Starting Progs from within TC w/o Admin rights
Moderators: white, Hacker, petermad, Stefan2
Starting Progs from within TC w/o Admin rights
Hi,
when I start programs from within TC (buttonbar or click on program name), they always start elevated, even though I use the DropMyRights utility to start them.
Is there a way to adjust TC, so that I can start TC as administrator, but still the programs started from within TC do not necessarily have admin rights?
when I start programs from within TC (buttonbar or click on program name), they always start elevated, even though I use the DropMyRights utility to start them.
Is there a way to adjust TC, so that I can start TC as administrator, but still the programs started from within TC do not necessarily have admin rights?
Regards, Brahman
Win10 & 11 Pro x64
Win10 & 11 Pro x64
Try this: Start CMD elevated by right-clicking and selecting "Run As Administrator". Inside of CMD, enter the command to launch some program via DropMyRights, e.g. Now check whether or not the newly started program is elevated. It doesn't work for me. Although launching TC this way doesn't show the ^ in front of the user name, Process Hacker shows the process as fully elevated. This is regardless of the parameter: C and N do the same thing; I even get an error (that the process couldn't be launched) when using DropMyRights' U parameter.
I think there's a reason why MS stopped providing this program: it doesn't work properly (on newer versions of Windows).
Regards
Dalai
Code: Select all
"C:\Program Files\DropMyRights\DropMyRights.exe" C:\Windows\system32\notepad.exe
I think there's a reason why MS stopped providing this program: it doesn't work properly (on newer versions of Windows).
Regards
Dalai
Last edited by Dalai on 2017-02-14, 20:08 UTC, edited 1 time in total.
#101164 Personal licence
Ryzen 5 2600, 16 GiB RAM, ASUS Prime X370-A, Win7 x64
Plugins: Services2, Startups, CertificateInfo, SignatureInfo, LineBreakInfo - Download-Mirror
Ryzen 5 2600, 16 GiB RAM, ASUS Prime X370-A, Win7 x64
Plugins: Services2, Startups, CertificateInfo, SignatureInfo, LineBreakInfo - Download-Mirror
I've checked in Process Hacker and it seems that pxexec'ed process has the same security tokens that non-elevatedo one has.
And it is interesting that psexec'ed TC still shows username in title but doesn't show a cap, and it can't e.g. create subfolders in Windows directory while elevated one can.
So it seems that these tools are able to drop process permissions but can't drop elevation flag...
And it is interesting that psexec'ed TC still shows username in title but doesn't show a cap, and it can't e.g. create subfolders in Windows directory while elevated one can.
So it seems that these tools are able to drop process permissions but can't drop elevation flag...
-
- Junior Member
- Posts: 83
- Joined: 2010-04-19, 15:50 UTC
elevation
I created a file, <any_name>.bat with one line
runas /trustlevel:0x20000 ""%1""
i created a buttonbar:
TOTALCMD#BAR#DATA
C:\util\any_name.bat
%P%N
-1
It worked for me.
runas /trustlevel:0x20000 ""%1""
i created a buttonbar:
TOTALCMD#BAR#DATA
C:\util\any_name.bat
%P%N
-1
It worked for me.
-
- Junior Member
- Posts: 83
- Joined: 2010-04-19, 15:50 UTC
Text from TOTALCMD#BAR#DATA to -1 is a copy of buttonbar button, you can copy this text to clipboard and do Paste in buttonbar context menu (you can also copy buttonbar buttons, and TC will put similar text to clipboard).brahman wrote:What is the -1 doing and where does it go?
Yes, it seems that these tools work, you can try it yourself: start e.g. notepad and try to save in Windows dir, it shouldn't work if process is not elevated.brahman wrote:So you are saying DMR and psexec work in dropping elevation, the flag simply isn't set, that's why process hacker and task manager show wrong elevation level?
But it is interesting is there a tool or a way to start process with dropped rights without elevation flag...