Advanced Run v3.0
Advanced Run - is the most powerful free launcher that allows you to run any program, run any command line command, open and edit and print documents on behalf of any user account without switching between users.
Advantages:
• Advanced Run substitutes standard Windows Run feature so it is easy to run it by pressing <Win>+<R> standard key combination.
• Pick Advanced Run... context menu item on whatever file you want to run or open.
• Pick any user account you need, type it's password and run a command without switching between users.
• Select security profile to gain or reduce the privileges of the process you run.
• Use command templates to dramatically automate your frequent and routine actions.
• Specify implicitly shell verbs to perform additional actions on the file you need to open.
• Use command shortcuts to automate your routine work.
• Share your settings, security profiles and command shortcuts within your corporate network.
• Take advantage of preinstalled security profiles and a whole bunch of useful command shortcuts.
• Advanced Run has always been and always will be completely free!
Forget about Fast User Switching (FUS) because it's not fast enough as you need. Use Advanced Run because it is simple, it is flexible, it is powerful and it is completely free! Enjoy!
System requirements:
• Windows XP (recomended Service Pack 2 or higher)
• Windows Vista
• System restart is required
Current release imitations:
• 64-bit platforms are not supported
Homepage: http://ilyns.com/advr_info.asp
Homepage: http://ilyns.com/advanced-run.asp
Скачать: Advanced Run v3.0
Run-Command v6.11
Run-Command - is a small, portable windows program and created as an alternative to the standard Windows Run-Dialog.
In this program you will find a number of improvements for example, the function run as administrator and add to favorites commands for frequently used commands. You can comfortably manage the favorites and grouping by command categories is also possible.
Key Features in Run-Command:
◆ Run programs via favorite commands
◆ Run commands as administrator
◆ Supports Windows Environment Variables
◆ Custom Keyboard shortcut
◆ Execute programs via the command line
Other Specifications:
◆ Very small program
◆ Portable
◆ Multilingual
Here's ► ... a List of Windows Shell:Folders Commands that can be used in the Run-Command
Installation of Alternative Run Dialog for Windows:
Run-Command text does not require installation, can easily be launched from the desktop with no installation and is ready to use on all Windows operating systems.
Homepage: https://www.softwareok.com/?seite=Microsoft/Run-Command
Скачать: Run-Command v6.11
ShellRunas v1.02
Introduction
The command-line Runas utility is handy for launching programs under different accounts, but it’s not convenient if you’re a heavy Explorer user. ShellRunas provides functionality similar to that of Runas to launch programs as a different user via a convenient shell context-menu entry.
Using ShellRunas
Usage:
shellrunas /reg [/quiet]
shellrunas /regnetonly [/quiet]
shellrunas /unreg [/quiet]
shellrunas [/netonly] <program> [arguments]
Parameter |
Description |
/reg |
Registers ShellRunas shell context-menu entry |
/regnetonly |
Registers Shell /netonly context-menu entry
Note: a command prompt will flash when the program starts |
/unreg |
Unregisters ShellRunas shell context-menu entry |
/quiet |
Register or unregisters ShellRunas shell context-menu entry without result dialog |
/netonly |
Use if specified credentials are for remote access only |
<program> |
Runs program with specified credentials and parameters |
Runs on:
• Client: Windows Vista and higher.
• Server: Windows Server 2008 and higher.
Homepage: https://learn.microsoft.com/en-us/sysinternals/downloads/shellrunas
Скачать: ShellRunas v1.02
RunAsRob v3.7.0.0
Run a specific application as administrator from user to limit administrator rights
Start application as administrator, under system account with highest privileges and bypass the UAC or use other different credentials
If you understand the simple method of RunAsRob, it is easy to integrate it very effective for a lot of various purposes on a single workstation, up to a large domain forest to grant admin privileges to particular applications or folders, instead to users.
Run as system, run as administrator, run as service or run as another user are the four different start possibilities.
Each of the four parts has its own advantages depend on your environment, program, purpose and aim.
• Allow standard users to execute a program, which need administrator rights.
• Distribute certain applications or updates by simply copying the setup file into a directory with read permissions for users
who can install this provided software themselves via RunAsRob, after this directory is authorized via RunAsAdmin.
• Delegate administrative tasks to limited users or any other specific user group,
by authorizing this tasks in RunAsAdmin, combined with folder permissions for this task to specific group.
• Bypass UAC dialog by starting the application under system account.
• Launch an application with temporary administrator rights for a limited user to a specific program.
By this option, the limited account use its own window profile and setting like printers, shares... to start the application with administrative rights.
