Sign in to follow this  
Followers 0
amar3181

Script not working for UAC

18 posts in this topic

I am trying to make a simple exe installation script and Windows UAC pops up. Though I use the send command it doesn't seem to work here.

Run('Test-655.exe')
WinWaitActive("UAC","UAC")
Send("{TAB}")
Send("{TAB}")
Send("{TAB}")
Send("{ENTER}")
WinWaitActive("Dialogpopup","Setup")
 
Is this code correct to send the keyboard command?

Share this post


Link to post
Share on other sites



Celtic88, i believe you may be a bit overzealous here. the OP intent may well be legitimate; the thing the OP needs to be aware of is that this forum will not provide any assistance for bypassing security measures.

that said, all the OP needs to do is to acknowledge the UAC - and make the process easier by having the #RequireAdmin directive in his script.

other alternatives - which are better suited for mass deployment - are to use existing deployment services, like the Windows Installer, GPO, remote execution by domain admin, etc.

finally, there are plenty of forum topics about UAC the OP can learn from - although they will not help much when it comes to sporadic installation.

Share this post


Link to post
Share on other sites

Commands cannot be sent to the UAC prompt from a process ran in user space as the UAC prompt is opened on a separate desktop instance ("Secure Desktop") which cannot be automated from a process started on the normal desktop. This ofcourse is for security purposes.

What you can do is disable the Secure Desktop security, that will probably help (though I have not tested or researched). Lowering the UAC security to bypass the Secure Desktop is only useful if you have to run the script many times on the same machine for testing purposes and don't want to click the UAC every time. But when you run the script on any other machine, you will still have to click through the UAC manually (or manually disable the Secure Desktop on all machines, but that defeats the purpose :) ).

In Windows 7+ you can do this through secpol.msc (if you have windows pro or better). Obviously you would need administrator access for that as well, so it cannot be done from your script (don't waste your time - won't work). See https://support.microsoft.com/kb/975788/en-us for more information.

NOTE: Doing this of course leaves your system highly vulnerable! Take the necessary precautions (backups, restore points, disconnect network, whatever). Ideally, test in a clean virtual machine.


Roses are FF0000, violets are 0000FF... All my base are belong to you.

Share this post


Link to post
Share on other sites

Well my question was in general as I am unable to do so with further window. If I just need to have the selected window worked and do not want to worry about specific tittle the is this correct WinWaitActive("")

After that I just need tab pressed 3 times then enter.

Send("{TAB}")

Send("{TAB}")
Send("{TAB}")
Send("{ENTER}")
 
Anything wrong above assumption?

Share this post


Link to post
Share on other sites

Ok now when I introduced Sleep and tab and enter works fine.

For WinWaitActive what should I put if I don't want to care about the tittle and progress to other tab and enter.

Share this post


Link to post
Share on other sites

Not the same place!

heaven_or_hell.jpg

 


Regards,
 

Share this post


Link to post
Share on other sites

? I didn't get it. If I just need to proceed on irrespective of any title displayed what should be the complete syntax for WinWaitActive

Share this post


Link to post
Share on other sites

WinWaitActive("", "")

?


Roses are FF0000, violets are 0000FF... All my base are belong to you.

Share this post


Link to post
Share on other sites

My solution is to disable UAC!


Regards,
 

Share this post


Link to post
Share on other sites

I made a nice Script that i am lunching with autoit. it disable UAC but you wont be able to run it without typing manualy your credential if that interesting yourself you can message me i will pm you how to do.

1 person likes this

Share this post


Link to post
Share on other sites

#12 ·  Posted (edited)

I am gonna share my methode since i had some pm's :

With my methode i am using a BAT (batch file) but i launch it with autoit 

YES you will need to use an admin credential manualy. (then reboot after the script usage. only for UAC editing)

1 A:

-make a batch file with that code inside :

:: BatchGotAdmin
:-------------------------------------
REM  --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"

REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
    echo Requesting administrative privileges...
    goto UACPrompt
) else ( goto gotAdmin )

:UACPrompt
    echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
    set params = %*:"=""
    echo UAC.ShellExecute "cmd.exe", "/c %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs"

    "%temp%\getadmin.vbs"
    del "%temp%\getadmin.vbs"
    exit /B

:gotAdmin
    pushd "%CD%"
    CD /D "%~dp0"
:--------------------------------------

1 B: 

-Add the code that require admin right below the last line ":----------------------------------------"

For exemple disabling UAC :

C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v  EnableLUA /t REG_DWORD /d 0 /f

2 launch the BAT you just made with run in autoit

The BAT file will check if admin right is "ON" or "OFF"

if right is "OFF"  you will be able to enter an admin credential MANUALY

if right is "ON"  the code will be executed without a prompt

This is powerfull if you need to run the autoit script without admin right (for exemple you need to use "@username") and run one specifique thing with admin right like disable UAC...

and yes i was needing that :)

Edited by caramen

Share this post


Link to post
Share on other sites

Ran both in batch. First code to check admin pops UAC and exits. Second code gives access denied.

Share this post


Link to post
Share on other sites

#14 ·  Posted (edited)

Ran both in batch. First code to check admin pops UAC and exits. Second code gives access denied.

You have to do that :

Read: >>>>>>>>>>-Add the code that require admin right below the last line ":----------------------------------------" <<<<<<<<< ;)

:: BatchGotAdmin
:-------------------------------------
REM  --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"

REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
    echo Requesting administrative privileges...
    goto UACPrompt
) else ( goto gotAdmin )

:UACPrompt
    echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
    set params = %*:"=""
    echo UAC.ShellExecute "cmd.exe", "/c %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs"

    "%temp%\getadmin.vbs"
    del "%temp%\getadmin.vbs"
    exit /B

:gotAdmin
    pushd "%CD%"
    CD /D "%~dp0"
:--------------------------------------


C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v  EnableLUA /t REG_DWORD /d 0 /f

I separated the both code becose you can use the check admin vbs for any other purpose

Edited by caramen

Share this post


Link to post
Share on other sites

#15 ·  Posted (edited)

Oh so got to run both in the same batch. First the Admin check then the UAC disable action.

Doing So it works but again I need to make a selection for UAC pop up and accept it to progress :(

Edited by amar3181

Share this post


Link to post
Share on other sites

#16 ·  Posted (edited)

yeah this is what i said, unfortunatly as orbs said we cant help you to bypass that security it s a forum rules but even without that rule i am not sure you can do it.

This script is for disabling UAC Manualy in one click or anything else than UAC

But one thing have to be clear if you got UAC activated you wont be able to automate an admin task.

Edited by caramen

Share this post


Link to post
Share on other sites

I agree... My  motive wans't bypassing but automating a task. Thanks a lot. Trying another approach hope orbs get it.

Share this post


Link to post
Share on other sites

I agree... My  motive wans't bypassing but automating a task. Thanks a lot. Trying another approach hope orbs get it.

If you got a way to do so plz let me know.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0