBUG to $iMode to automagically debug the command, $PROCESS_RUN is equivalent to $PROCESS_RUNWAIT in this case ; Related .......: RunAs, RunWait ; Link ..........: http://bit.ly/ProcessUdfForAutoIt ; Example .......: Yes, see example.au3 ; ===============================================================================================================================; Functions Func _Process_RunAsCommand($iMode, $sUserName, $sUserPass, $sUserDomain, $sExecutable, $sWorkingDir = @TempDir, $iRunOptFlag = $STDERR_MERGED) Local $iExitCode = 0 ; Declare the exit code variable before hand Local $sOutput = "" ; Declare the output variable before hand Local $bDebug = False ; Declare the debug variable before hand If BitAND($iMode, $PROCESS_DEBUG) Then $bDebug = True If BitAND($iMode, $PROCESS_RUN) Then $iMode = $PROCESS_RUN ElseIf BitAND($iMode, $PROCESS_RUNWAIT) Then $iMode = $PROCESS_RUNWAIT Else Return SetError(1, 0, False) EndIf ; If Not $iMode = $PROCESS_RUN Or Not $iMode = $PROCESS_RUNWAIT Then Return SetError(1, 0, False) ; If the mode is invalid... ;Local $iPID = Run($sExecutable, $sWorkingDir, @SW_HIDE, $iRunOptFlag) ; Run!!! :P Local $iPID = RunAs($sUserName,$sUserDomain,$sUserPass,BitAND(0,4),$PROCESS_COMMAND & " " & $sExecutable,$sWorkingDir,@SW_HIDE,$iRunOptFlag) If @error Then Return SetError(2, @error, False) ; If the command is invalid... Local $hProcessHandle = _Process_GetHandle($iPID) ; Get the handle of the process If $iMode = $PROCESS_RUN Then If Not $bDebug Then Return SetExtended($iPID, $hProcessHandle) ; If the function is in Run mode then return the PID & Process Handle $sOutput = _Process_DebugRunCommand($hProcessHandle, $iPID) ; Debug the process $iExitCode = _Process_GetExitCode($hProcessHandle) ; Note the exit code Return SetExtended($iExitCode, $sOutput) ; Return the output & exit code EndIf If Not $bDebug Then While ProcessExists($iPID) $sOutput &= StdoutRead($iPID) ; Capture the output Sleep(250) ; Don't kill the CPU WEnd $sOutput &= StdoutRead($iPID) ; Capture any remaining output $iExitCode = _Process_GetExitCode($hProcessHandle) ; Note the exit code Return SetExtended($iExitCode, $sOutput) ; Return the exit code & the output :D EndIf $sOutput = _Process_DebugRunCommand($hProcessHandle, $iPID) ; Debug the process $iExitCode = _Process_GetExitCode($hProcessHandle) ; Note the exit code Return SetExtended($iExitCode, $sOutput) ; Return the output & exit code EndFunc The issue that I currently have is that, regardless of what the errorlevel returned by the program being executed, the errorlevel returned by the _Process_RunAsCommand is 259, which, according to this page it means that there's no more data (I'm guessing from the STDIO and STDERR?)
      Any guidance would be greatly appreciated.
    • damon
      By damon
      Hello,
      You guys helped me years ago to address logging in with a different account than the user.  I have sense modified it over the years due to laptops syncing with AD which is why you will see 3 different passwords.  So, this script snippet has worked for me in many things i have written but I am all the sudden having an issue getting it to work.  I have verified that the password i am using for the local user account is $pass.  Verified by doing a run as different user on Chrome and cut and pasted the password out of the script just to make sure i was not fat fingering something.  
      I get a fail back from RunAs every time.   
      Any chance you guys see something i am doing wrong?
       
      #include <MsgBoxConstants.au3> #include <WinAPIFiles.au3> ;#RequireAdmin If $CmdLine[0] > 0 Then If $CmdLine[1] = "/Install" Then RunUpdate() Exit EndIf ;;Will check users account to determine if admin, if not will Run with admin rights -------------------------------------------------------------- ;;Varables Start Local $user = ".\user" Local $pass = "password1" Local $pass2 = "password2" Local $pass3 = "password3" Local $filetorun = @ScriptFullPath & " /Install" ;;Varables End If IsAdmin () = 0 Then If RunAs ( $user, @CompterName, $pass, $RUN_LOGON_NOPROFILE,$filetorun) = 0 Then ;If RunAs ( $user, @ComputerName, $pass2, 0,$filetorun) = 0 Then ;If RunAs ( $user, @ComputerName, $pass3, 0,$filetorun) = 0 Then ;MsgBox (0,"Installation Error", "This installation was interrupted due to an incorrect Admin Password") ;Exit ;EndIf ;EndIf EndIf Exit Else Run ($filetorun) EndIf Func RunUpdate() MsgBox(0,"worked","worked") EndFunc
    • HariKara
      By HariKara
      Hi AutoIters!
       
      Im trying to launch a .exe file that is nested within the program files (x86) folder structure. i have already used the standard RunAs Syntax and found that it fails to launch the application. I have switched to Run and that seems to work. My issue is I have to use RunAs as the applicaton would need to run under a completely different account. The Current logged in user is a Local User on the machine, however, the application must be run as a domain user. The Machine is domain connected.
       
       have tried the following:
      RunAs("username","logonpassword", $RUN_LOGON_PROFILE, "D:\Program Files (x86)\Vendor\Application Name\Exe Location\Executable.exe") The above fails to launch, there are no errors or syntax issues, it just does nothing when the variables are replaced for the correct values.
      I did the same using the Run command
      Run("D:\Program Files (x86)\Vendor\Application Name\Exe Location\Executable.exe") That seems to work fine, but runs in local user context. Any thoughts? Could it be a local Machine rights issue? Or have i missed something glaring in my script
    • PINTO1927
      By PINTO1927
      HI GUYS,
      I'm trying to run this script with an advanced domain user, but when compiling the cmd it returns access denied, as if it did not recognize the user of AD.
       
      RunAsWait("administrator", "CONTOSO", "Services.1", 2, "C:\Users\albert.frizz\Desktop\test.bat")
       
      can you help me please?
    • nacerbaaziz
      By nacerbaaziz
      Hi dear
      I have a question
      about the display language of the system
      How can I get the current display language and how can I change it by autoit
      Of course, if this is possible
      Greetings to all and hope you help me
×