• Run application as service after system start with highest privileges, before a user is logged in.
• Start a script as admin with elevated system privileges.
• . . .
See below for details, examples and how to use each of the four parts of RunAsRob.
1 Run application under system account.
2 Run application as administrator.
3 Run application as service.
4 Run application as another user.
Homepage: https://runasrob.com/index.html
Homepage: https://robotronic.net/runasrobde.html
Homepage: https://robotronic.net/runasroben.html
Скачать: RunAsRob v3.7.0.0
RunAsSpc v4.4.0.0
Runas with password and encrypted administrator credentials by RunAsSpc
Run application as different user or start program as administrator from a standard account like the runas command, but including password and encryption.
The application and account information can pass directly in plain text
or can be read out from an encrypted file.
This encrpyted file is created on command line by runasspc.exe or via the graphical user interface RunAsSpcAdmin.
RunAsSpc need no installation and is portable with all options for a lot of possibilities.
• A standard user can install a program, driver, update, security patch via an encrypted file, configured and created by an administrator.
This encrypted file can be on local computer, network share, memory stick or sent by email.
• Users often work under administrator account, because a program needs administrator rights.
By using RunAsSpc, a limited user need no longer login as administrator to run this application.
• Run internet browser as administrator makes the system vulnerable to viruses, hacker attacks and other security risks.
Surfing with a limited account decreases the risk.
Use RunAsSpc to start the internet browser with a limited user account.
• You have to instruct a non admin user to configure a client computer or to do any other specific administrator job,
without give him the administrator account login information.
Then simply send him an encrypted file for this task.
• You can run a specific application as different user.
Useful if you need the login to an application with two different accounts on the same Windows logon session,
because you have to do a task with another account or you must do the job of your college for a while.
• Use RunAsSpc instead of runas savecred,
because the parameter /savecred of runas store the credentials on Windows, that everyone can use it for all programs at every time.
Homepage: https://robotronic.net/runasspc.html
Homepage: https://robotronic.net/runasspcen.html
Скачать: RunAsSpc v4.4.0.0 / II
Executor v1.0.11
~Settings for keywords, commands and startup parameters~
Executor - is a multi purpose tool to help you ease your daily computer workflow. Launch programs, manage clipboard, manage running apps, do fast calculations, quick launch internet searches, file path autocomplete and history. Want to assign a hotkey that paste the second item from the clipboard? It can do this as well. There's a vast amount of features and customization to help you out for all sorts of things, and also features and settings for power users to really tweak workflows, launch multiple items of the already mentioned functionality with one command etc. Has an easy browsable history and customizable auto complete system. It's all free on a MIT license free for commercial use, but feel free to donate ;-)
Features:
• Keywords have properties like shortcuts, and you can for example drag-drop a shortcut/file/folder/favorite to add it as a keyword.
• Auto-completion for keywords, file system and history (can also be configured).
• Url detection, Enter URLs directly (like www.google.com, mail.google.com, google.com or http://www.google.com).
• Keywords support parameters. Example "google latest executor" "wiki nirvana".
• Besides keywords Executor can also optionally and dynamically add matching start-menu items (including UWP Apps), control panel items and other handy items to the drop-down/list.
• Ability to add your own paths to scan for user defined file extensions.
• Each keyword can be assigned a hotkey, so Executor can also perform like many popular hotkey managers.
• Keyword control, have keyword open program(s) minimized, with admin access, make sure only one instance is running of program and more
• Can add keyword integration with popular services like GMail, Twitter, GCal, RTM and many others (see forums for howto's, tutorials and tips).
~Full Info~
Requirements/supports:
• Win11/Win10/Win8/Win7/Vista/XP/2003/Windows 2000
• 64bit/32bit support
Homepage: https://executor.dk
Скачать: Executor v1.0.11
PowerRun v1.6
PowerRun - is a portable freeware to launch regedit.exe, Cmd.exe or other software with the same privileges as the TrustedInstaller / Nt Authority/system Why would you need it? Sometimes it is just not enough to just be running as Administrator, Maybe it’s a file or a registry key that is locked or not editable, PowerRun a tool with this powerful privilege most likely solve that, PowerRun doesn’t require any installation process or additional dll files.
How to use: After downloading, extract PowerRun to your desired location, then run it. You can drag and drop any files on it for example ; program files, Program files shortcuts, script files, text files usw. to run a listed file in TrustedInstaller/SYSTEM privileges you can select it and use run button or right click on it and choose “Run File” feature, the file will run with Highest privileges, you can check the Task manager’s details tab to verify that the selected file running under SYSTEM Privileges.
