i searched for this some hours today but i only find solutions that wont work.
Maybe it is impossible but let's give it a try:
I'm in a company and I will write some code so that a user can run the software whenever he need it. The software needs administrator-permissions. For example I've wrote some code to start the cmd as admin and create a folder at c:/Windows (you'll need admin-permission for that). The credentials for the admin account are right (we use Microsoft AD) but I only get "Access denied" in the cmd.
Does anyone know whether it is possible to get admin permission with hard coded credentials?
Note: Don't talk about security risks, the cmd is not the target software but it should demonstrate the problem.
My code:
Process p = new Process();
p.StartInfo.FileName = "cmd.exe";
p.StartInfo.Arguments = #"/Kmkdir C:\Windows\_Test";
p.StartInfo.UserName = "admin";
System.Security.SecureString sPW = new System.Security.SecureString();
sPW.AppendChar('a');
sPW.AppendChar('b');
sPW.AppendChar('c');
p.StartInfo.Password = sPW;
p.StartInfo.UseShellExecute = false;
p.Start();
You are still getting an error because all admin accounts in newer windows versions (since Vista) technically are standard user accounts. The way administrative tasks are performed is through the User Account Control (UAC). It allows you to elevate permissions as administrator to perform administrative tasks. So yes, you are executing the process using an administrator account, but you did not elevate the process. To do so, add this parameter:
p.StartInfo.Verb = "runas";
p.StartInfo.UseShellExecute = true;
You can remove all other parameters regarding authentication, since all the authentication is handled by UAC. If for some reason you wish not to use UAC, then you probably will have to disable it, which is not recommended in most cases.
Related
I'm writing a simple Windows form that runs some commands through cmd.exe in C#. The first code works correctly because I used the process.StartInfo.Verb = "runas" statement.
During execution I agreed to running as administrator without any password.
Now I'm modifying the code because, sometimes, the commands return a choice (like [y/n]) so I want to examine the output and, eventually, send a choice.
To do this, I need to redirect in/out flow (StandardInput/StandardOutput) and set process.StartInfo.UseShellExecute = false. This results in Windows not asking me to open as administrator. To solve this, I used the following:
process.StartInfo.Domain = "DESKTOP-2K....";
process.StartInfo.UserName = "Marco";
SecureString password = new SecureString();
process.StartInfo.Password = password;
I get information with command -> wmic useraccount list full.
Unfortunately, this doesn't work.
The curious things is that, with wmic command, I not read that "Marco" is administrator account but I read that "Administrator" is an administrator account. Therefore, Marco doesn't require a password instead Administrator requires a password.
Other curious thing is that Marco is an administrator account if I go to -> Control Panel -> Accounts -> User Accounts
Please help me.
regards
I have an internal only Helpdesk program that has admin access to servers on the private network to pull logs, reboot hung servers, and perform other various admin tasks..
Rather than giving admin access to a significant number level 1 helpdesk users across hundreds of servers, my program runs under a single admin account, which access to this program is protected under a AD group, and launched only on a single Windows server via Citrix published app. So access to run the app is protected, but the password for the account with server access is hardcoded in the code using securestring.
I am not an expert level programmer. Just an advanced sysadmin with enough knowledge to do more things to accomplish my needs.
I know securestring is not recommended anymore, but i dont have the advanced knowledge to implement another password encryption solution without some help.
This is the code being used in my C# WPF app..
secureString pass = new NetworkCredential("", "hardcodedpassword").SecurePassword;
strCmdText = "command to be run here"
Process process = new Process();
process.StartInfo.FileName = "cmd.exe";
process.StartInfo.Arguments = strCmdText;
process.StartInfo.UserName = "Helpdesk1";
process.StartInfo.Password = pass;
process.StartInfo.Domain = "Domain1";
process.StartInfo.ErrorDialog = true;
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardError = false;
process.StartInfo.RedirectStandardOutput = false;
process.StartInfo.CreateNoWindow = true;
process.Start();
process.WaitForExit();
pass.Dispose();
I also have some users who are not very technical, but need to perform some limited tasks, like logging off stuck users from servers where you need admin access. That is why i do not want to assign Admin to these individual AD accounts. Having them access a single tool with the required access running on a single windows server solves that problem compared to giving all these users direct server admin access. So bottom line is I just want to be able to at least hide password in the code at least at the minimum, fully understanding its not the best approach. Thank you for the help!
I wrote an application, that grab time from NTP server and change system time of my machine. It works good, but time synchronizing only if my apps start with admin rights. So a question is how to launch it without admin privileges, but to save it functionality?
I set system time using WinAPI function SetSystemTime.
you can do this in several ways (have the most proper one for you).
Identity Impersonation => described with example at this address
WindowsIdentity identity = new WindowsIdentity(accessToken);
WindowsImpersonationContext context = identity.Impersonate() ;
runas verb
ProcessStartInfo startInfo = new ProcessStartInfo (m_strInstallUtil, strExePath);
startInfo.Verb = "runas";
System.Diagnostics.Process.Start (startInfo);
please keep in mind that UAC will be prompted for the second method
PrincipalPermissin (if the user is the member of Admin group)
[PrincipalPermission(SecurityAction.Demand, Role = #"BUILTIN\Administrators")]
I am working on a web application that install software on a server.
I can run the install by hand if I log in a user that is apart of a specific group then run install msi as administrator.
This specific group is apart of the local administrators group.
My app pool is running as Network_Service.
Do I impersonate then use the runAs verb? but then I need to know the u/p as user and u/p of Administrator .. I think
I am using the System.Diagnostics.Process classes.
System.Diagnostics.ProcessStartInfo oInfo = new System.Diagnostics.ProcessStartInfo(str);
oInfo.UseShellExecute = false;
oInfo.ErrorDialog = false;
oInfo.CreateNoWindow = false;
oInfo.RedirectStandardOutput = true;
Process p = System.Diagnostics.Process.Start(oInfo);
System.IO.StreamReader oReader2 = p.StandardOutput;
string sRes = oReader2.ReadToEnd();
oReader2.Close();
return sRes;
You need to set the UserName and Password properties to the login credentials of an Administrator account.
You can't change the user context of a running process later on. I suggest u use windows authentication and impersonation to be sure the web request is executed as the authenticated user and besides that you don't have to care about the user credentials.
Is it possible to require administrator rights for one single method?
Something like this:
[RequireAdminRightsForThisMethod()]
private void TheMethod(){
// Do something
}
You can add a PrincipalPermission attribute to your method to demand administrative privileges for its execution:
[PrincipalPermission(SecurityAction.Demand, Role = #"BUILTIN\Administrators")]
public void MyMethod()
{
}
This is described in more detail in the following article:
Security Principles and Local Admin Rights in C# .Net
If you are looking for a way to elevate an already existing process I doubt that this is possible as administrator privileges are given on process-level to a process upon startup (see this related question). You would have to run your application "as administrator" to get the desired behavior.
However, there are some tricks that might allow you to do what you want, but be warned that this might open up severe security risks. See the following thread in the MSDN forums:
Launching MyElevatedCom Server without prompting Administrator credentialls from Standard User
Update (from comment)
It seems that if an update requires elevation your application update is best done by a separate process (either another executable, or your application called with a command line switch). For that separate process you can request elevation as follows:
var psi = new ProcessStartInfo();
psi.FileName = "path to update.exe";
psi.Arguments = "arguments for update.exe";
psi.Verb = "runas";
var process = new Process();
process.StartInfo = psi;
process.Start();
process.WaitForExit();
A method can require administrative privileges to run, but it's not possible to automatically elevate to Admin when executing a method.