Jump to content

Vista UAC

trancexx

By trancexx,
in AutoIt Example Scripts

 Share

Recommended Posts

trancexx Universalist

trancexx

Posted
Posted (edited)

Anyone having Vista is familiar with UAC (if not disabled) and its purpose. That limits a lot things that you can do running some script or exe. For example you cannot start or stop windows service, write or edit some very important registry keys, and so on...

Keyword #RequireAdmin is the solution. That's nothing new. Once the application or the script is started user will be asked to take it to elevated mode and that's it. Do what ever you want afterwards.

Only problem is that people don't like that window that suddenly jumps and ask them to "surrender". And you need that mode only once in one run of the application (or maybe once in few runs to modify some registry keys, or perhaps never at all, but stands there as a possibility).

'AutoIt3ExecuteScript' indirectly gives the posibility to execute a line of code (or the whole script) in elevated mode. So, if you need to write to HKLM for example, and you did not use #RequireAdmin it can be requested for only one line of code. After that you are back to 'normal' mode.

Like in this example:

Example()

Func Example()
    Local $Button_1, $Button_2, $msg
    GUICreate("Vista UAC", 260, 100)

    Opt("GUICoordMode", 2)
    $Button_1 = GUICtrlCreateButton("#RequireAdmin", 30, 30, 100)
    $Button_2 = GUICtrlCreateButton("Plain", 0, -1)

    GUISetState()
    
    While 1
        $msg = GUIGetMsg()
        Select
            Case $msg = -3
                ExitLoop
            Case $msg = $Button_1
                _ExecuteLineRequireAdmin('RegWrite("HKEY_LOCAL_MACHINE\Software\Test1")')
            Case $msg = $Button_2
                MsgBox(0, 'Current status', 'IsAdmin = ' & IsAdmin())
        EndSelect
    WEnd
EndFunc   ;==>Example


Func _ExecuteLineRequireAdmin($line)
    
    Local $TypeLib = ObjCreate("Scriptlet.TypeLib")
    Local $tmp = @TempDir & "\~" & $TypeLib.Guid & "tempexec.tmp"
    Local $hwnd = FileOpen($tmp, 26)
    Local $s_code = "0xA3484BBE986C4AA9994C530A86D6487D4155332145413036CE19576016967078" _
             & "227BDB880EE0CBF36B43CA52AFAD0000E6FB2578C8E213F97D1DEDDD7100B055" _
             & "2DAC9AD52815D4F0CF25E4CF118E56C2CE3F70EFB96810F80000F4E304D3D0B5" _
             & "1941F479192034B8D9BE4AA430B03C52DA887392C6848B1AC96D70F28D9D1E32" _
             & "3CB42E26FA734DE47450CDF0E49196EF0D5EC490C1148E398F59405F7137BF8C" _
             & "BDE8DC4DB22733AABCB78FAE7D9608A57FEEEB7378A2367C6DD7012A8600009B" _
             & "8500000EDC5DF57A25C90108DB12D17A25C901BC9F17D16DFBFA03B38B3C9ED4" _
             & "F7788E35DED80D6CC0F3B88CCD44AFAAC0C2B5ED22347870DDC46EC2561BBAAC" _
             & "7E28D9ADFC099D9DE8C87DF66BA0752DEC05B3A67C58F0B597E8500EA927BD57" _
             & "EF598FB3630B279D2B56B00CE73F954212A3423352ED82E9119E876708EC6277" _
             & "A965414AC79B746C74FFBDA0713853F8A8A1CF3379318ADD22A984B75DA744AC" _
             & "DDEF87D47FB1E565A29AC3EC3A988A9DE61055D1A7D35E5B0CFAFDCD6B58A3F5" _
             & "CA3835A925618EBE502784DFDF60E8370C3F7225E3E1D87C09E253B65A4DEE1C" _
             & "1E8B8F7C8F2C81E8CBC789AF72441A880C798339FAC29212D8EFFC7955C648F3" _
             & "20E9D8BC4BE8B11CC63684CE481380ED6DDF067230857CB97BEFBFB4550E3164" _
             & "6B99F2F5AF85AEE8BF3270FE2071C1AE7122B8EB7C6ED2CB74E60535CEF65821" _
             & "D43720B4BB0766E91E0F4C7F59B51BAA7153E0146D5FF8E40FB3717FAE3784EB" _
             & "CDC00AED5EB28291447B6FA6894BA6392B792D7FA2A72A9499ABCCC5A1508D00" _
             & "C06906C04D0BF9B486CAFBCFD92B645445B20E4670CBC3EDA9CCF1EE9C9AAD46" _
             & "A649EE3B1987443FF72DE0BC414155332145413036" 
    FileWrite($hwnd, $s_code)
    FileClose($hwnd)
    Run('"' & @AutoItExe & '" /AutoIt3ExecuteScript "' & $tmp & '" ' & $line)
    
