none
Not a Question, just something to help out those kiddies in school :) RRS feed

  • General discussion

  • This script will bypass the domain administrator so you can run programs :)

    cmd /min /C "set __COMPAT_LAYER=RUNASINVOKER && start "" "%1""

    just copy it to a text file, then save as a .bat file. Just drag the program you want to open onto the bat file. It should open, but it doesn't work with everything.

    Logan

    Thursday, March 1, 2018 6:06 PM

All replies

  • What does "bypass the domain administrator" mean?

    -- Bill Stewart [Bill_Stewart]

    Thursday, March 1, 2018 6:19 PM
    Moderator
  • The environment does not work as claimed.

    You cannot bypass UAC with that method. It will work with system utilities that are designed to allow elevation.  REGEDIT works but nearly all user type programs are not built to allow elevation.  PowerShell will not elevate nor will any shell.


    \_(ツ)_/

    Thursday, March 1, 2018 7:44 PM
  • This post is an amusing misunderstanding of what the "run as invoker" setting actually does.

    As is often the case, Raymond Chen helps us out with an explanation.

    Is RunAsInvoker a secret, even higher UAC setting?

    Actually, RunAsInvoker is a secret, even lower UAC setting.

    What RunAsInvoker does is to ignore any elevation request in the application's manifest and treat the manifest as if it had said

    <requestedExecutionLevel level="asInvoker" uiAccess="false" />

    which is the default behavior. The program simply runs with the same privileges as the code that launched it. There is no attempt to elevate.


    -- Bill Stewart [Bill_Stewart]


    Thursday, March 1, 2018 10:24 PM
    Moderator
  • Actuallyt that is only half of the story.

    Open CMD prompt.  Run regedit and notice it prompts for the elevation.

    Now paste in the SET command and run regedit again.  No UAC challenge.

    The UAC is gone but and rededit runs with normal (non-elevated) privileges.  Only code that is set in the manifest to allow this will run at the lower privilege.  Not really all that useful but would prevent prompts hen you are just looking things up.


    \_(ツ)_/

    Thursday, March 1, 2018 10:34 PM
  • Exactly - that is what Raymond's blog is pointing out. The environment variable does not somehow magically let you bypass elevation. (If this were possible, all malware would have to do is set this variable and then do whatever it wants on your computer!)


    -- Bill Stewart [Bill_Stewart]

    Thursday, March 1, 2018 10:34 PM
    Moderator