Application launching using administrator
account
Principles
This tool allows, within common user account,
launching any application (executable, script, snap-in component) using
administrator privileges.
It runs within
Windows 2000, Windows XP, Windows 2003.
It does not run within Windows NT4 because some functions
(cryptography, process management, network management) are not available. |
It is similar to NT Resource Kit SU.EXE or RUNAS.EXE tools (Windows 2000 and above), but more powerful.
| Major problem using
these tools is administrator must be present near user
computer in order to enter interactively his account name and
password (and it is not good for system security if
administrator communicates these informations). |
SUPEREXEC frees this constraint, preparing
application launching.
It records in Registry following parameters, which are fully encrypted
(using Windows cryptography API)
:
- User account (or users group) – local or global (domain)
- Application name
- Parameters passed to application
- Working folder
- User profile
- Administrator account and password
- Extra optional parameters :
- Launching deadline
- Launching counter
SUPEREXEC creates AUTOMATICALLY applications shortcuts or commands
:
- On user desktop
- In Startup menu\programs\start
- In Registry (key HKCU\Software\Microsoft\Windows\CurrentVersion\Runonce)
- In login script of :
- NetLogon folder (domain server)
- %systemroot%\ system32\GroupPolicy\User\Scripts
folder (local computer)
Application launching will be refused if:
- Application is not authorized to user or a group
where user is a member.
- A deadline has been defined, and the current date is
no longer valid.
- A counter has been defined, and the count is exceeded.
Moreover, SUPEREXEC is able to run REMOTELY,
and can manage any computer, member of workgroup or domain.
In that case, it self copies to remote computer in %systemroot% folder.
Comments :
- Because of intrinsic network restrictions within
Window XP Home Edition, SUPEREXEC is able to work locally only
and not remotely within a computer using this system.
- Another workgroup or domain browsing needs some time.
We can disable network features (case of stand alone computer)
- A field has been provided to typing manually
computer name.
It is useful in case a remote computer is intentionally hidden (command
net config server /hidden:yes), which prevents displaying it in
workgroup or domain computers list.
- We can select a users group instead a user
account. So allowed applications to this group will be authorized to any
account member of this group. Associated shortcuts are created in %ALLUSERSPROFILE%
folder (We cannot use Registry, because any entry in runonce key is deleted
after executing).
- Selected applications may be located on any computer
of network, and not only on local user computer.
- In case of console application (ipconfig,
nbtstat, netstat, net time, ...), it will be launched using a dynamically
created script in order to keep opened window until user closes it.
- As far as remote computers are concerned, SUPEREXEC remotely activates :
- remote registry service
- administrative shares
SUPEREXEC is made of 2 executables :
SUPEREXEC software contains 4 files :
| SuperExec.exe |
main program, for administrators only,
intended to plan applications. |
| SE.exe |
run time program, for any users, intended to
launch applications. |
| <language>\SuperExec.lib |
localized file. It contains all messages and
texts. |
| <language>\SuperExec.chm |
help document. |
Applications
preparation (administrator mode)
SUPEREXEC works together
locally and remotly, so it is possible to manage in the same way
local computer and any workgroup or domain computer.
When administrator launches SUPEREXEC, this dialog
box is displayed :
(click on areas to obtain details)
See help compiled file
SuperExec.chm
(this file is supplied with software)
 |
Pay special
attention to applications choice!
As far as possible You must avoid authorize applications
that launch other
applications, because they will be launched too with
administrator privileges.
For example if we authorize commands processor (%systemroot%\system32\CMD.EXE),
user will be able to launch any software, script, snappin
component, ..., with administrator power. |
|
Applications
launching (user mode)
In this mode, user is able to launch application using SE (with
administrator privilèges)
Any not administrator user may launch application :
- manually by double-click on shortcut (created
by SuperExec on desktop)
- automatically :
- from start menu/programs/startup
- from registry (HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
key)
- from logon or session opening script.
Some controls are performed :
- application authorization for current user
In this example, netstat is not allowed :
| In this example, secpol.msc
is alllowed using SE : |
But secpol.msc direct
launching is forbidden : |
 |
 |
- Dead line control :
- Maximal count control :
- Console application :
In this example, selected application is
C:\winnt\system32\FTP.EXE, with
-s:c\winnt\sprinfield.ftp parameter.
FTP command file
springfield.ftp
contains this : |
Execution : |
|
open 192.168.0.49
bellamy
***********
cd /DEVELOPMENT/wsh
dir getip*.vbs
bye |
|
 |
SE.EXE checks automatically
application type (console or GUI), and in case of console application
a
script
%systemroot%\Superexecmd.bat, is
created dynamically.
This script keeps opened window when application terminates (setting
in SUPEREXEC).
This script is very simple :
|
@echo off
cmd /c %*
pause |
Download
and setup
SUPEREXEC is entirely free.
To install (using administrator account) launch installSE.exe
file
(this file is provided in a zipped file installSE.zip)
Setup program is bilingual.
As SuperExec software, it is available nowadays in english and in
french.
Setup extracts 4 files :
- Superexec.exe executable
- SE.exe executable (runtime)
- Help file SuperExec.chm
- Caption, title, messages, ..., file Superexec.lib.
This is a text file, so it is easy to translate SuperExec in any language .
None other file is necessary.
A Shortcut is created on desktop, and two shortcuts in
start menu (one to launch SUPEREXEC and one to uninstall it)
Language choice is made during setup, but we can change it at
any time in SuperExec.
History
- 17/12/2004 - Version 3.0.1.237
- Network feature : network browsing (de)activation
- Bilingual application (only one software)
- Help file : SuperExec.chm
- New interface :
- menus bar
- buttons bar
- All settings in one dialog box
- Popup informations windows (network, accounts, applications)
- Operations log using HTML format
- Applications choice
- Account feature : local accounts may be disabled in
case of domain computers.
- MSI packages
- Profile may be :
- user account
- administrator account
- default account
- In case of user groups, we can insert application
launching into logon script on domain controller (NETLOGON share) or
in a local starting script (%systemroot%\system32\GroupPolicy\User\Scripts\Logon
folder).
- 02/02/2004 - Version 2.0.1.136
- GENERAL account removed, replaced by groups
management.
- Software splitting in 2 programs (SuperExec.exe
to prepare aplications, SE.exe to launch applcations)
- Profile user choice
- Working folder choice
- Application on remote computer different on target
computer.
- Shortcuts on :
- Desktop
- Start menu
- Registry (HKCU\Software\Microsoft\Windows\CurrentVersion\Runonce)
- Console application script dynamically created.
NB: it is created in %systemroot% folder, and only administrator can
modify it.
- 10/12/2003 - Version 1.5.1.89
- Manual computer name entry (hidden computer)
- Application parameters field;
- Console application launching using automatic
script.
- GENERAL virtual account (= any account).
- 03/12/2003 - Version 1.4.1.84
- Global accounts (domain)
- Shortcut caption customization.
- 13/11/2003 - Initial version