EndFunc

Scriptlet.TypeLib is used only for crating random name (without error checking :) ). You can use any other method as well, only would need to modify '$s_code '.

Some other features can be added to this function but that is... irrelevant

edit:

That script will create HKEY_LOCAL_MACHINE\Software\Test1 for testing purposses. No damage done, don't worry.

Edited by trancexx

♡♡♡

.

eMyvnE

Link to comment
Share on other sites
TehWhale Universalist

TehWhale

Posted
Posted

Anyone having Vista is familiar with UAC (if not disabled) and its purpose. That limits a lot things that you can do running some script or exe. For example you cannot start or stop windows service, write or edit some very important registry keys, and so on...

Keyword #RequireAdmin is the solution. That's nothing new. Once the application or the script is started user will be asked to take it to elevated mode and that's it. Do what ever you want afterwards.

Only problem is that people don't like that window that suddenly jumps and ask them to "surrender". And you need that mode only once in one run of the application (or maybe once in few runs to modify some registry keys, or perhaps never at all, but stands there as a possibility).

'AutoIt3ExecuteScript' indirectly gives the posibility to execute a line of code (or the whole script) in elevated mode. So, if you need to write to HKLM for example, and you did not use #RequireAdmin it can be requested for only one line of code. After that you are back to 'normal' mode.

Like in this example:

Example()

Func Example()
    Local $Button_1, $Button_2, $msg
    GUICreate("Vista UAC", 260, 100)

    Opt("GUICoordMode", 2)
    $Button_1 = GUICtrlCreateButton("#RequireAdmin", 30, 30, 100)
    $Button_2 = GUICtrlCreateButton("Plain", 0, -1)

    GUISetState()
    
    While 1
        $msg = GUIGetMsg()
        Select
            Case $msg = -3
                ExitLoop
            Case $msg = $Button_1
                _ExecuteLineRequireAdmin('RegWrite("HKEY_LOCAL_MACHINE\Software\Test1")')
            Case $msg = $Button_2
                MsgBox(0, 'Current status', 'IsAdmin = ' & IsAdmin())
        EndSelect
    WEnd
EndFunc   ;==>Example


Func _ExecuteLineRequireAdmin($line)
    
