Security Basics mailing list archives
Re: Executing app with admin privileges
From: "Rob Creely" <programmingart () gmail com>
Date: Sun, 23 Jul 2006 01:24:20 -0400
Could the users use the Run As command and run the app as an administrator? (Right-click the executable and click Run As.)
Yes they could, but then the users know a username and password with
administrative privileges. What's stopping the user from using the
same process to install unapproved applications(ie. p2p, malware)? Or
why bother with runas? Why not just login in directly with the admin
credentials?
In cases such as these, I usually use sysinternals tools filemon and
regmon to see what registry and files a program needs access to. I
then create a security group with a access to these files and registry
keys and then put users needing to run this application in the
security group.
In some cases, the things needing access are too extensive, or the
application for whatever reason still doesn't work. In these cases, I
write a vb.net application that utilizes the runas command and
sendkeys function to run the application under an admin account on the
machine. At least this way, the admin account password is hidden in
the source code of the application and will keep the average user from
doing nasty things. Note, a hacker will likely be able to decompile
the exe to get the password, read the password from the computer's
memory during execution, or utilize a keylogger to get the password.
So this is in no way a "Fort Knox" type solution(ie. don't use your
domain admin account logon in the vb.net application).
Here is the VB.NET code I use(runs windows defrag as admin):
<start code>
Module Module1
Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long)
Sub Main()
Dim wshShell
wshShell = CreateObject("Wscript.Shell")
wshShell.run("runas /user:Administrator ""mmc.exe
c:\winnt\system32\dfrg.msc""")
Sleep(100)
wshShell.AppActivate("Runas")
Sleep(100)
wshShell.SendKeys("youradminpasswordgoeshere")
wshShell.SendKeys("~")
Sleep(100)
End Sub
End Module
<end code>
Hope this helps.
--Rob
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Executing app with admin privileges Dummy cerberus (Jul 21)
- Re: Executing app with admin privileges Mario Platt (Jul 21)
- RE: Executing app with admin privileges David Smith (Jul 21)
- RE: Executing app with admin privileges Dixon, Wayne (Jul 24)
- Re: Executing app with admin privileges Hylton Conacher(ZR1HPC) (Jul 28)
- RE: Executing app with admin privileges David Smith (Jul 21)
- Re: Executing app with admin privileges Raoul Armfield (Jul 21)
- Re: Executing app with admin privileges Rob Creely (Jul 24)
- Re: Executing app with admin privileges Mario Platt (Jul 21)
- RE: Executing app with admin privileges Roger A. Grimes (Jul 21)
- Re: Executing app with admin privileges List Spam (Jul 21)
- Re: Executing app with admin privileges Kurt Buff (Jul 21)
- RE: Executing app with admin privileges David Smith (Jul 21)
- RE: Executing app with admin privileges Andrew Aris (Jul 24)
- RE: Executing app with admin privileges Nick Duda (Jul 24)
- RE: Executing app with admin privileges Andrew Aris (Jul 24)
- <Possible follow-ups>
- RE: Executing app with admin privileges Jeffrey Wei (Jul 21)
- RE: Executing app with admin privileges David Smith (Jul 21)
- RE: Executing app with admin privileges Gaydosh, Adam (Jul 21)
- RE: Executing app with admin privileges Wesley Ward (Jul 24)