Sign in to follow this  
Followers 0
PhoenixXL

Runas System

34 posts in this topic

#1 ·  Posted (edited)

I tried to run an app under LSA
using impersonate user, Runas Func and much more
but nothing helped
finally i found how to go ahead

Herez the script for anyone having the same problem

As per the License
Q: How many copies of Sysinternals utilities may I freely load or use on computers owned by my company?
A: There is no limit to the number of times you may install and use the software on your devices or those you support.
Installation and use will not cause any violation of the License

 

#NoTrayIcon
#include-once
Opt("MustDeclareVars", 1)


_Runas_SYSTEM('notepad.exe', '-heya')

;$sRunProgramAsSystem : The Program which has to be run under LSA
;$sParams : The parameters which have to be passed to the specific program
;$sSession : if the program is GUI based then the Session should be the Current Session Usually 1 , if null Console Session is used
;$sPriority : -low, -belownormal, -abovenormal, -high, -background or -realtime
Func _Runas_SYSTEM($sRunProgramAsSystem, $sParams = '', $sSession = 1, $sPriority = '-abovenormal'); Your Program Goes here.

    Local $sPath = @ScriptDir & '\PsExec.exe'
    If Not FileExists($sPath) Then
        MsgBox(16, 'Error', 'Please download the PsExec.exe from the upcoming site')
        ShellExecute('http://technet.microsoft.com/en-us/sysinternals/bb897553')
        Return SetError(1, 0, -1)
    EndIf

    If $sParams Then $sParams = ' ' & $sParams
    Local $aResult = ShellExecuteWait($sPath, '-i ' & $sSession & ' ' & $sPriority & ' -d -s -h "' & $sRunProgramAsSystem & '"' & $sParams, @SystemDir, 'open', @SW_HIDE)
    If @error Then ConsoleWrite('! > Error Occured  Error Code: ' & @error)
    Return $aResult

EndFunc   ;==>_Runas_SYSTEM

Regards
Phoenix XL

Edited by PhoenixXL

My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites



Nice. There is also a by user wraithdu that does not need any 3rd party executable to run things under LSA "Local System Account".


Things that I've done..

Icon Resource Editor: icon resource editor 

AutoIt Piano: a piano

AutoIt Unlocker: unlocks files when you want to delete them

Colorful tooltips: a wrapper for the tool tips UDF

Rouge GoogleBot: a full screen animation

ASciTE text editor: a text editor written in autoit

Warning: Posts by this user are subject to change or may disappear without notice.

Share this post


Link to post
Share on other sites

There is also a by user wraithdu that does not need any 3rd party executable to run things under LSA "Local System Account".

I have tried that but as I said i didnt had luck

therefore i made this script


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

It is difficult to run apps interactively from the system account since nt6.x was introduced (session separation). In nt5.x it was far easier. NtCreateThreadEx works fine here on my Windows 7 SP1 x64 in combination with WinExec, but is surely a dirty method. Something like CreateProcessAsUser and DuplicateTokenEx would probably be a much cleaner approach, but last time I tried this I failed. Anyway (and regardless of what api you use), at best you can run cmdline apps interactively across sessions on nt6.x, meaning any gui is blocked/not visible across sessions. Switching sessions will of course let you interact with gui's. Administrator privileges is of course necessary in order to run as the system account, unless you found a way to invalidate the Windows security model.

Share this post


Link to post
Share on other sites

yup i agree with u joakim

in my computer it worked therefore i shared it :P


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

What do I do if I receive this message?

!!!NOT RELOCATABLE MODULE. I WILL TRY BUT THIS MAY NOT WORK!!!

Share this post


Link to post
Share on other sites

Ignore that Message or just comment out that line from the Script

The PSEXEC.exe isnt a Relocatable Module therefore the message is popped


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

Hi Phoenix,

i am using W2k3 Enterprise and notepad is being executed as an admin but not system.

Rgds

deltar

[EDIT]

It is working as per the documentation.

Edited by deltar

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

@deltarocked ,

Is the name of your LSA, System or other programs start with the username SYSTEM ?

Edited by PhoenixXL

My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

#10 ·  Posted (edited)

Hi Phoenix ,

My appologies. its working as per the documentation. the only change which I have done is to remove '&$sSession&'

Regards

DeltaR

Edited by deltar

Share this post


Link to post
Share on other sites

#11 ·  Posted

What a laughably stupid fucking script. You imply too much credit to yourself silly.

For one, you don't give any credit to Mark Russinovich, who created that executable you're executing in memory using Trancexxs code.

But my point is, WHY?!? Why for fucking gods sake are you executing it from memory using that code you stupid fucking numb-nut dumbass? Holy shit and I hope you know it is against their user license agreement to distribute their software in any of the worthless crap you fabricate using other peoples shit.

Read their fucking user license agreement you stupid little bitch, before you get into trouble. You half ass script kiddie.

http://technet.microsoft.com/en-us/sysinternals/bb847944

Share this post


Link to post
Share on other sites

#13 ·  Posted

Probably some tool that got banned and decided to do a little unrest.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

#14 ·  Posted (edited)

Hi Phoenix,

I had tried once converting psexec into the runbinary module but had failed . but this one has helped me immensely and will be utilising it one of my projects. It is being used to launch another autoit script as "System"

Thanks once again and regards

DeltaR

Edited by deltar

Share this post


Link to post
Share on other sites

#15 ·  Posted (edited)

LOL

Anyways if u wish to use then use it orelse dont use

@DoomsDayDanny,

BTW i didnt take any credit of the executable. If u know the name of the author why not make a novel for it <_<

Edited by PhoenixXL

My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

#16 ·  Posted

LOL

Anyways if u wish to use then use it orelse dont use

@DoomsDayDanny,

BTW i didnt take any credit of the executable. If u know the name of the author why not make a novel for it <_<

You are still distributing the program, even though the license clearly says you cant

Ever wanted to call functions in another process? ProcessCall UDFConsole stuff: Console UDFC Preprocessor for AutoIt OMG

Share this post


Link to post
Share on other sites

#17 ·  Posted

Illegal distribution is illegal.

