Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
February 11, 2002
To open a CMD prompt in the System account context, download and install CMDasSYS.exe in LocalSystem.zip.
The readme contains:
*********************************************************************************************************************************** Copyright (c) 2001 by -=Assarbad [GoP]=- ****** ____________ ___________ ****** / ________ / _____ ****** / / __________/ ****** __/___ / _____ ____ ****** /___ _______ ****** / / ****** _____ ____ ____/ ****** ___________ __________ __ ****** / / / / / / ****** /___________/ /__________/ /__/ ****** ***********************************************************************************************************************************PURPOSE AND INFORMATION:------------------------CMDasSYS will invoke an instance of the NT command processorCMD.EXE under SYSTEM account. That is under highestpermissions on the local machine but almost no permissions onthe network.If you want to play - try to read any registry key (as theprotected SAM) it will succeed.The service is no more interactive. It does its job on thesame desktop and winsta from which CMDasSYS has been started.USED TECHNIQUES:----------------This version installs itself as a Windows NT Service and startsthe command processor from within this service - that is,from within SYSTEM account (LocalSystem context).Needed are the privileges to install and start a service.-> Windows 2000 (+later) user: Note, that the SYSTEM accountwon't know your hash, so if you store the program in anencrypted directory, the service cannot be started ;)COPYRIGHT AND RESTRICTIONS:---------------------------There are no restrictions for reusing source and binary. You mayuse it commercially and private ...The only limitation is don't remove the copyright signature fromthe source files.[GoP]
You May Also Like