none
running a program as administrator whitout asking for permission RRS feed

  • Question

  • hello and sorry if i choose wrong place to ask my question!

    i want to execute a command in Command prompt! (CMD)

    and i need  permission to run cmd as administrator to execute this command!

    so , now ....

    i want to run cmd and execute command as admin without asking users for permission

    so what should i do then?

    private void NetworkTimer_Tick(object sender, EventArgs e)
            {
                
                string now = DateTime.Now.Hour.ToString("00") + DateTime.Now.Minute.ToString("00");
                if (Properties.Settings.Default.netcountDown == now)
                {
                    NetworkTimer.Enabled = false;
                    var proc1 = new ProcessStartInfo();
                    string anyCommand = "netsh interface set interface " + "\"" + adapter + "\"" + " DISABLED";
                    proc1.UseShellExecute = true;
    
                    proc1.WorkingDirectory = @"C:\Windows\System32";
    
                    proc1.FileName = @"C:\Windows\System32\cmd.exe";
                    proc1.Verb = "runas";
                    proc1.Arguments = "/c " + anyCommand;
                    proc1.WindowStyle = ProcessWindowStyle.Hidden;
                    Process.Start(proc1);
                    Properties.Settings.Default.NetCheck = false;
                }
            }


    • Edited by DarjaGFX Thursday, September 25, 2014 8:47 PM
    Thursday, September 25, 2014 8:45 PM

Answers

  • By writing it as service, you can have your code running as administrator/localsystem and grant right to start/stop/send special command to it without the need to grant them administrative access. So it gives you additional convenience that if you want to grant user the ability to restart the network interfaces, just ship with a single line script that calls "sc control" to your service.


    Monday, September 29, 2014 1:18 AM
    Answerer

All replies

  • If the user did not give you enough permission to begin with, and you can run as administrator, then you found a privilege escalation vulnerability. 



    Visual C++ MVP

    Thursday, September 25, 2014 9:04 PM
  • i want to run cmd as administrator , but i don't want my application to ask users for this permission!

    i want to run it as admin without asking for permission as i said ... !

    Friday, September 26, 2014 12:37 AM
  • What Sheng Jiang is telling you is that is not something you are supposed to be able to do. Running with administrator privileges is something the user must approve. 
    Friday, September 26, 2014 12:41 AM
  • owh ...

    so that's too bad!

    is there any other way to do what that code does?!

    i mean disabling any network adapter by shell or any other ways without asking users for any permissions.

    Friday, September 26, 2014 12:49 AM
  • Not that I know of. It's the user's computer, doesn't it make sense that the user should be able to approve configuration changes?

    If the user doesn't want to be bothered with such things, he or she can disable User Account Control. If that hasn't been done, he or she is saying they want to approve the kind of change you want to make.

    Friday, September 26, 2014 1:00 AM
  • its all about timer!

    as you can see in code above , user would set a time , and in that time the network adapter would be disabled!

    user would set time , because he wants program to do it automatically !

    ex. user wants to leave system in home and go out!!!!!
    but when he comes back , the only thing that could be seen on the screen , would be a asking for permission form !!!

    it means user should approve permission at that exact moment that he has set! at this way , he doesn't need this application , just needs to be on time to disable net adapter manually!


    • Edited by DarjaGFX Friday, September 26, 2014 1:24 AM
    Friday, September 26, 2014 1:15 AM
  • You can write a service that disable the network adapter through WMI. In that case no user interaction is required. (The WMI interface exist on anything Vista or above)
    Friday, September 26, 2014 1:58 AM
    Answerer
  • and of course then you had to start your application as administrator

    • Edited by DarjaGFX Friday, September 26, 2014 5:04 PM
    Friday, September 26, 2014 5:02 PM
  • If the user wanted to disable the network adapter on a specific time he could have set a scheduled task that does that exactly.



    "If there's nothing wrong with me, maybe there's something wrong with the universe!"

    Friday, September 26, 2014 5:10 PM
  • By writing it as service, you can have your code running as administrator/localsystem and grant right to start/stop/send special command to it without the need to grant them administrative access. So it gives you additional convenience that if you want to grant user the ability to restart the network interfaces, just ship with a single line script that calls "sc control" to your service.


    Monday, September 29, 2014 1:18 AM
    Answerer