Exetools  

Go Back   Exetools > General > Source Code

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 10-11-2024, 00:10
HarrySpoofer HarrySpoofer is offline
Friend
 
Join Date: Jul 2018
Posts: 30
Rept. Given: 0
Rept. Rcvd 3 Times in 2 Posts
Thanks Given: 7
Thanks Rcvd at 31 Times in 13 Posts
HarrySpoofer Reputation: 4
Run as Trusted Installer context menu

This a a context menu extension for MS-Windows which allows you to run any program as the "Trusted Installer" with more privileges than the Administrator or System.
You can use it to run Windows Explorer or `regedit.exe` ...or any other program.

INSTALLATION:
Run the attached install.bat file
... or copy the `RunAsTI.exe` to your `Windows\System32` directory and merge the `RunAsTI.reg` file into the Windows Registry.

BUILD:
Open the `RunAsTI.sln` file in Visual Studio 2019, right-click on the Solution 'RunAsTI' in the Solution Explorer and select "Build Solution".
A new `RunAsTI.exe` will be generated in the `x64\Release\` or `x64\Debug\` directory.

TO USE:
Right-click on any program in Windows Explorer and select "Run as Trusted Installer". You must be the Administrator in order to become the Trusted Installer.
You can see how it looks like on the following screenshot:
https://imgur.com/a/xOOO63t

Full source and the compiled .exe file are attached and at the link below:
https://gofile.io/d/QK20BZ
Attached Files
File Type: rar FullSource_and_exe.rar (831.1 KB, 10 views)

Last edited by HarrySpoofer; 11-02-2024 at 22:38. Reason: Update
Reply With Quote
The Following 5 Users Say Thank You to HarrySpoofer For This Useful Post:
NoneForce (10-12-2024), sendersu (10-11-2024), skypeaful (10-12-2024), user_hidden (10-11-2024), wx69wx2023 (10-11-2024)
  #2  
Old 10-11-2024, 09:23
wx69wx2023 wx69wx2023 is offline
Family
 
Join Date: Sep 2023
Posts: 150
Rept. Given: 6
Rept. Rcvd 39 Times in 19 Posts
Thanks Given: 152
Thanks Rcvd at 457 Times in 103 Posts
wx69wx2023 Reputation: 39
thanks for share, the link is down (https://file.io/X2yKt7tgv93x)
Reply With Quote
  #3  
Old 10-11-2024, 15:36
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,172
Rept. Given: 334
Rept. Rcvd 233 Times in 123 Posts
Thanks Given: 276
Thanks Rcvd at 566 Times in 314 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
@HarrySpoofer
thanks for nice piece of work!

If you don't mind I"d provide some small feedback:

1) I'd do case insensitive comparison inside the GetProcessIdByName() routine
-> if (pe.szExeFile == processName)

2) compiler is unhappy on setting signed int to unsided dword;
warning C4245: 'initializing': conversion from 'int' to 'DWORD', signed/unsigned mismatch

do you know if Windows has got some define for wrong pid values?
eg smth like INVALID_HANDLE_VALUE

3) be honest, did you leave an Easter Egg in one routine?

kudos!
Reply With Quote
The Following User Gave Reputation+1 to sendersu For This Useful Post:
niculaita (10-11-2024)
The Following User Says Thank You to sendersu For This Useful Post:
niculaita (10-11-2024)
  #4  
Old 10-11-2024, 16:39
Kerlingen Kerlingen is offline
VIP
 
Join Date: Feb 2011
Posts: 328
Rept. Given: 0
Rept. Rcvd 277 Times in 99 Posts
Thanks Given: 0
Thanks Rcvd at 329 Times in 100 Posts
Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299
The code is pretty much identical to the https://github.com/lilkui/runasti repository.

The only difference is that somebody refactored everything to camel case (e.g. "get_process_id_by_name(const string process_name)" becomes "GetProcessIdByName(wstring processName)").

The code in the repository already has some of the bugs fixed!
Reply With Quote
The Following 2 Users Say Thank You to Kerlingen For This Useful Post:
blue_devil (10-11-2024), niculaita (10-11-2024)
  #5  
Old 10-11-2024, 19:38
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,402
Rept. Given: 969
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,665
Thanks Rcvd at 484 Times in 343 Posts
niculaita Reputation: 89
what about these https://mega.nz/file/S0h30aTa#ca0vJpwlP5qQZmyOcMmhiPrHEkZIpTdrlgmtPpZd4JQ ?
__________________
Decode and Conquer
Reply With Quote
  #6  
Old 10-11-2024, 20:35
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,172
Rept. Given: 334
Rept. Rcvd 233 Times in 123 Posts
Thanks Given: 276
Thanks Rcvd at 566 Times in 314 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
I"m having "NT AUTHORITY\SYSTEM"
instead of "Trusted Installer"

https://prnt.sc/7fjfqwv-P5GQ

is that expected?
Reply With Quote
  #7  
Old 10-12-2024, 02:55
HarrySpoofer HarrySpoofer is offline
Friend
 
Join Date: Jul 2018
Posts: 30
Rept. Given: 0
Rept. Rcvd 3 Times in 2 Posts
Thanks Given: 7
Thanks Rcvd at 31 Times in 13 Posts
HarrySpoofer Reputation: 4
Quote:
Originally Posted by sendersu View Post
@HarrySpoofer
thanks for nice piece of work!

