#1
|
|||
|
|||
Run as Trusted Installer context menu
This a a context menu extension for MS-Windows which allows you to run any program as the "Trusted Installer" with more privileges than the Administrator or System.
You can use it to run Windows Explorer or `regedit.exe` ...or any other program. INSTALLATION: Run the attached install.bat file ... or copy the `RunAsTI.exe` to your `Windows\System32` directory and merge the `RunAsTI.reg` file into the Windows Registry. BUILD: Open the `RunAsTI.sln` file in Visual Studio 2019, right-click on the Solution 'RunAsTI' in the Solution Explorer and select "Build Solution". A new `RunAsTI.exe` will be generated in the `x64\Release\` or `x64\Debug\` directory. TO USE: Right-click on any program in Windows Explorer and select "Run as Trusted Installer". You must be the Administrator in order to become the Trusted Installer. You can see how it looks like on the following screenshot: https://imgur.com/a/xOOO63t Full source and the compiled .exe file are attached and at the link below: https://gofile.io/d/QK20BZ Last edited by HarrySpoofer; 11-02-2024 at 22:38. Reason: Update |
The Following 5 Users Say Thank You to HarrySpoofer For This Useful Post: | ||
NoneForce (10-12-2024), sendersu (10-11-2024), skypeaful (10-12-2024), user_hidden (10-11-2024), wx69wx2023 (10-11-2024) |
#2
|
|||
|
|||
thanks for share, the link is down (https://file.io/X2yKt7tgv93x)
|
#3
|
|||
|
|||
@HarrySpoofer
thanks for nice piece of work! If you don't mind I"d provide some small feedback: 1) I'd do case insensitive comparison inside the GetProcessIdByName() routine -> if (pe.szExeFile == processName) 2) compiler is unhappy on setting signed int to unsided dword; warning C4245: 'initializing': conversion from 'int' to 'DWORD', signed/unsigned mismatch do you know if Windows has got some define for wrong pid values? eg smth like INVALID_HANDLE_VALUE 3) be honest, did you leave an Easter Egg in one routine? kudos! |
The Following User Gave Reputation+1 to sendersu For This Useful Post: | ||
niculaita (10-11-2024) |
The Following User Says Thank You to sendersu For This Useful Post: | ||
niculaita (10-11-2024) |
#4
|
|||
|
|||
The code is pretty much identical to the https://github.com/lilkui/runasti repository.
The only difference is that somebody refactored everything to camel case (e.g. "get_process_id_by_name(const string process_name)" becomes "GetProcessIdByName(wstring processName)"). The code in the repository already has some of the bugs fixed! |
The Following 2 Users Say Thank You to Kerlingen For This Useful Post: | ||
blue_devil (10-11-2024), niculaita (10-11-2024) |
#5
|
||||
|
||||
what about these https://mega.nz/file/S0h30aTa#ca0vJpwlP5qQZmyOcMmhiPrHEkZIpTdrlgmtPpZd4JQ ?
__________________
Decode and Conquer |
#6
|
|||
|
|||
I"m having "NT AUTHORITY\SYSTEM"
instead of "Trusted Installer" https://prnt.sc/7fjfqwv-P5GQ is that expected? |
#7
|
|||
|
|||
Quote:
I made the changes you suggested and updated the attachment and the link. BTW: I did not put an Easter egg in it, I added new icons, though. Last edited by HarrySpoofer; 10-12-2024 at 05:34. |
The Following 3 Users Say Thank You to HarrySpoofer For This Useful Post: | ||
#8
|
|||
|
|||
That is correct.
to verify that you have the `Trusted Installer` privileges, execute this at the command line: Code:
whoami /groups On my system the output looks like this: Code:
C:\Profiles\Admin>whoami /groups GROUP INFORMATION ----------------- Group Name Type SID Attributes ====================================== ================ ============================================================== =============================================================== Mandatory Label\System Mandatory Level Label S-1-16-16384 Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group BUILTIN\Users Alias S-1-5-32-545 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\SERVICE Well-known group S-1-5-6 Mandatory group, Enabled by default, Enabled group CONSOLE LOGON Well-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group NT SERVICE\TrustedInstaller Well-known group S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464 Enabled by default, Enabled group, Group owner LOCAL Well-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group, Group owner BUILTIN\Administrators Alias S-1-5-32-544 Mandatory group, Enabled by default, Enabled group |
The Following User Says Thank You to HarrySpoofer For This Useful Post: | ||
sendersu (10-12-2024) |
#9
|
|||
|
|||
Quote:
I was under impression this line is it - >> wctomb_s(&mbCharLen, &buff[0], 42, wc); |
#10
|
|||
|
|||
one more question:
it is really require d to enable this priv lvl? >EnablePrivilege(SE_DEBUG_NAME); |
#11
|
|||
|
|||
one more feedback:
is it OK to delegate memory zero-ing to compiler? eg instead of calling WinAPI ZeroMemory() just do STARTUPINFOW startupInfo = { 0 }; |
#12
|
|||
|
|||
Quote:
Quote:
Yes, this is the reason why you need to be an `Administrator` to become the `Trusted Installer` Last edited by HarrySpoofer; 10-12-2024 at 05:37. |
The Following User Says Thank You to HarrySpoofer For This Useful Post: | ||
sendersu (10-12-2024) |
#13
|
|||
|
|||
I"ve ran the PVS Tool against the tool,
I"d like to note -very well done! some minor suggestions: https://prnt.sc/vQpQVeHUiyV0 eg: DWORD GetProcessIdByName(wstring processName) -> DWORD GetProcessIdByName(const wstring& processName) and similar ones 2) there are some potential set of handle leaks (not closed) 3) I've commented out this enablement: //EnablePrivilege(SE_DEBUG_NAME); and the tool still works?! 4) imagine that some end user is having localized Windows OS, eg chinese or japanese or some arabic, etc how about supporting these users as well? IMHO in this case the routine std::string GetLastErrorAsString() need to be unicode (wide string) aware Last edited by sendersu; 10-12-2024 at 17:42. |
The Following 2 Users Say Thank You to sendersu For This Useful Post: | ||
HarrySpoofer (11-02-2024), niculaita (10-13-2024) |
#14
|
||||
|
||||
Quote:
__________________
Decode and Conquer |
#15
|
|||
|
|||
what is the issue you are observing?
I"ve tested the tool on both Win7 & Win11 (24H2), no issues seen so far so good. https://ibb.co/w6MdnDt my updates are included over here https://workupload.com/file/dyMPqZYgZqM fixed handles leak, introduced one macro that simplifies reading of the code (IMHO) PS the only thing left that I thinking about - support of std::wstring for exceptions throwing, but it turned out std::exception does not like wstring, so not that easy |
The Following User Gave Reputation+1 to sendersu For This Useful Post: | ||
niculaita (10-16-2024) |
Tags |
context menu, source, trusted installer |
Thread Tools | |
Display Modes | |
|
|