Sign in to follow this  
Followers 0

Runas System


34 posts in this topic

#1 ·  Posted (edited)

I tried to run an app under LSA
using impersonate user, Runas Func and much more
but nothing helped
finally i found how to go ahead

Herez the script for anyone having the same problem

As per the License
Q: How many copies of Sysinternals utilities may I freely load or use on computers owned by my company?
A: There is no limit to the number of times you may install and use the software on your devices or those you support.
Installation and use will not cause any violation of the License

 

#NoTrayIcon
#include-once
Opt("MustDeclareVars", 1)


_Runas_SYSTEM('notepad.exe', '-heya')

;$sRunProgramAsSystem : The Program which has to be run under LSA
;$sParams : The parameters which have to be passed to the specific program
;$sSession : if the program is GUI based then the Session should be the Current Session Usually 1 , if null Console Session is used
;$sPriority : -low, -belownormal, -abovenormal, -high, -background or -realtime
Func _Runas_SYSTEM($sRunProgramAsSystem, $sParams = '', $sSession = 1, $sPriority = '-abovenormal'); Your Program Goes here.

    Local $sPath = @ScriptDir & '\PsExec.exe'
    If Not FileExists($sPath) Then
        MsgBox(16, 'Error', 'Please download the PsExec.exe from the upcoming site')
        ShellExecute('http://technet.microsoft.com/en-us/sysinternals/bb897553')
        Return SetError(1, 0, -1)
    EndIf

    If $sParams Then $sParams = ' ' & $sParams
    Local $aResult = ShellExecuteWait($sPath, '-i ' & $sSession & ' ' & $sPriority & ' -d -s -h "' & $sRunProgramAsSystem & '"' & $sParams, @SystemDir, 'open', @SW_HIDE)
    If @error Then ConsoleWrite('! > Error Occured  Error Code: ' & @error)
    Return $aResult

EndFunc   ;==>_Runas_SYSTEM

Regards
Phoenix XL

Edited by PhoenixXL

My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites



#2 ·  Posted

Nice. There is also a by user wraithdu that does not need any 3rd party executable to run things under LSA "Local System Account".


Things that I've done..

Icon Resource Editor: icon resource editor 

AutoIt Piano: a piano

AutoIt Unlocker: unlocks files when you want to delete them

Colorful tooltips: a wrapper for the tool tips UDF

Rouge GoogleBot: a full screen animation

ASciTE text editor: a text editor written in autoit

Warning: Posts by this user are subject to change or may disappear without notice.

Share this post


Link to post
Share on other sites

#3 ·  Posted

There is also a by user wraithdu that does not need any 3rd party executable to run things under LSA "Local System Account".

I have tried that but as I said i didnt had luck

therefore i made this script


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

#4 ·  Posted

It is difficult to run apps interactively from the system account since nt6.x was introduced (session separation). In nt5.x it was far easier. NtCreateThreadEx works fine here on my Windows 7 SP1 x64 in combination with WinExec, but is surely a dirty method. Something like CreateProcessAsUser and DuplicateTokenEx would probably be a much cleaner approach, but last time I tried this I failed. Anyway (and regardless of what api you use), at best you can run cmdline apps interactively across sessions on nt6.x, meaning any gui is blocked/not visible across sessions. Switching sessions will of course let you interact with gui's. Administrator privileges is of course necessary in order to run as the system account, unless you found a way to invalidate the Windows security model.

Share this post


Link to post
Share on other sites

#5 ·  Posted

yup i agree with u joakim

in my computer it worked therefore i shared it :P


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

#6 ·  Posted

What do I do if I receive this message?

!!!NOT RELOCATABLE MODULE. I WILL TRY BUT THIS MAY NOT WORK!!!

Share this post


Link to post
Share on other sites

#7 ·  Posted

Ignore that Message or just comment out that line from the Script

The PSEXEC.exe isnt a Relocatable Module therefore the message is popped


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

Hi Phoenix,

i am using W2k3 Enterprise and notepad is being executed as an admin but not system.

Rgds

deltar

[EDIT]

It is working as per the documentation.

Edited by deltar

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

@deltarocked ,

Is the name of your LSA, System or other programs start with the username SYSTEM ?

Edited by PhoenixXL

My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

#10 ·  Posted (edited)

Hi Phoenix ,

My appologies. its working as per the documentation. the only change which I have done is to remove '&$sSession&'

Regards

DeltaR

Edited by deltar

Share this post


Link to post
Share on other sites

#11 ·  Posted

What a laughably stupid fucking script. You imply too much credit to yourself silly.

For one, you don't give any credit to Mark Russinovich, who created that executable you're executing in memory using Trancexxs code.

But my point is, WHY?!? Why for fucking gods sake are you executing it from memory using that code you stupid fucking numb-nut dumbass? Holy shit and I hope you know it is against their user license agreement to distribute their software in any of the worthless crap you fabricate using other peoples shit.

Read their fucking user license agreement you stupid little bitch, before you get into trouble. You half ass script kiddie.

http://technet.microsoft.com/en-us/sysinternals/bb847944

Share this post


Link to post
Share on other sites

#12 ·  Posted (edited)

charming fellow. I wonder what bug bit his bum...

Edited by scullion

Share this post


Link to post
Share on other sites

#13 ·  Posted

Probably some tool that got banned and decided to do a little unrest.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

#14 ·  Posted (edited)

Hi Phoenix,

I had tried once converting psexec into the runbinary module but had failed . but this one has helped me immensely and will be utilising it one of my projects. It is being used to launch another autoit script as "System"

Thanks once again and regards

DeltaR

Edited by deltar

Share this post


Link to post
Share on other sites

#15 ·  Posted (edited)

LOL

Anyways if u wish to use then use it orelse dont use

@DoomsDayDanny,

BTW i didnt take any credit of the executable. If u know the name of the author why not make a novel for it <_<

Edited by PhoenixXL

My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

#16 ·  Posted

LOL

Anyways if u wish to use then use it orelse dont use

@DoomsDayDanny,

BTW i didnt take any credit of the executable. If u know the name of the author why not make a novel for it <_<

You are still distributing the program, even though the license clearly says you cant

Ever wanted to call functions in another process? ProcessCall UDFConsole stuff: Console UDFC Preprocessor for AutoIt OMG

Share this post


Link to post
Share on other sites

#17 ·  Posted

Illegal distribution is illegal.

PhoenixXL be smart. I expect the first thing you'll do when you'd be around is to deal with this.


 

.

eMyvnE

Share this post


Link to post
Share on other sites

#18 ·  Posted

Modified the script which now only installs and executes the executable ,

not violating the license

Explained in the first post


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

#19 ·  Posted (edited)

You are violating the license, see this quote from the link provided above.

Q: May I distribute Sysinternals utilities in my software, on my website, or with my magazine?

A: No. We are not offering any distribution licenses, even if the 3rd party is distributing them for free. We encourage people to download the utilities from our download center where they can be assured to get the most recent version of the utility.

Because you embedded it in your script, you are violating the part in green above. Edited by BrewManNH

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

#20 ·  Posted

yup maybe

again updated

Now it checks for PsExec in the script dir, if not present then notifies the User to download it from the website

Now it doesnt seem to be an UDF :mellow:


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0