    Local $TypeLib = ObjCreate("Scriptlet.TypeLib")
    Local $tmp = @TempDir & "\~" & $TypeLib.Guid & "tempexec.tmp"
    Local $hwnd = FileOpen($tmp, 26)
    Local $s_code = "0xA3484BBE986C4AA9994C530A86D6487D4155332145413036CE19576016967078" _
             & "227BDB880EE0CBF36B43CA52AFAD0000E6FB2578C8E213F97D1DEDDD7100B055" _
             & "2DAC9AD52815D4F0CF25E4CF118E56C2CE3F70EFB96810F80000F4E304D3D0B5" _
             & "1941F479192034B8D9BE4AA430B03C52DA887392C6848B1AC96D70F28D9D1E32" _
             & "3CB42E26FA734DE47450CDF0E49196EF0D5EC490C1148E398F59405F7137BF8C" _
             & "BDE8DC4DB22733AABCB78FAE7D9608A57FEEEB7378A2367C6DD7012A8600009B" _
             & "8500000EDC5DF57A25C90108DB12D17A25C901BC9F17D16DFBFA03B38B3C9ED4" _
             & "F7788E35DED80D6CC0F3B88CCD44AFAAC0C2B5ED22347870DDC46EC2561BBAAC" _
             & "7E28D9ADFC099D9DE8C87DF66BA0752DEC05B3A67C58F0B597E8500EA927BD57" _
             & "EF598FB3630B279D2B56B00CE73F954212A3423352ED82E9119E876708EC6277" _
             & "A965414AC79B746C74FFBDA0713853F8A8A1CF3379318ADD22A984B75DA744AC" _
             & "DDEF87D47FB1E565A29AC3EC3A988A9DE61055D1A7D35E5B0CFAFDCD6B58A3F5" _
             & "CA3835A925618EBE502784DFDF60E8370C3F7225E3E1D87C09E253B65A4DEE1C" _
             & "1E8B8F7C8F2C81E8CBC789AF72441A880C798339FAC29212D8EFFC7955C648F3" _
             & "20E9D8BC4BE8B11CC63684CE481380ED6DDF067230857CB97BEFBFB4550E3164" _
             & "6B99F2F5AF85AEE8BF3270FE2071C1AE7122B8EB7C6ED2CB74E60535CEF65821" _
             & "D43720B4BB0766E91E0F4C7F59B51BAA7153E0146D5FF8E40FB3717FAE3784EB" _
             & "CDC00AED5EB28291447B6FA6894BA6392B792D7FA2A72A9499ABCCC5A1508D00" _
             & "C06906C04D0BF9B486CAFBCFD92B645445B20E4670CBC3EDA9CCF1EE9C9AAD46" _
             & "A649EE3B1987443FF72DE0BC414155332145413036" 
    FileWrite($hwnd, $s_code)
    FileClose($hwnd)
    Run('"' & @AutoItExe & '" /AutoIt3ExecuteScript "' & $tmp & '" ' & $line)
    
EndFunc

Scriptlet.TypeLib is used only for crating random name (without error checking :) ). You can use any other method as well, only would need to modify '$s_code '.

Some other features can be added to this function but that is... irrelevant

edit:

That script will create HKEY_LOCAL_MACHINE\Software\Test1 for testing purposses. No damage done, don't worry.

This is really sweet! It has its downsides though, virus creators could use this, multiple times to do stuff to your computer without your knowledge, and theres no #RequireAdmin so! Very nicely done!!
Link to comment
Share on other sites
trancexx Universalist

trancexx

Posted
  • Author
Posted

Very nice trancexx.

Have you more information about the code under $s_code?

thanks

I got all the information about that.

It's binary form of this script compiled to a3x:

#RequireAdmin
FileDelete(@ScriptFullPath)
$code = StringTrimLeft($CmdLineRaw, StringInStr($CmdLineRaw, @ScriptName) + 52) 
Execute($code)

♡♡♡

.

eMyvnE

Link to comment
Share on other sites
Creator Adventurer

Creator

Posted
Posted

This is really sweet! It has its downsides though, virus creators could use this, multiple times to do stuff to your computer without your knowledge, and theres no #RequireAdmin so! Very nicely done!!

Well eeerhm....i guess getting the dialog from uac per line of code is not more unsafe then requiring admin for the whole script :P

Link to comment
Share on other sites
TehWhale Universalist

TehWhale

Posted
Posted

Well eeerhm....i guess getting the dialog from uac per line of code is not more unsafe then requiring admin for the whole script :P

Hmm, I was actually reading your reply, then mine, then the topic again. I misunderstood it the first time. I thought this script was running a line of code that could be "admin" without the #RequireAdmin. It actually just runs a line of code with #RequireAdmin and goes back to normal mode. :(
Link to comment
Share on other sites
TehWhale Universalist

TehWhale

Posted
Posted

Well eeerhm....i guess getting the dialog from uac per line of code is not more unsafe then requiring admin for the whole script :P

Hmm, I was actually reading your reply, then mine, then the topic again. I misunderstood it the first time. I thought this script was running a line of code that could be "admin" without the #RequireAdmin. It actually just runs a line of code with #RequireAdmin and goes back to normal mode. :(
Link to comment
Share on other sites
trancexx Universalist

trancexx

Posted
  • Author
Posted (edited)

Hmm, I was actually reading your reply, then mine, then the topic again. I misunderstood it the first time. I thought this script was running a line of code that could be "admin" without the #RequireAdmin. It actually just runs a line of code with #RequireAdmin and goes back to normal mode. :P

Yes. Only difference is that one get to "warn" a user of intention to take higher privileges before actually attempt to take it.

edit:

khm, khm...

Edited by trancexx

♡♡♡

.

eMyvnE

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...