If you’re trying to edit or delete keys from the registry, you might find that some keys won’t let you do anything with them and you’ll get an error such as “Cannot delete xxxxx: Error while deleting key”. These keys are usually protected to stop accidental deletion, You could also be the administrator on the computer, but still can’t manipulate the required key.
Even though the administrator account has a great deal of control, there are other hidden accounts and levels on the system which have even greater access and therefore standard administrator privileges are not enough. To solve this problem, you have to force the registry to allow the logged on user full control of the subkeys in such cases PoweRun can help you : use the “Launch Registry Editor” button.
Copy desired registry key and click “Open” button, PowerRun will open regedit (with Highest Privileges) and jump to the key Automatically. If you want to add any parameter to listed script or program rigt click on it and use “Edit Item” or just use wrench Button.
For automation purpose PowerRun allows you to create a vbs or bat file with necessary parameters in it, to use this feature:
1. Select the Program
2. And use Edit – create – Create bat/Vbs File feature
Don’t forget to run the script in the same folder with PowerRun.exe or PowerRun_x64.exe
Choosing between System or TrustedInstaller Privileges
You can use PowerRun.exe Only with SYSTEM privileges, to do that; Please open PowerRun.ini with a text editor and change “TrustedInstaller=1” Value, from “1” to “0”.
To see all the supported cmd parameters of PowerRun, use PowerRun.exe ? command.
NOTE: PowerRun can not run only with “TrustedInstaller” privileges it can also run with “Nt Authority/system” privileges.
Supported operating systems: Windows 11, Windows 10, Windows 8.1, Windows 8 and Windows 7
Homepage: https://www.sordum.org/9416/powerrun-v1-6-run-with-highest-privileges/
Скачать: PowerRun v1.6 / II
RunAsTool v1.5
Windows’ built-in “Run-As” command allows you to launch a program as a different user account than the one currently active, However, runas.exe cannot be fully automated as it requires that the user typein the password for the alternate account. RunAsTool is portable freeware which allows standard users to run a specific program with administrator privileges without the need to enter the administrator password. This allows you to provide standard (non-admin) users with access to programs that require admin rights.
Under a restricted account, some programs may not run correctly due to missing administrator rights, therefore many users are given administrator accounts, making the system more vulnerable to malware, viruses and other security risks. With RunAsTool, you can correct this.
To run Properly RunAsTool need to install on a windows system which has an Administrator account with password.The login information for the application like username and password are read from an encrypted file – You don’t have to worry about your Admin Password.
RunAsTool v1.5 – What’s New – (Freitag, 2. September 2022)
1. [Added] – ability to attach a file in network location (\\BlueLife\ExampleFolder)
2. [Added] – option to reset previous list (/R) for import Cmd parameter
3. [Added] – parameter to uninstall program (RunAsTool.exe /Uninstall)
4. [Fixed] – The text in the program interface is tiny
5. [Fixed] – Improvements in the code of the program
6. [Fixed] – A small Bug in parameter and a character corruption in import parameter information
How to use
With RunAsTool there is no need to use a CMD prompt or any parameter in order to allow a standard user to run a program with admin rights. Just download, extract, and launch RunAsTool.
Supported operating systems: Windows 11, Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Vista, Windows Xp
Homepage: https://www.sordum.org/8727/runastool-v1-5/
Homepage: https://www.sordum.net/22523/runastool-v1-0-kisitli-kullanici-altinda-admin-yetkisi/
Скачать: RunAsTool v1.5 / II
RunAsDate v1.41
RunAsDate - is a small utility that allows you to run a program in the date and time that you specify. This utility doesn't change the current system date and time of your computer, but it only injects the date/time that you specify into the desired application.
You can run multiple applications simultaneously, each application works with different date and time, while the real date/time of your system continues to run normally.
How does it work ?
RunAsDate intercepts the kernel API calls that returns the current date and time (GetSystemTime, GetLocalTime, GetSystemTimeAsFileTime, NtQuerySystemTime, GetSystemTimePreciseAsFileTime), and replaces the current date/time with the date/time that you specify.
System Requirements
RunAsDate works under Windows 2000, Windows XP, Windows Server 2003, Windows Server 2008, Windows Vista, Windows 7, Windows 8, and Windows 10. Older versions of Windows are not supported. There is also x64 version available in a separated download, for using with x64 applications.
Important Notice !!
I get many email messages that say something like "I tried to extend the trial period of xyz software with RunAsDate and it didn't work". Running a software with different date/time can be used for many legitimate purposes and for these purposes RunAsDate was created. I have never said implicitly or explicitly that RunAsDate can be used for extending the trial period of a software. For some shareware programs, RunAsDate might really work, but many shareware creators are smart enough to detect that the date/time was modified and when they detect the time change, they end the trial period immediately.
