I use a tool call "CPAU" and "Bat to exe converter" to create an execute file for the user to use it normal user right to run an program need administrator privilege.
Step 1:
Use CPAU to encrypt the command to "runas" the program by using the service account (local account with admin right - not local admin (For security reason)
CPAU.exe -u <username> -p <password> -ex "C:\Program Files\abc00.exe" -enc -file "C:\Program Files\runapp.txt"
Step 2:
Create a runapp.bat to decrypt the encrypted file "runapp.txt"
cpau.exe -dec -file "C:\Program Files\runapp.txt"
Step 3:
Use Bat to exe converter to convert the runapp.bat to runapp.exe
Step 4:
Copy the CPAU.exe to "System32" that machine. And Copy the "runapp.txt" and "runapp.exe" to the C:\Program Files\
Step 5:
Create the local service account
Step 6:
Create a shortcut to runapp.exe on the desktop
Remark:
1. Since the CPAU encryption is not very strong, I suggest that we create the other local account with admin privilege at a service account and also prevent the local admin account password change.
2. The service account password should be 14 digit or above to prevent hash attack
Reference:
CPAU
http://www.joeware.net/freetools/tools/cpau/index.htm
Bat to exe converter
http://www.f2ko.de/English/b2e/index.php
No comments:
Post a Comment