Several months back I had to figure out a way to get Create a card gold (5.0?) run on an XP system. The only real problem was that I had setup the account with limited user privileges (shared machine, several users, all with limited account priviliges.) But, somehow the program didn’t work well without administrator priviliges. Giving the account full administrator priviliges all the time was not an option and try as I might, I couldn’t find the right program directory to give expanded permissions that would solve the issue.
Now, YES there are newer versions of creat-a-card gold, but none seem well reviewed. In fact, some of the reviews I’ve seen are along the lines of “stick with version 5″. So, that wasn’t a great choice either. Finally, I created another user that I gave administrator priviliges to. Then used the “run as” function to run that program as this “new” more priviliged user. I gave the user the same password as the limited user account so that she would only have to type in her password again when the program ran.
Now, I’ll admit, it isn’t pretty (the password prompt is a big black command window.) But, it works. I essentially made a batch script (command script) that’s on the desktop that has one line….
runas /user:priviliged “c:program filespathtocreate-a-card-gold.exe”
The big black window pops up asking for the password and then things work as normal after that.
YES, this could introduce vulnerabilities. A user could modify the script to “runas” that user for another program, or use that program to save files in an area that they aren’t normally allowed to. This can compromise a tight setup. That much said, in this situation it was a compromise for a legacy application that could be made without giving an “all the time” administrator login.
There was another problem though – how to keep that new user from showing up in the login screen?
Related PostsRelated Posts
- Possible Windows Scheduler local privilige escalation Sans has a writeup on Windows local privilige escalation using the Windows scheduler and among other things it might be worth starting out by saying that typically, only Administrative group users in Windows XP are allowed to access the Windows Scheduler. However, I have read reference of some installs that......
- Windows lost administrator password rundown.... I've done one or two mentions in the past of ways to recover/reset lost windows passwords and thought it was probably time for another "brain dump/web research dump" of things that I've run across. This is not just for lost administrator passwords, but could apply to a lost user account......
- Park Your Virus Impervious Smugness Mac (and Linux) Users [/caption] I use linux. I prefer it over Windows for many reasons. It's more resistant to viruses, less of a target, but that doesn't mean that malware or other viruses are impossible. If someone were to trick me into running something and even worse, trick me into using my administrator......
- Triathlon Training 101 Given your background, do you know which triathlon training program is going to be ideal? Where does one even get started? We all come from vastly different injuries, backgrounds, genetics and so on and so forth, so there is no one size fits all solution to planning for a triathlon......
- Download the Google Chrome OS Virtual Machine Last week, Techcrunch reported rumors of the release of the Google Chrome OS. They stated that the info came from a reliable source, and indeed that source was reliable. Google had an event at their headquarters, and indeed provided new details and a demo of the Chrome OS. The......
- Funny Windows Errors - How to Fix Registry Errors in Windows Have you ever wondered why your computer sometimes encounters funny windows errors after several weeks from your purchase? Your windows operating system may behave unusually, and if you think about it this happens when you install and uninstall programs in your computer. It is also common that over time, you......
- Hiding a user from the Welcome screen in Windows XP
- Epson Perfection 1650 scanner and Windows XP Limited User account
- Possible Windows Scheduler local privilige escalation
- Windows XP lost administrators password
- Administrative access on linux systems