Please don't bother yourself to send me a question about extending the trial period of a software, because these kind of messages are simply deleted without answering.
Using RunAsDate
RunAsDate doesn't require any installation process or additional DLL files. In order to start using it, simply copy the executable file (RunAsDate.exe) to any folder you like, and run it.
In the main window of RunAsDate, select the desired date and time and the application that you want to run. Optionally, you can also specify the command-line parameters to run the program. Press the "Run" button to start the application with the specified date/time.
Immediate Mode
In versions prior to 1.03, RunAsDate always waited until the kernel was fully loaded, and only then injected the desired date/time. This mean that some programs that get the date/time im very early stage, received the real current date/time, instead of the fake date/time of RunAsDate. Starting from version 1.03, when the 'Immediate Mode' is turned on, RunAsDate inject the date/time immediately when the process starts, without waiting to the kernel loading. However, this mode can also cause troubles to some applications, especially if they were written in .NET
If executing an application from RunAsDate cause it to crash, you should turn off the 'Immediate Mode'.
Attach To Process
Starting from version 1.40, RunAsDate allows you to attach a running process, instead of creating a new one. After the dll of RunAsDate is attached to the process, the process will see the current date/time according to the settings you selected in the main window of RunAsDate.
In order to use this feature, select the desired date/time settings, click the 'Attach To Process', select the desired process, and then click the 'Attach To Selected Process' button.
Before start using this feature, be aware:
• Currently, there is no option to detach from process.
• If you attach to a process more than once, the newer time settings will override the previous time settings. It's important to say that this tool is not designed for attaching a process multiple times. It's just a side effect that may be useful for some people.
• When using the 'Attach To Process' feature, there is higher risk that the application will crash.
• It's highly recommended to avoid from attaching a system process or critical process.
• In order to attach a 64-bit process, you have to use the 64-bit version of RunAsDate.
• In order to attach an elevated process, you have to run the RunAsDate tool as Administrator.
Homepage: https://www.nirsoft.net/utils/run_as_date.html
Скачать: RunAsDate v1.41
AdvancedRun v1.51
AdvancedRun - is a simple tool for Windows that allows you to run a program with different settings that you choose, including - low or high priority, start directory, main window state (Minimized/Maximized), run the program with different user or permissions, Operating system compatibility settings, and environment variables. You can also save the desired settings into a configuration file and then run the program automatically from command-line with the desired settings.
Examples of what you can do with AdvancedRun
• Run the RegEdit of Windows as normal user on Windows 11/10/8/7/Vista, without elevation. In this mode, you'll not be able to access or modify Registry keys that require admin rights.
• Run the RegEdit of Windows as SYSTEM user on Windows 11/10/8/7/Vista. In this mode, you'll be able to access the HKEY_LOCAL_MACHINE\SECURITY key.
• Run RegEdit as TrustedInstaller on Windows 11/10/8/7/Vista.
• Run a program as 'NT AUTHORITY\Network Service' account
• Run a program as 'NT AUTHORITY\Local Service' account
• Run a program with a user of another running process.
• Run a program with another logged-in user, without typing the password of the user.
• Run a program in high priority.
• Run a specific instance of program in Windows XP compatibility mode, without making global changes in the Registry.
• Run a specific instance of program with different PATH environment string, but without modifying the PATH string of the entire system and without using batch files or command prompt window.
• Run a program with a full set of environment variables you choose, ignoring the system environment variables completely.
• Run a program on remote computer by using a temporary service (Requires full admin access on the remote machine)
System Requirements
This utility works on any version of Windows, starting from Windows XP and up to Windows 11. Both 32-bit and 64-bit systems are supported. Some of the features, like 'Run As SYSTEM User' and 'Run As user of selected process' are not supported on Windows XP.
Start Using AdvancedRun
AdvancedRun doesn't require any installation process or additional dll files. In order to start using it, simply run the executable file - AdvancedRun.exe
After running AdvancedRun, you can choose the .exe file you want to run and all other settings and then click the 'Run' button to run the program with the settings you chose.
------------
AdvancedRun Options
• Run Mode: Allows you to choose one of the following modes to run a program:
○ Run .EXE File: Simply run the specified .exe file. This is the default option.
○ ShellExecute - Open the specified file, folder, or URL with the default program: This run mode allows you to open the specified file with the default program on your system, for example: If you specify .mp4 file, the file will be played with the default media player that plays .mp4 files on your system.