If you don't mind I"d provide some small feedback:

1) I'd do case insensitive comparison inside the GetProcessIdByName() routine
-> if (pe.szExeFile == processName)

2) compiler is unhappy on setting signed int to unsided dword;
warning C4245: 'initializing': conversion from 'int' to 'DWORD', signed/unsigned mismatch

do you know if Windows has got some define for wrong pid values?
eg smth like INVALID_HANDLE_VALUE

3) be honest, did you leave an Easter Egg in one routine?

kudos!
Thank for the feedback.
I made the changes you suggested and updated the attachment and the link.

BTW: I did not put an Easter egg in it, I added new icons, though.

Last edited by HarrySpoofer; 10-12-2024 at 05:34.
Reply With Quote
The Following 3 Users Say Thank You to HarrySpoofer For This Useful Post:
niculaita (10-16-2024), sendersu (10-12-2024), wx69wx2023 (10-12-2024)
  #8  
Old 10-12-2024, 03:01
HarrySpoofer HarrySpoofer is offline
Friend
 
Join Date: Jul 2018
Posts: 30
Rept. Given: 0
Rept. Rcvd 3 Times in 2 Posts
Thanks Given: 7
Thanks Rcvd at 31 Times in 13 Posts
HarrySpoofer Reputation: 4
That is correct.

to verify that you have the `Trusted Installer` privileges, execute this at the command line:
Code:
whoami /groups
...and look for a membership in the `NT SERVICE\TrustedInstaller` group:

On my system the output looks like this:
Code:
C:\Profiles\Admin>whoami /groups

GROUP INFORMATION
-----------------

Group Name                             Type             SID                                                            Attributes
====================================== ================ ============================================================== ===============================================================
Mandatory Label\System Mandatory Level Label            S-1-16-16384
Everyone                               Well-known group S-1-1-0                                                        Mandatory group, Enabled by default, Enabled group
BUILTIN\Users                          Alias            S-1-5-32-545                                                   Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\SERVICE                   Well-known group S-1-5-6                                                        Mandatory group, Enabled by default, Enabled group
CONSOLE LOGON                          Well-known group S-1-2-1                                                        Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users       Well-known group S-1-5-11                                                       Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization         Well-known group S-1-5-15                                                       Mandatory group, Enabled by default, Enabled group
NT SERVICE\TrustedInstaller            Well-known group S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464 Enabled by default, Enabled group, Group owner
LOCAL                                  Well-known group S-1-2-0                                                        Mandatory group, Enabled by default, Enabled group, Group owner
BUILTIN\Administrators                 Alias            S-1-5-32-544                                                   Mandatory group, Enabled by default, Enabled group
Quote:
Originally Posted by sendersu View Post
I"m having "NT AUTHORITY\SYSTEM"
instead of "Trusted Installer"

https://prnt.sc/7fjfqwv-P5GQ

is that expected?
Reply With Quote
The Following User Says Thank You to HarrySpoofer For This Useful Post:
sendersu (10-12-2024)
  #9  
Old 10-12-2024, 03:44
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,172
Rept. Given: 334
Rept. Rcvd 233 Times in 123 Posts
Thanks Given: 276
Thanks Rcvd at 566 Times in 314 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Quote:
Originally Posted by HarrySpoofer View Post
Thank for the feedback.
I made the changes you suggested and updated the attachment and the link.

BTW: I did not put an Easter egg in it, I added new icons, though.

I was under impression this line is it -

>> wctomb_s(&mbCharLen, &buff[0], 42, wc);
Reply With Quote
  #10  
Old 10-12-2024, 04:09
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,172
Rept. Given: 334
Rept. Rcvd 233 Times in 123 Posts
Thanks Given: 276
Thanks Rcvd at 566 Times in 314 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
one more question:
it is really require d to enable this priv lvl?

