• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 232
  • Last Modified:

Full access to resources without uac

Hi I wonder if only way is write app as service not to make UAC privileges prompt for elevation.

Are there other tricks ? ( there are some with scheduler but not sounds professional)
0
johnnyex
Asked:
johnnyex
  • 7
  • 4
  • 2
1 Solution
 
jkrCommented:
A service is indeed the simplest way. However, you need admin privileges to install it. What resources exactly do you need to access?
0
 
johnnyexAuthor Commented:
I need to have full control over services, this need max admin privileges.

Admin privileges is not a problem for installation time, later I don't need to get UAC prompts
0
 
jkrCommented:
Well, then a service is indeed the way to go. Look e.g. here http://www.codeproject.com/Articles/499465/Simple-Windows-Service-in-Cplusplus ("Simple Windows Service in C++") for sample code that you can build your srevice upon. You'll find a more thorough article at http://www.codeproject.com/Articles/1697/Beginner-s-introductory-guide-to-writing-installin ("Beginner's introductory guide to writing, installing, starting, stopping NT services")
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

 
johnnyexAuthor Commented:
what about write service which will start exe program and inherit admin privileges from mother service ? ; ) not sure if it's possible?
0
 
jkrCommented:
That's indeed possible. Any application launched from a service will inherit the privileges. The only limitation is that your program won't run on a visible desktop so GUI apps are out of question.
0
 
johnnyexAuthor Commented:
too bad that that will inherit also limitations other not only showing GUI

I found some trick
Has anyone tested it?
http://abramovi.blogspot.co.il/2012/12/how-can-windows-service-execute-gui.html
0
 
jkrCommented:
That will work, however the process that is launched will have only the privileges that are represented by the impersonation token,.not the ones the service has.
0
 
David Johnson, CD, MVPOwnerCommented:
What you want cannot really be done.. What you are trying to do is get around the UAC.. It is difficult for a reason.. If it was trivial then every malware manufacturer would be using it, which in turn would force Microsoft to close the few loop-holes that we have
0
 
jkrCommented:
>> What you want cannot really be done..

Weird - why can I do that then programmatically, given that I am privileged enough to install a service?  I mean, takin gthat one step further and writing a kernel mode driver, I could even call user mode code back from a kernel context (OK, that's not clean and a different issue with signed drivers on x64, but...)
0
 
David Johnson, CD, MVPOwnerCommented:
you'd still need UAC to install the service.. and any gui element would run in the context of the limited user.  Running the service as SYSTEM does give you almost unlimited control of the computer.  Usually any communication from a service brings up the secure desktop after notifying the user that the service is trying to communicate with the user.. and you are stuck with console mode pretty much.

Work within the system and things will be better.. don't try and defeat the built in security features.
 
If you want split your program into 2 executables.. the visual element and the service and then have the service do the things that the visual element can't.
0
 
jkrCommented:
>>you'd still need UAC to install the service.

No, you'd need to be admin, so where's the point?
0
 
johnnyexAuthor Commented:
it can be done just install service which running target exe guys
0
 
jkrCommented:
?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

  • 7
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now