If you specify a folder on your system, the folder will be opened in Windows Explorer. You can also choose 'explore' from the Action combo-box, so the folder will be opened in Explore mode.
You can also specify special GUID strings in order to open specific type of Windows. For example: The following string will open the 'My Computer' window:
::{20d04fe0-3aea-1069-a2d8-08002b30309d}
If you specify a URL, the URL will be opened with the default Web browser on your system.
Optionally, you can also specify the desired action, instead of the default one, like edit, print, and so on. Specifying another action only works if it's supported by installed program on your system.
○ Command Prompt - Execute command or batch file of Windows Command Prompt (cmd.exe): This run mode allows you to execute a command of Windows Command Prompt (e.g: dir, attrib, del) or a batch file. You can also choose to leave the command window opened or to close it after the command is executed.
The command is executed inside the folder specified in the 'Start Directory' field. For example, if you specify the 'dir' command, and the 'Start Directory' field is 'C:\Program Files' then the files and folders inside 'C:\Program Files' will be listed.
If you want to execute a command or batch file without displaying anything on the screen, you have to choose 'Close window after executing commands' and also choose 'Hidden' in the 'Main Window State' field.
○ PowerShell Command - Execute the specified PowerShell Command: This run mode allows you to execute a PowerShell command (e.g: Get-Process, Get-Service, Get-PSDrive). Like the Command Prompt option, you can choose to leave the PowerShell command window opened or to close it after the command is executed.
○ PowerShell Script File - Run the specified PowerShell script (.ps1 file): This run mode allows you to execute the specified PowerShell script file (.ps1 file). Like the previous modes, you can choose to leave the PowerShell command window opened or to close it after the script is executed.
• Program to Run: The .exe filename that you want to run. You can also specify environment variables here, for example: %windir%\system32\regedit.exe
• Command-Line Arguments: The command-line string to pass to the program.
• Start Directory: Specifies the start directory of the program. If you don't specify it, the directory of the .exe file will be used. You can also specify environment variables here, for example: %appdata%\Microsoft
• Run on remote computer with temporary Windows service: If you choose this option, the AdvancedRun tool will run the specified program on a remote machine by using a temporary Windows service. If you don't specify a computer name, AdvancedRun will run the specified program from temporary Windows service installed on your local computer.
Be aware that you need a full admin access to the remote computer (Including admin share, like \\192.168.0.100\admin$ ) in order to use this feature.
Also, if the remote computer has 32-bit operating system, you should use the 32-bit version of the AdvancedRun tool, because the AdvancedRun .exe file you use is sent to the remote computer to run as service.
• Use search path to find the program location if the full path is not specified: If you specify only a filename (without a directory) in the 'Program To Run' field and this option is turned on, AdvancedRun will try to locate the .exe file in all directories specified in your PATH environment variable.
• Parse the environment variables inside the command-line string before passing it to the program: If this option is turned on, any environment variable inside the command-line string will be parsed before passing it to the program. If it's turned off, AdvancedRun will not parse the environment variables inside the command-line string, allowing the running program to do the parsing.
For example if you specify '%windir%\system32' in command-line string, the program will receive it as C:\Windows\System32 if this option is turned on. If it's turned off, the program will receive it as %windir%\system32
~Full Info~
Homepage: https://www.nirsoft.net/utils/advanced_run.html
NirBlog: https://blog.nirsoft.net/2020/02/25/run-program-as-trustedinstaller/
Скачать: AdvancedRun v1.51
ExecTI - Run as TrustedInstaller v1.0.0.0
I got tired of having to take ownership and grant administrator privileges for protected Registry keys and files during the various tests I perform on my Windows PC. I coded ExecTI, a lightweight, tiny software, which allows you to execute a program as TrustedInstaller, then you are able to access protected resources like certain Registry keys and files owned by TrustedInstaller.
Starting with Windows Vista, even if an app is running elevated, it may have no access to certain Registry keys and files. A new security model introduced in Windows Vista comes with a special user account, TrustedInstaller, which is set as the owner for such files and Registry keys.
It has a simple user interface. The application has no other dialog, and options at all. It allows you to browse for an executable file (exe, cmd, or bat file), or you can type the command directly in the text box.
It is possible to enter the command with command-line arguments. For example, you can type:
regedit.exe -m
To open yet another instance of Registry Editor.
ExecTI supports Windows 7, Windows 8/8.1 and Windows 10. It should work under Windows Vista too, but I am not able to test it there.
