Bypass UAC and Elevate Permissions of Scripts (RunAs Administrator) at the Command Line

Mike Murgolo from Microsoft MCS released some great UAC scripting power tools to help scripting tools get around UAC security prompts.

Also check out his other other Vista UAC Tools like Kixtart/AutoIT UAC elevation addons, a RunAs GUI, and other tools.

Elevate Command PowerToy.

This tool (which consists of the files ElevateCommand.inf, elevate.cmd, and elevate.vbs) adds an elevate command to your system. This lets you launch applications that prompt for elevation from the command line, a script, or the Run dialog. For example, the following command opens Win.ini with Notepad (after prompting for elevation):

elevate notepad c:\Windows\Win.ini

When using the elevate command with Windows Script Host (WSH), Windows PowerShell™ or other scripts, you need to specify the script host executable (such as wscript, cscript, or powershell) as the application. To run a vbs, for example, you’d use this:

elevate wscript “C:\windows\system32\ slmgr.vbs” –dli

Run as Administrator for Scripts

The next irritant was that there was no “Run as Administrator” context menu option (when you right-click on the file in Explorer) for most Windows script types. The one exception was for command-shell scripts (those with .bat and .cmd file extensions). So I set out to investigate this. Many of the context menu options for file types are controlled through command keys for the “object” type in the HKEY_CLASSES_ROOT section of the Registry (see Verbs and File Associations in the sidebar for details). It turns out that if that command key is named runas, the command invoked will prompt for elevation. This allowed me to create the following PowerToys:

  • Elevate HTML Application PowerToy (ElevateHTA.inf)
  • Elevate Windows PowerShell Script PowerToy (ElevatePowerShellScript.inf)
  • Elevate WSH Script PowerToy (ElevateWSHScript.inf, elevate.cmd, elevate.vbs)

These PowerToys add a Run as Administrator Explorer context menu entry (as shown in Figure 1) for HTAs, Windows PowerShell, and Windows Script Host file types respectively. ElevateWSHScript.inf also adds a Run as Administrator with Command Prompt menu entry. (Please read the note in ElevatePowerShellScript.inf before installing it.)

Figure 1 Run as Administrator context menu options (Click the image for a larger view)

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.
 
Comments

No comments yet.

Leave a Reply

You must be logged in to post a comment.