No announcement yet.

Administrator's rights

  • Filter
  • Time
  • Show
Clear All
new posts

  • Administrator's rights

    Lazy to search ... Somebody has a sample howto set administrator rights for own process ? (to install a driver)

    E-MAIL: [email protected]

  • #2
    I'm not sure that you can do that. I'm about 99% sure you cannot.
    If you could, then any trojan writer would be able to write a trojan to do something like that....

    any one else? I'm pretty sure but I could be wrong...

    Scott Turchin
    True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi


    • #3
      CreateProcessAsUser and/or CreateProcessWithLogon ?
      Google seemed fruitful with a search for: "Visual Basic" CreatProcessAsUser
      Best of luck!

      [This message has been edited by Wayne Diamond (edited August 16, 2001).]


      • #4
        Something else i found on a forum:
        Re : CreateProcessAsUser API
        Using these APIs is not really practical from an application - they're really meant to be used by services. It can be done, though.

        First, you must be using windows NT. Secondly the originating user must have the "Act as part of the operating system" right set in their policy (it's an advanced setting, so you have to click on the checkbox to see it).

        Once this is done you can log an alternative user onto the system using LogonUser:
        Dim rv As Long, hToken As Long 
        rv = LogonUser("administrator", vbNullString, "adminpw", LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, hToken)
        This returns a user token in the hToken variable. You can then use this value to impersonate the user you just logged on, or to create processes as if they had run them. E.g.

        rv = ImpersonateLoggedOnUser(hToken)

        It should be noted that although this *can* be done it is not recommended from a security viewpoint. The standard way of doing this kind of thing is to have a service that handles any kind of user impersonation for you and that accepts messages from your application.



        • #5
          Originally posted by Scott Turchin:
          I'm not sure that you can do that. I'm about 99% sure you cannot.

          If you're using W2K (and I seem to remember you do), type RUNAS /? at a command prompt and see for yourself.




          • #6
            LogonUser requires name & password. How to retreive them on "uknown PC" ? (note, with restricted privilegs)

            E-MAIL: [email protected]


            • #7
              You mean other than a dialog window asking for user input? No idea sorry :/ (are you sure that's even possible if you dont have a login password? being Admin and all... )