Before you download the app, here is the note of caution:
Running programs under TrustedInstaller privileges, especially a file manager app or Regedit.exe can be VERY risky and harmful for your OS. It is like a God mode in a first-person shooter game, where nothing can stop your actions, so if you execute a malware infected file as TrustedInstaller, it can cause damage to the Windows operating system. Use this mode only if you perfectly understand what you are doing and if there is no simpler way than running it as Trusted Installer.
Homepage: https://winaero.com/execti/
Homepage: https://winaero.com/execti-run-programs-trustedinstaller/
Скачать: ExecTI v1.0.0.0
RunX v1.0.0.1
RunX - is designed to easily launch any process with System account or TrustedInstaller account privileges, in order to bypass file system and registry permissions. It is also designed to optionally pass command line arguments to that app without having to open an administrative console window and navigate to the appropriate path first, and can capture/display the app’s exit code. Usage is simple, just drag and drop an executable onto RunX.exe, or launch it normally and browse/type in the path to an executable.
RunXcmd is included and designed to do the above but for scripting purposes, when you need your script to wait on the process you are running to terminate, and/or when you or your script needs to know the process exit code via %errorlevel% output.
Either RunX or RunXcmd (depending on your needs) is a suitable replacement for ETS (Elevate To System), which is an older and slower implementation with some limitations that RunX does not have, such as not being able to run from a network drive, in addition to not having the capability of creating processes with TrustedInstaller privileges.
Compatibility and Operability:
• RunX and RunXcmd both work on all versions of Windows.
• RunX and RunXcmd are both stand-alone and fully portable applications, which can be run from anywhere, independent of each other and without any external dependencies.
License:
• RunX and RunXcmd are both FREE to use for personal and commercial purposes.
• Developers are free to use and distribute RunX or RunXcmd with their applications, provided credit is given to d7xTech, Inc. within the application help/about documentation and on the application website.
Current version: 1.0.0.1 Released May 19th, 2021 (fixed a bug with launching processes in general d7x code as explained here.)
Homepage: https://www.d7xtech.com/free-software/runx/
Скачать: RunX v1.0.0.1
RunAsTrustedInstaller v2.3.1
Run a program as TrustedInstaller (SYSTEM)
This is a twinBASIC x64-compatible port of my original VB6 project: [VB6] Run process as TrustedInstalled (NT AUTHORITY\SYSTEM) w/ full system privileges)
This version adds a couple features: tB TextBoxes support Unicode so you can now use the full UTF-16 range in the path, the plain textbox for inputting the path has been replaced with a ComboBox with MRU list, and a file picker has been added to browse for the target instead of manually typing it out (uses tbShellLib for this-- that's why the source is so large).
Update (v2.3.1): Bug fixes: Corrected bugs with ABOVE_NORMAL_PRIORITY_CLASS sign and SECURITY_ATTRIBUTES sizeof.
===
If you've been running Windows 10, 11, and even to some extent 7, you've no doubt found even a so-called Administrator account doesn't have permission to do many things. Certain files, registry keys, etc, can only be accessed with the SYSTEM account under which many OS services run. TrustedInstaller is particularly privileged among system processes: It's the owner of many protected files and registry keys, so even just running as SYSTEM would leave you needing adjust permissions to take ownership (which you might not even be able to do) before altering them. So if you look at programs that do one of the most highly protected operations, disabling Windows Defender, they impersonate this process rather than simply run as SYSTEM (and why programs like AdvancedRun have 'Run as TrustedInstaller' as a separate option in addition to 'Run as SYSTEM').
This code shows you how to use the undocumented API NtImpersonateThread to have your thread impersonate TrustedInstaller, which allows full access to duplicate it's security token and start a process with the same privileges, running as the NT AUTHORITY\SYSTEM user. A big advantage of doing it this way is that we don't have to be running as a service, like the methods used by some other privilege escalating techniques.
Nirsoft's AdvancedRun has a feature to do this, but which sadly isn't open source much less written in VB, so I wanted to create something like it in VB6. I'll probably add more features like it has in the future, but this was the most complicated and useful.
Important
You must use Run As Administrator to use this code; it simply allows an admin to be an actual admin, it cannot escalate a unprivileged normal user to administrator. It does appear to work when run from the IDE, but that will of course need to also have been run with administrator privileges.
Caution
When running as SYSTEM/TrustedInstaller, it's very easy to make mistakes that can crash your computer or break your Windows installation. For instance this grants permission to kill critical system processes, which results in an immediate bluescreen. Be very careful how you use this app.
Usage
Arguments are supported. Paths containing spaces must be enclosed in quotes.
