Security Basics mailing list archives
Re: Executing app with admin privileges
From: "Rob Creely" <programmingart () gmail com>
Date: Sun, 23 Jul 2006 01:24:20 -0400
Could the users use the Run As command and run the app as an administrator? (Right-click the executable and click Run As.)
Yes they could, but then the users know a username and password with administrative privileges. What's stopping the user from using the same process to install unapproved applications(ie. p2p, malware)? Or why bother with runas? Why not just login in directly with the admin credentials? In cases such as these, I usually use sysinternals tools filemon and regmon to see what registry and files a program needs access to. I then create a security group with a access to these files and registry keys and then put users needing to run this application in the security group. In some cases, the things needing access are too extensive, or the application for whatever reason still doesn't work. In these cases, I write a vb.net application that utilizes the runas command and sendkeys function to run the application under an admin account on the machine. At least this way, the admin account password is hidden in the source code of the application and will keep the average user from doing nasty things. Note, a hacker will likely be able to decompile the exe to get the password, read the password from the computer's memory during execution, or utilize a keylogger to get the password. So this is in no way a "Fort Knox" type solution(ie. don't use your domain admin account logon in the vb.net application). Here is the VB.NET code I use(runs windows defrag as admin): <start code> Module Module1 Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long) Sub Main() Dim wshShell wshShell = CreateObject("Wscript.Shell") wshShell.run("runas /user:Administrator ""mmc.exe c:\winnt\system32\dfrg.msc""") Sleep(100) wshShell.AppActivate("Runas") Sleep(100) wshShell.SendKeys("youradminpasswordgoeshere") wshShell.SendKeys("~") Sleep(100) End Sub End Module <end code> Hope this helps. --Rob --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Executing app with admin privileges Dummy cerberus (Jul 21)
- Re: Executing app with admin privileges Mario Platt (Jul 21)
- RE: Executing app with admin privileges David Smith (Jul 21)
- RE: Executing app with admin privileges Dixon, Wayne (Jul 24)
- Re: Executing app with admin privileges Hylton Conacher(ZR1HPC) (Jul 28)
- RE: Executing app with admin privileges David Smith (Jul 21)
- Re: Executing app with admin privileges Raoul Armfield (Jul 21)
- Re: Executing app with admin privileges Rob Creely (Jul 24)
- Re: Executing app with admin privileges Mario Platt (Jul 21)
- RE: Executing app with admin privileges Roger A. Grimes (Jul 21)
- Re: Executing app with admin privileges List Spam (Jul 21)
- Re: Executing app with admin privileges Kurt Buff (Jul 21)
- RE: Executing app with admin privileges David Smith (Jul 21)
- RE: Executing app with admin privileges Andrew Aris (Jul 24)
- RE: Executing app with admin privileges Nick Duda (Jul 24)
- RE: Executing app with admin privileges Andrew Aris (Jul 24)
- <Possible follow-ups>
- RE: Executing app with admin privileges Jeffrey Wei (Jul 21)
- RE: Executing app with admin privileges David Smith (Jul 21)
- RE: Executing app with admin privileges Gaydosh, Adam (Jul 21)
- RE: Executing app with admin privileges Wesley Ward (Jul 24)