Re: Escalation of privilege
From: Torgeir Bakken (MVP) (Torgeir.Bakken-spam_at_hydro.com)
Date: Mon, 24 Nov 2003 10:42:10 +0100
Nicolas Macarez wrote:
> Torgeir Bakken (MVP) wrote:
> > At least one of the buy-products can do this it looks like:
> > From http://www.netexec.de/
> > <quote>
> > Temporary Administrator group memberships
> > Another feature that make NetExec a excellent choice for software
> > installation scenarios are extended group memberships. Using this
> > feature it is possible to run a process under a non-privileged user
> > account, but inside this process the user becomes also a member of
> > the Administrators group. Therefore the app uses the profile,
> > settings and home directory of the non-privileged user account,
> >but runs with Administrator privileges.
> > </quote>
> I ran netexec, mainly the localexec utility w/ the command line features.
> The command line syntax was :
> localexec C:\Scripts\leader.vbs ACCOUNT=administrateur
> PASSWORD=PassAdmin2003 /NODIALOG /NOPROFILE
> I ran this command as leader4, a user without any admin privileges.
> Unfortunately, again it was the registry of the administrateur account which
> was modifed, and not that of leader4.
> It seems that it is not was you say above - unless I am not running the tool
> correctly, with the suitables options, whihch is what I hope...
> Help greatly appreciated and thanks for your patience!
I haven't used this product myself, but I took a look at he help file and didn't
get any wiser of that. You could maybe send a e-mail to the company and ask them
about this: http://www.netexec.de/kontakt.html
-- torgeir Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: http://www.microsoft.com/technet/scriptcenter