Source: https://github.com/fafalone/RunAsTrustedInstaller
VBForums: https://www.vbforums.com/showthread.php?895287-VB6-Run-process-as-TrustedInstalled-(NT-AUTHORITY-SYSTEM)-w-full-system-privileges
Скачать: RunAsTrustedInstaller v2.3.1
Run As System v1.1
Run as System - is the useful tool for testing computer startup scripts, or if you need to figure out the behavior of a program when run as SYSTEM.
The Local System user account is a built-in account that has full access to the computer. The name of this account is "NT AUTHORITY\SYSTEM" (SID: S-1-5-18).
Using Run as System
In most cases you just need to start the command prompt (cmd) using the Run as system tool, and then you be able to execute any other command behalf of the System user.
To open a command prompt as a system account simply type 'cmd' and click Run. To run the batch (.cmd) file use the following command: 'cmd /c [filepath]'.
Homepage: https://www.apreltech.com/Free
Homepage: https://www.apreltech.com/Free/How_to_run_as_system_user
Homepage: https://apreltech.com/Blog/Run_as_system
Скачать: Run As System v1.0
Скачать: Run As System v1.1
RunAsTI v1.0.0
Launch processes with TrustedInstaller privilege
RunAsTI or RunAsTrustedInstaller
Is a tool to launch a program of choice (usually cmd.exe) with the same privileges as the TrustedInstaller. That privilege is very powerfull! Actually the tool makes a clone of the token from TrustedInstaller, and thus the newly created process has an identical token.
Why would you need it? Sometimes it is just not enough to just be running as "nt authority\system". Maybe it's a file or a registry key that is locked. Running a tool with this powerfull privilege most likely solve that. Usually such an issue may be due to Windows Resource Protection (WRP) protecting it (previously called Windows File Protection (WFP)); http://msdn.microsoft.com/en-us/library/windows/desktop/aa382503(v=vs.85).aspx
How do you run it? Simply double click it and cmd.exe will launch. Or pass it the program to launch as parameter.
There are reports that the tool does not work over an RDP session.
The tool is actually a merge of 2 previous tools; RunAsSystem and RunFromToken. The curious ones might notice that RunFromToken is attached as a resource.
Have added the original source of RunFromToken as the exe's must be present in current directory when building RunAsTi.
The tool only runs on nt6.x (Vista and later), since TrustedInstaller does not exist on earlier Windows versions.
Requirement: Administrator.
Source: https://github.com/jschicht/RunAsTI
Скачать: RunAsTI v1.0.0
Process Hacker Plugin TrustedInstaller (for PH v2.39)
This plugin allows you to create processes with TrustedInstaller privileges.
Application menu > Run: Screenshot PH v3.0x
If you're using v2.39 you'll need to manually download and install this plugin instead.
Installation instructions:
#1: Copy the plugin from the zip into your "\Process Hacker 2\plugins\" directory.
#2: Restart Process Hacker.
How to run processes with TrustedInstaller privileges:
#1: Open the Hacker menu and select the "Run as trusted installer..." menu.
You can also manually create processes with TrustedInstaller privileges without installing this plugin:
#1: Select the Services tab and start the TrustedInstaller service.
#2: Go back to the Processes tab and right-click TrustedInstaller.exe
#3: In the context menu, select the Miscellaneous > "Run as this user..." menu item.
Source: http://wj32.org/processhacker/forums/viewtopic.php?f=18&t=2407
Source: https://wj32.org/processhacker/forums/viewtopic.php?t=2407
Plugin: https://github.com/processhacker/plugins-extra/tree/master/TrustedInstallerPlugin
Plugin: https://github.com/processhacker2/plugins-extra/tree/master/TrustedInstallerPlugin
Скачать: PH Plugin TrustedInstaller
Run As System v1.0
For all 64 bit Windows systems, RunAsSystem provides a simple link in the right click menus of executables and batch files to allow you to run any program with system privileges.
Features:
• Provides a simple right click shortcut to run applications with system privileges
Source: https://runassystem.sourceforge.io/
Source: https://sourceforge.net/projects/runassystem/
Скачать: Run As System v1.0
RunAsTi 2020.04.15
Run As TrustedInstaller - запуск программы с повышенными привилегиями.
Как известно, пользователь, даже администратор, имеют ограниченные возможности доступа, к примеру он часто не может удалить некоторые файлы, не видит в RegEdit ветку SAM и т.п., даже UnLocker часто не помогает.
Утилита повышает привилегии до уровня TrustedInstaller и легко решает эти проблемы.