>EnablePrivilege(SE_DEBUG_NAME);
Reply With Quote
  #11  
Old 10-12-2024, 04:32
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,172
Rept. Given: 334
Rept. Rcvd 233 Times in 123 Posts
Thanks Given: 276
Thanks Rcvd at 566 Times in 314 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
one more feedback:

is it OK to delegate memory zero-ing to compiler?

eg instead of calling WinAPI ZeroMemory()

just do

STARTUPINFOW startupInfo = { 0 };
Reply With Quote
  #12  
Old 10-12-2024, 05:22
HarrySpoofer HarrySpoofer is offline
Friend
 
Join Date: Jul 2018
Posts: 30
Rept. Given: 0
Rept. Rcvd 3 Times in 2 Posts
Thanks Given: 7
Thanks Rcvd at 31 Times in 13 Posts
HarrySpoofer Reputation: 4
Quote:
Originally Posted by sendersu View Post
I was under impression this line is it -
>> wctomb_s(&mbCharLen, &buff[0], 42, wc);
Well it is the answer to the ultimate question of life, the universe, and everything but I should have put MB_LEN_MAX in there.

Quote:
Originally Posted by sendersu View Post
one more feedback:
is it OK to delegate memory zero-ing to compiler?
Yes, it is a matter of habit

Quote:
Originally Posted by sendersu View Post
one more question:
it is really require d to enable this priv lvl?
>EnablePrivilege(SE_DEBUG_NAME);
Yes, this is the reason why you need to be an `Administrator` to become the `Trusted Installer`

Last edited by HarrySpoofer; 10-12-2024 at 05:37.
Reply With Quote
The Following User Says Thank You to HarrySpoofer For This Useful Post:
sendersu (10-12-2024)
  #13  
Old 10-12-2024, 17:35
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,172
Rept. Given: 334
Rept. Rcvd 233 Times in 123 Posts
Thanks Given: 276
Thanks Rcvd at 566 Times in 314 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
I"ve ran the PVS Tool against the tool,
I"d like to note -very well done!

some minor suggestions: https://prnt.sc/vQpQVeHUiyV0

eg:
DWORD GetProcessIdByName(wstring processName)
->
DWORD GetProcessIdByName(const wstring& processName)

and similar ones

2) there are some potential set of handle leaks (not closed)

3) I've commented out this enablement:
//EnablePrivilege(SE_DEBUG_NAME);
and the tool still works?!

4) imagine that some end user is having localized Windows OS, eg chinese or japanese or some arabic, etc
how about supporting these users as well?

IMHO in this case the routine
std::string GetLastErrorAsString()

need to be unicode (wide string) aware

Last edited by sendersu; 10-12-2024 at 17:42.
Reply With Quote
The Following 2 Users Say Thank You to sendersu For This Useful Post:
HarrySpoofer (11-02-2024), niculaita (10-13-2024)
  #14  
Old 10-13-2024, 13:34
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,402
Rept. Given: 969
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,665
Thanks Rcvd at 484 Times in 343 Posts
niculaita Reputation: 89
Quote:
Originally Posted by sendersu View Post
I"ve ran the PVS Tool against the tool,
I"d like to note -very well done!

some minor suggestions: https://prnt.sc/vQpQVeHUiyV0

eg:
DWORD GetProcessIdByName(wstring processName)
->
DWORD GetProcessIdByName(const wstring& processName)

and similar ones

2) there are some potential set of handle leaks (not closed)

3) I've commented out this enablement:
//EnablePrivilege(SE_DEBUG_NAME);
and the tool still works?!

4) imagine that some end user is having localized Windows OS, eg chinese or japanese or some arabic, etc
how about supporting these users as well?

IMHO in this case the routine
std::string GetLastErrorAsString()

need to be unicode (wide string) aware
please post upload your compilation cause first one does not work well on my pc with win 11 pro 23h2
__________________
Decode and Conquer
Reply With Quote
  #15  
Old 10-13-2024, 19:02
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,172
Rept. Given: 334
Rept. Rcvd 233 Times in 123 Posts
Thanks Given: 276
Thanks Rcvd at 566 Times in 314 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
what is the issue you are observing?
I"ve tested the tool on both Win7 & Win11 (24H2), no issues seen so far so good.
https://ibb.co/w6MdnDt

my updates are included over here https://workupload.com/file/dyMPqZYgZqM

fixed handles leak,
introduced one macro that simplifies reading of the code (IMHO)

PS the only thing left that I thinking about - support of std::wstring for exceptions throwing, but it turned out std::exception does not like wstring, so not that easy
Reply With Quote
The Following User Gave Reputation+1 to sendersu For This Useful Post:
niculaita (10-16-2024)
The Following 2 Users Say Thank You to sendersu For This Useful Post:
besoeso (10-16-2024), niculaita (10-16-2024)
Reply

Tags
context menu, source, trusted installer

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On



All times are GMT +8. The time now is 18:37.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )