Elevated CMD Prompt

8 posts in this topic

#1 ·  Posted (edited)


 I am currently trying to create a tool that will automate some task we need to preform at work. The task that I am trying to automate are mostly powershell based. I did a search on the forum and I came across sapien.activexposh COM object. A perfect match to create a GUI in autoit and a clean way to push powershell command for execution.


But i hit a roadblock and I hope that someone can help me solve it.

-       before you can use this sapien activexposh object you must register it using RegAsm.exe.

-       The command to register the object is: “C:\Windows\Microsoft.NET\Framework\v4.0.30319\regasm /codebase {directory}\ActiveXPoshV3.dll”

-       The command prompt needs to be elavated prompt


The problem:

When I run [start -> cmd -> right click -> run as administrator] its seems to open a elevated prompt. But this prompt doesn’t have enough privilege to register a object in regasm.exe (RegAsm : error RA0000)


The weird stuff:

When I [create cmd shortcut to desktop -> right click -> run as administrator] it get a elevated prompt with enough permission to register a object with regasm.exe. (using the same account and laptop!)


There seems to be a clear difference when opening the cmd prompt in the way I explained above, see screenshot



Is there way to programmatic start the Administrator:cmd window? BTW runas doesn’t seem to work for me…




Edited by aghering

Share this post

Link to post
Share on other sites

If they are 'mostly powershell' then i would skip cmd/comspec altogether.




,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post

Link to post
Share on other sites

#7 ·  Posted (edited)

Thanks you guys for your input, all the commands seems to open CMD as "Administrator" 
I had some problems with pushing the commands to the CMD console but i finaly managed to programmaticly register the component. (Jeej)

@Boththose: i prefer to work with the activexposh.dll. after registering the object you will be able to execute PS commands, read/clear output, multiline powershell commands without using semicolons, stdinwrite, stdoutread, etc...

Edited by aghering

Share this post

Link to post
Share on other sites

#8 ·  Posted (edited)

I wrote a function that comprehends all the working solutions mentioned earlier in this thread:

#include <MsgBoxConstants.au3>
#include <AutoItConstants.au3>

; Call Function: f_RunAsAdmin_CMD

; Define Function: f_RunAsAdmin_CMD
Func f_RunAsAdmin_CMD($iMethod = 0, $iDebugFlag = 0, $sShowFlag = @SW_SHOW)
; This function returns an administrator CMD window based on the method chosen:
;   $iMethod = 0 : use ShellExecute with RunAs
;   $iMethod = 1 : use #RequireAdmin and Run("cmd")
;   $iMethod = 0 is Default Option
; Include: Add the following two lines at the top of your script
;   #include <MsgBoxConstants.au3>
;   #include <AutoItConstants.au3>

    Local $sMessage = "Window State: "

    If Not($iMethod = 1) Then
        $iMethod = 0 ; Default method

    Switch $sShowFlag
        Case @SW_SHOW
            $sMessage &= "Visible"
        Case @SW_HIDE
            $sMessage &= "Hidden"
        Case @SW_MINIMIZE
            $sMessage &= "Minimized"
        Case @SW_MAXIMIZE
            $sMessage &= "Maximized"
        Case Else ; Default
            $sShowFlag = @SW_SHOW
            $sMessage &= "Visible"

    If ($iDebugFlag = 1) Then
        ConsoleWrite("Method Used: " & String($iMethod)  & @LF & $sMessage & @LF)
        MsgBox(0,"Run CMD as Admin","Method Used: " & String($iMethod) & @LF & $sMessage ,1)

    If ($iMethod = 0) Then
        ShellExecute(@ComSpec, "", "", "RunAs",$sShowFlag)



I hope this will be helpful for future discussions. You could also consider using RunAsWait (replace RunAs) and ShellExecuteWait (replace ShellExecute) to wait until the CMD window is launched and finishes spawning.