RunAsTI.exe - запуск процесса под System с привилегиями trustedinstaller
RunAsTI.exe /s - запуск процесса под System
Install.cmd - копирует файлы и добавляет в контекстное меню пункт "Run as trustedinstaller"
Пример запуска:
RunAsTI.exe /s d:\....\TotalCmd.exe
RunAsTI.exe d:\....\TotalCmd.exe
Если параметр не указан, будет запущена консоль (cmd.exe)
Важно - используйте полные пути в аргументах.
Источник: https://usbtor.ru/viewtopic.php?t=1452
Скачать: RunAsTi 2020.04.15
NSudo v8.2
NSudo - System Administration Toolkit
This is the source code repository of NSudo. If you wonder to visit the NSudo official website, download NSudo or read the NSudo documents etc, please visit https://nsudo.m2team.org.
This readme file will be the developer oriented document because this it is under the source code repository.
2021 Development Roadmap
■ Add Current User (Elevated) Mode.
■ Implemented in NSudo Shared Library.
■ Implemented in NSudo Launcher.
□ Use wxWidgets to implement the UI.
□ TOML-based environment configuration file.
□ Add more APIs to NSudo Shared Library.
□ Export PDF directly from the offical website.
■ Improve the Gitee mirror experience.
■ Translate the readme in the source tree root.
■ Synchronizing automatically when commits pushed.
Source: https://github.com/M2Team/NSudo
Source: https://github.com/M2TeamArchived/NSudo
Скачать: NSudo v8.2
NanaRun v1.0 Preview 2 (1.0.18.0)
Application runtime environment customization utility
Development Status of Components
■ MinSudo
□ NanaEAM
□ NanaKit
□ NanaRun (Windows)
□ NanaRun (Console)
□ NanaRun (SDK)
MinSudo
MinSudo - is a lightweight POSIX-style Sudo implementation for Windows.
It makes user possible to use elevated console apps in non-elevated consoles.
For safety, the implementation uses the UAC for elevation and don't support credential cache. It also don't use homemade Windows service and any IPC infrastructures.
Here is the usage.
Format: MinSudo [Options] Command
Options:
--NoLogo, -NoL
Suppress copyright message.
--Verbose, -V
Show detailed information.
--WorkDir=[Path], -WD=[Path]
Set working directory.
--System, -S
Run as System instead of Administrator.
--TrustedInstaller, -TI
Run as TrustedInstaller instead of Administrator.
--Privileged, -P
Enable all privileges.
--Version, -Ver
Show version information.
/?, -H, --Help
Show this content.
Notes:
- All command options are case-insensitive.
- MinSudo will execute "cmd.exe" if you don't specify another command.
- You can use the "/" or "--" override "-" and use the "=" override ":" in
the command line parameters. For example, "/Option:Value" and
"-Option=Value" are equivalent.
Example:
If you want to run "whoami /all" as elevated in the non-elevated Console, and
you don't want to show version information of MinSudo.
> MinSudo --NoLogo whoami /all
Source: https://github.com/M2Team/NanaRun
Скачать: NanaRun v1.0 Preview 2 (1.0.18.0)
Run As Service v1.0.0
RunAsService - is a command line tool that allows you to setup a regular console application to run as a service. Below you will find descriptions and examples of how to do this.
This tool requires that .NET Framework 2.0 be already installed on your computer. If you do not have .NET Framework 2.0 this tool will display a message and not run. You probably already have the .NET Framework 2.0 but if you don't you can download it here: Microsoft Download Center
IMPORTANT: Any services you install using this tool will
require that this tool remain on that computer in the same
location in order for those services to continue functioning. Therefore
before installing any services you should make sure this tool is
somewhere where it can remain permanently. If you do end up moving
this tool use the 'fixservices' action to fix the existing services.
(details on how to use 'fixservices' can be found below)
RunAsService
Typing just the name of the tool without specifying any parameters.
Or specifying incorrect paramters will bring you to the help screen.
RunAsService install [Name] [Display Name] PathToExecutable
Name
The name of the service, if none is specified the name
will default to the name of the executable.
You might choose to give it a different name than
the executable to keep some kind of existing convention,
make it friendlier or make it easier to use commands like
'net start' and 'net stop'
Display Name
This is how the service name will be displayed in the windows
services list. If no display name is specified it will default
to Name, if Name is not specified, it will default to the name
of the executable.
Generally the display name is longer and more descriptive
than the name and gives the user a better idea of what
the service is and/or does.
PathToExecutable
The location of the application you want to run as a service.
Note, the tool will check if this executable exists, if it
doesn't find it will not install it.
~Full Info~
Homepage: http://runasservice.com
GitHub: https://github.com/luisperezphd/RunAsService
Скачать: Run As Service v1.0.0 / Source Code
|