Re: Suggestion for Docs

[Michael Pattrick <mpattrick () rhinovirus org>]

It should be noted that in Vista as well as Windows 7, not all
Administrator access is equal. When an admin logs in two security
tokens are created, an unrestricted admin token and a standard user
token. Unless a process requests a higher privilege level, the user
selects 'run as admin', or the system is configured to behave
otherwise, the restricted 'user' security token is used. Furthermore,
Windows 7 the strictness of UAC prompts is configurable from the
control panel.

The two easiest ways for an application to guarantee running with the
admin token are modification of the applications manifest file or have
one program request a higher token for another program.

Attached is a simple program that takes one command line argument and
launches that program with the unrestricted token if run from Vista or
7.
> .\launchZen.exe "C:\Program Files\nmap\zenmap.exe"

-M

On Wed, Jan 13, 2010 at 4:17 PM, Fyodor <fyodor () insecure org> wrote:
> On Tue, Jan 05, 2010 at 11:56:53AM -0800, Richards, Toby wrote:
> > I humbly suggest that the "Executing Nmap on Windows" section of your web
> > site (http://nmap.org/book/inst-windows.html#inst-win-exec ) include the
> > following information: If on Windows 7, you must right-click the Zenmap
> > icon, and select "Run as Administrator" even if you are logged on as an
> > administrator. Similarly, to run Nmap on Windows 7, you must open the
> > command prompt with administrator privileges. While there are multiple ways
> > to do this, one way is to right-click the command prompt shortcut, and
> > select "Run as Administrator." Even if you already are logged in as an
> > administrator, failing to follow these instructions will result in an error
> > that Nmap cannot identify the Ethernet interface.
>
> Hi Toby.  Thanks for your suggestion.  I would like to figure out what
> is causing this issue, as I don't need to follow these steps on my
> Windows 7 system (Home Premium X64 running under VMWare).  I tried
> Nmap 5.10BETA2 with the default install options, and with the "start
> NPF on system startup" option unchecked.  I tried both Zenmap and
> command-line Nmap, with reboots between them to insure that Winpcap
> loaded from an earlier run doesn't affect a later run.
>
> There must be something different in our Windows 7 configurations.
> Can you post the exact error message you receive when running Nmap
> without taking these extra steps?  While adjusting the documentation
> is important, it is even better if Nmap itself can detect the error
> and tell users what to do.
>
> Has anyone else here experienced this issue?
>
> Cheers,
> Fyodor
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/

Attachment: launchZen.cpp
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/