UACLauncher - launch adminprogs at startup without messages from UAC

By vigylant
in Tips, Tweaks & Customization

 Share

Recommended Posts

Neowinian

vigylant

Posted
Posted

Well, this program(combo) enables you to keep UAC on (not quit mode, COMPLETELY ON), and still be able to launch program that requires administrator access on startup without UACs prompts :D

It uses a program from ASUS SmartDoctor (ASDR.exe) that launches the program that I made with administrator access (without any UAC prompts)

Then, my program launches the program the user specified in the "Start.txt" :)

I dont know how ASDR works, it just does, would be fun to know....

I modified it a little using a HEX editor to read a different registry value than its original one, new one being:

HKLM\Software\UACLauncher\Path

How the other stuff works:

1. Start my prog

2. Two programs are extracted in the same folder, ASDR.exe and instsrv.exe (from microsoft, installs ASDR as a service, name UACLauncher)

3.1 Choose to install: ASDR is installed as a service

3.2 Choose to uninstall: ASDR service is uninstalled

4. See Start.txt for info

Click to download

Mentor

vertigosity

Posted
Posted
But it's a very vulnerable attack vector for privilege escalation, which is why Vista comes with nothing to allow this.
Scheduled tasks allows the administrator to set up jobs to start, at logon, with administrative credentials - but this is really quite similar, in that services are doing the launching, and also requires administrative creds to set up.

I've used this on my machine to get SpeedFan and BOINC, two programs that require administrative privileges to run properly (no "the programs are defective, get new ones" nonsense, ok?) at logon.

Grand Master

Linkinfamous

Posted
Posted (edited)
Scheduled tasks allows the administrator to set up jobs to start, at logon, with administrative credentials - but this is really quite similar, in that services are doing the launching, and also requires administrative creds to set up.

I've used this on my machine to get SpeedFan and BOINC, two programs that require administrative privileges to run properly (no "the programs are defective, get new ones" nonsense, ok?) at logon.

Scheduling those tasks requires the Admin password to be entered. If at any point, something executing has your password, security is already shot to hell.

This will never be a target for exploitation, because it's just a little tool that probably won't be widely enough used to gain attention.

I was just explaining why Vista didn't come with anything to do this out of the box: Because it would be a very widely exploited feature.

Edited by MioTheGreat
Apprentice

scuderiaconchiglia

Posted
Posted (edited)
Well, this program(combo) enables you to keep UAC on (not quit mode, COMPLETELY ON), and still be able to launch program that requires administrator access on startup without UACs prompts :D

Sweet! I just installed this so I can get Speedfan to start up by itself when I need to reboot. Very nice!!! Yes, yes, I realize that this creates a small security bypass vector. But the risk is damn small.

Thanks again!

Gary

P.S. When you said "ASDR is installed as a service" I looked for ASDR in the list of services but could not find it. I did find UACLauncher though! You might want to edit your first message to reflect that.

Edited by scuderiaconchiglia
  • 4 months later...
Grand Master

Brandon Live Veteran

Posted
  • Veteran
Posted
So all a hacker has to do is add their program name to start.txt... ?

Well, it's not quite that simple since you can easily store start.txt in a location that requires admin privileges to access.

It's more worrisome that if you put an executable on that list that isn't in a protected location, somebody could replace that executable (or a library that it loads) with a malicious binary.

Contributor

pyu

Posted
Posted
I find it amusing that yo uactually think UAC is protecting your computer.

UAC is by far one of the worst security ideas Microsoft has implemented, imo.

The only UAC doesn't do well is protecting the user from his/her own stupidity. Otherwise, its pretty okay. If you think its invasive, you should see how Linux does it (hint: in the same way).

Grand Master

Denis W. Veteran

Posted
  • Veteran
Posted
Scheduled tasks allows the administrator to set up jobs to start, at logon, with administrative credentials - but this is really quite similar, in that services are doing the launching, and also requires administrative creds to set up.

I've used this on my machine to get SpeedFan and BOINC, two programs that require administrative privileges to run properly (no "the programs are defective, get new ones" nonsense, ok?) at logon.

Scheduled Tasks is one way I got RivaTuner to boot without a UAC prompt. View instructions here. In the current version of RivaTuner it normally spawns a process that?prompts?the?user?for?elevation.?

It's quite unfortunate the ones who make the best hardware monitoring and control tools do it for free and have little to shell out to have their drivers signed.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.