UAC Automation (Success!)

Question

Hello, I need to automate UAC for testing purposes.

I have custom "test module", that is C# desktop application, that can automate UI via MSAA and UIA.

As I understand http://msdn.microsoft.com/en-us/library/ms742884.aspx and http://msdn.microsoft.com/en-us/library/aa905330.aspx topics UAC can be automated if following conditions are achieved:

1. "User Account Control: Switch to the secure desktop when prompting for elevation" policy disabled (so UAC dialog can be found by GetDesktopWindows WinAPI function).
2. "User Account Control: Only elevate UIAccess applications that are installed in secure locations" policy disabled (so test module can be started not only from System32 and Program files)
3. Test module executable digitally signed by certificate (created by makecert.exe).
4. This certificate added to Trusted Root Certification Authorities on test system.
5. Test module manifest contain <requestedExecutionLevel level="requireAdministrator" uiAccess="true" />.

After I done all this, my test module starts with elevated previledges, can get UIA and/or MSAA tree of controls on UAC prompt dialog, but nothing happens on Click simulation or invoking buttons.

I believe, UAC can be automated, please help me)

Answer 1

Yes, I found solution!

Here is step-by-step manual for C#:

A. Disable policies on test system.

1. Open "Local Security Policy" on system.
2. Go to "Security settings -> Local policies -> Security options".
3. Disable "User Account Control: Switch to the secure desktop when prompting for elevation".
4. Disable "User Account Control: Only elevate UIAccess applications that are installed in secure locations".

B. Add following manifest to your C# application:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> 
 <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
 <security>
  <requestedPrivileges>
  <requestedExecutionLevel level="requireAdministrator" uiAccess="true" />
  </requestedPrivileges>
  </security>
 </trustInfo>
</assembly>

And rebuild it.

C. Digitally sign your executable.

1. Download: makecert.exe, pvk2pfx.exe, signtool.exe microsoft tools and place them in one folder with your executable.
2. Start in cmd: makecert.exe -r -pe -sky signature -n CN=MyTestSertificateName -sv uacTest.pvk uacTest.cer
3. Start in cmd (where 123 is password, that you input in first step): pvk2pfx -pvk uacTest.pvk -pi 123 -spc uacTest.cer -pfx uacTest.pfx -po 123 -f
4. Start in cmd (where 123 is password, that you input in first step, and app.exe is your executable): signtool.exe sign /f uacTest.pfx /p 123 app.exe

D. Add certificate to Trusted Root Certification Authorities on test system.

1. Open uacTest.cer (created on step C) in explorer.
2. Follow steps of wizard, select Trusted Root Certification Authorities as target store.

E. Interact with UAC prompt with System.Windows.Forms.SendKeys class. By default in Yes|No UAC dialog No is active by default, so:

1. SendKeys.SendWait("{LEFT}{ENTER}"); // For Yes response
2. SendKeys.SendWait("{ENTER}"); // For No response

Answer 2

This doesnt works for me. Done the exact same steps.

Any idea?

Answer 3

See this stackoverflow thread for a sollution

http://stackoverflow.com/questions/2821667/how-do-i-run-my-application-while-a-uac-dialog-window-is-showing/2822292#2822292