Safest way to "runas" Admin

[freddykid]

So I have a question really. I have a little 50 some odd line script that the only function is to allow limited user to change timezone. But for it to run I need to use the local admin with runas. I was reading through the help file and it says you should not store passwords in the script itself even with Obfuscator. So I am look for suggestions on ways that i can keep the file secure. this is a sample of my script, i used an example to display time after the change, this is really a 2 or 3 line action, as it stands. If there ways that i can lock-it down any help would be great.

expandcollapse popup

; Launch Time and Date control Panel with admin
  RunAsWait("Admin",@ComputerName,"Password",0,"rundll32.exe shell32.dll,Control_RunDLL timedate.cpl,,",@SystemDir,@SW_SHOW) 
   
     sleep (500) ;slight pause for change to take effect
   
     MsgBox(0, "Time", "Your Time Zone has been updated.")
   
     ;Start gui to show time change._
   
     Main()
   
     Func _Main()
   
                     Local $hGUI, $tFile, $tLocal
   
      
   
                     ; Create GUI
   
                     $hGUI = GUICreate("Time", 300, 100)
   
                     $iMemo = GUICtrlCreateEdit("", 2, 2, 396, 296, $WS_VSCROLL)
   
                     GUICtrlSetFont($iMemo, 9, 400, 0, "Courier New")
   
                     GUISetState()
   
      
   
                     ; Get system time
   
                     $tSystem = _Date_Time_GetSystemTime()
   
                     $tFile = _Date_Time_SystemTimeToFileTime(DllStructGetPtr($tSystem))
   
                     ;               --------------------------------------
   
                     $tLocal = _Date_Time_FileTimeToLocalFileTime(DllStructGetPtr($tFile))
   
                     MemoWrite("The time is now : " & _Date_Time_FileTimeToStr($tLocal))
   
      
   
                     ; Loop until user exits
   
                     Do
   
                     Until GUIGetMsg() = $GUI_EVENT_CLOSE
   
      
   
     EndFunc   ;==>_Main
   
      
   
     ; Write a line to the memo control
   
     Func MemoWrite($sMessage)
   
                     GUICtrlSetData($iMemo, $sMessage & @CRLF, 1)
   
     EndFunc   ;==>MemoWrite

[Authenticity]

Just a wild thinking. You can make a wrapper executing script that requires or contains the MD5 or SHA or whatnot string and pass it to this script to decipher using a supplied key (also required or contained). As usual, add as much crap as possible.

Edit: You can edit yet another think that the resulting deciphered key is a key in the registry buried inside the ghost sub-sub-keys of the registry and this key should contain the password. If the string is deciphered correctly then reading this registry key should return a nice innocent password. >_<

Edited August 6, 2009 by Authenticity