PhoenixXL be smart. I expect the first thing you'll do when you'd be around is to deal with this.


 

.

eMyvnE

Share this post


Link to post
Share on other sites

#18 ·  Posted

Modified the script which now only installs and executes the executable ,

not violating the license

Explained in the first post


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

#19 ·  Posted (edited)

You are violating the license, see this quote from the link provided above.

Q: May I distribute Sysinternals utilities in my software, on my website, or with my magazine?

A: No. We are not offering any distribution licenses, even if the 3rd party is distributing them for free. We encourage people to download the utilities from our download center where they can be assured to get the most recent version of the utility.

Because you embedded it in your script, you are violating the part in green above. Edited by BrewManNH

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

#20 ·  Posted

yup maybe

again updated

Now it checks for PsExec in the script dir, if not present then notifies the User to download it from the website

Now it doesnt seem to be an UDF :mellow:


My code:

PredictText: Predict Text of an Edit Control Like Scite. Remote Gmail: Execute your Scripts through Gmail. StringRegExp:Share and learn RegExp.

Run As System: A command line wrapper around PSEXEC.exe to execute your apps scripts as System (LSA). Database: An easier approach for _SQ_LITE beginners.

MathsEx: A UDF for Fractions and LCM, GCF/HCF. FloatingText: An UDF for make your text floating. Clipboard Extendor: A clipboard monitoring tool. 

Custom ScrollBar: Scroll Bar made with GDI+, user can use bitmaps instead. RestrictEdit_SRE: Restrict text in an Edit Control through a Regular Expression.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Similar Content

    • bstjohn
      Any way to make DirGetSize exclude hidden/system files?
      By bstjohn
      I'm working on a script to copy a subset of files and folders from a PC to a server.  I'm using the extended info from DirGetSize to show how many files and folders and total size that will be copied (copy being done by RoboCopy).  Then I run DirGetSize against the destination when the copy is done to compare against the DirGetSize from the copy source so I can know if anything got skipped.  I'm finding that a lot of stuff is getting skipped.  This lead me to realize that it's because DirGetSize is including files and folders that are hidden and/or system, and I'm excluding these in RoboCopy.  Is there anyway to excluded these from DirGetSize?   I've been unable to find a UDF as yet, and I'd like to do something a little more elegant than piping the output from DIR into a file and reading that back.
       
       
    • Milas
      runas access is denied
      By Milas
      Hey guys,
               for some reason when I run this command with run as in autoit it returns access is denied. but when I run the same thing in an elevated command shell it works fine. Im not sure where I am messing up.
      global $rtech,$rcred, $IP $rtech = inputbox("","username") $rcred = InputBox("","password") $ip = inputbox("","enter IP") $pid = Runas ($rtech,"mhs", $rcred, 2 ,@ComSpec & ' /c reg query \\' & $ip & '"\hklm\software\microsoft\windows\currentversion\group policy\state\machine"|findstr /i "disting"', @SystemDir, @SW_hide, $STDERR_CHILD + $STDOUT_CHILD) Local $line While 1 $line &= StdoutRead($pid) If @error Then ExitLoop WEnd While 1 $line &= StderrRead($pid) If @error Then ExitLoop WEnd MsgBox(0, "", $line)  
    • ces1a
      System Uptime on Windows10
      By ces1a
      I was looking for a way to find out how long my PC had been running a few weeks ago and had trouble finding something that satisfied my needs,  I found a Visual Basic Script that worked but found it too long. But searching trough AutoIt WINAPI help found that it really was as simple as the following little script.
      #include <WinAPISys.au3>
      #include <WinAPIMisc.au3>
      Local $Uptime = _WinAPI_StrFromTimeInterval(_WinAPI_GetTickCount())
      MsgBox(0, '', "PC Uptime ==> " & $UpTime)
      Hope it helps...
    • WoodGrain
      Run() executes on some computers but not others
      By WoodGrain
      Hi All,
      I've got a script setup to drop a program into a temp folder and then run it from there, but I have mixed results, the Run() command will work on some computers but not others. The file will be placed into the temp folder in all cases. Running AutoIT 3.3.14.0. The computers are all either Win 7 or 8.1, x64 (exe is compiled to x64 too), UAC is off, all have local admin rights - if I've missed something ask and I'll update the details.
      If Not FileExists (@TempDir & "\HCTB") Then DirCreate(@TempDir & "\HCTB") FileInstall("G:\IT\Downloads\TB\12.0.45471\Host\TB_Setup-sif7r8pgcq.exe", @TempDir & "\HCTB\TB_Setup-sif7r8pgcq.exe", 1) Local $iPID = Run(@TempDir & "\HCTB\TB_Setup-sif7r8pgcq.exe", "") Any suggestions?
      Thanks!
    • RaiNote
      Login/Register System
      By RaiNote
      Hi,
      How could i make a Login and Registering System with an Excel file which would be hosted at Dropbox.
      So i have a GUI There you could choose if u want to Login or Create an account. If u choosen Register new account you would have to make a Email a Username a Password and Password check. Before Registering it has to check if the Username and Email already exists if not you would be able to create and after this Login~
      My main Problem would be getting acces to the file at Dropbox and writing to Excel.
       
      Thank you very much who tried to help me.