Edited by techsray

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • luckyluke
      By luckyluke
      Im trying to read the output from CMD using Dllcall, here is my code:
      #include <WinAPI.au3> #include <array.au3> Global Const $STD_OUTPUT_HANDLE = -11 Global Const $_CONSOLE_SCREEN_BUFFER_INFO = _ "struct;int dwSizeX;" & _ "short dwSizeY;" & _ "short dwCursorPositionX;" & _ "short dwCursorPositionY;" & _ "short wAttributes;" & _ "short Left;" & _ "short Top;" & _ "short Right;" & _ "short Bottom;" & _ "short dwMaximumWindowSizeX;" & _ "short dwMaximumWindowSizeY;endstruct" $pCmd = Run( "cmd.exe" ) Sleep(1000) $hCmd = WinGetHandle("") ConsoleWrite('handle:' & $hCmd & @CRLF) $aRet = DllCall("kernel32.dll", "int", "AttachConsole", "dword", $pCmd) ;_ArrayDisplay($aRet) If $aRet[0] <> 0 Then $vHandle_data='' $vHandle='' $vHandle_data = DllStructCreate($_CONSOLE_SCREEN_BUFFER_INFO) ; Screen Buffer structure $aRet1 = DllCall("kernel32.dll", "hwnd", "GetStdHandle", "dword", $STD_OUTPUT_HANDLE) if not @error Then $vHandle = $aRet1[0] $aRet = DllCall("kernel32.dll", "int", "GetConsoleScreenBufferInfo", "hwnd", $vHandle, _ "ptr", $vHandle_data) MsgBox(0, '1',DllStructGetData($vHandle_data, 'dwSizeX') & _WinAPI_GetLastErrorMessage()) EndIf It did not work, i got the message 'The handle is invalid'. Please help?
      Thank you in advance!
    • mihaijulien
      By mihaijulien
      I compiled a script I made that takes a command line parameter (the version of a .msi installer) when launched. The script was compiled with the /console option. The script (.au3) works fine but the executable returns  the following error:  
      Error: array variable has incorrect number of subscripts or subscript dimension range exceeded  
    • fosil
      By fosil
      Hi everyone.

      I'm currently working a program that constantly prints out log files through "consolewrite" and the "#AutoIt3Wrapper_Change2CUI=y" wrapper.

      Part of this program requires me to run a batch script.

      My issue is the batch script launches from the same window as consolewrite. I need the batch file to be launched through a different window as currently this causes an issue with the logs (which need to be very precise) but also causes the batch file to produce some funny behavior...

      Does anyone know how I can force the file to run on a second DOS window?

      Thanks in advance!!!
      Edit: Im using the "run" command if that helps. I tried "shellexecute" but that seemed to not launch the batch scripts at all.
    • Baboo85
      By Baboo85
      Hi all,
      I need to start a script that include:
      - admin privileges
      - multiple cmd commands
      - no bat, no exe, no tmp files created anywhere (especially in the user temp folder)
      In a bat file it would be simple, but users shouldn't see what commands I'm sending.
      Example of the script:
      echo off cls echo. echo I AM A TOOL echo. echo NOTE: echo - note 1 echo - note 2 echo - etc set USER1=0 set COMPUTER1=0 if /i %username% equ user.user ( set USER1=1 set COMPUTER1=1 ) if /i %username% equ another.user set USER1=1 if /i %computername% equ notebook set COMPUTER1=1 if %USER1% EQU 1 ( if %COMPUTER1% EQU 1 ( reg delete "HKLM\SOFTWARE\blablabla" /f ) else ( echo Computer not authorized. Contact assistance.) ) else ( echo User not authorized. Contact assistance.) echo. pause exit With the send("") is a disaster.
      I'm a noob here, so what can I do?
      EDIT: OR ELSE I explain the situation and what I need, so if there is a simple solution I can use that.
      SITUATION: our domain users have Users rights on the machine. Some of them need administrator rights.
      We create a local user with administrator rights, so that the users must insert username and password when asked to run something with administrator rights.
      We have an internal domain group policy that blocks EXE, BAT, COM, TMP files from the user local temp directory, for a security reason (malware). That also blocks most software installation.
      But some users are often out of office, away from workplace and in another country, they need a complete control on their computers.
      WHAT I NEED: I need to check the username and the computer name. If the username is the one with local administrator rights and the computer name is a computer that is qualified to temporary remove the policy, then I need to execute a REG DELETE command with administrator rights.
      I hope I explained myself.
      Thank you very much.
    • TLOTS
      By TLOTS
      I'm triying to get the session id to close automatically a RDP session.
      I tried doing this:
      #RequireAdmin #include <Constants.au3> $DOS = Run('C:\Windows\System32\query.exe user', "", @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD) ;Run(@ComSpec & " /c " & 'Query User', "", @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD) ;Run(@ComSpec & " /c " & 'quser', "", @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD) ProcessWaitClose($DOS) $Message = StdoutRead($DOS) MsgBox(0,'',$Message) But the $Message is always empty, if I execute any of these commands in a cmd window, it works
      Any idea on why is this falling? there is another way to get this info?
      PS: Sorry for my english, i'm not native.