News

Copyright © 2008-2019 Paula DiTallo

Tag Cloud



Executing a console app under a diff user

Encoding a VBS Script to Execute A Console Application under a Different User

There are many die-hard developers (and most IT Security folks) out there who'll argue that this shortcut to executing a program under a different user isn't  viable because an encoded vbscript can be quickly de-encoded by a knowlegeable hacker. Ideally managing the execution/permission rights, etc. of programs or windows services would always be managed internally, however true security design patterns implemented in custom or commercial solutions like the ones addressed in Yaseen Barkat Ali Kalhoro's online document http://modren-study.sitesled.com/VB%20.NET%20Developer's%20Guide%20Pat%204.pdf  require thought, time and consensus to implement.  In the wake of Sarbanes-Oxley, there are plenty of post-audit incentives to make existing *.bat files immediately more secure!

First, download Microsoft's Script Encoder...

http://www.microsoft.com/downloads/details.aspx?FamilyID=e7877f67-c447-4873-b1b0-21f0626a6329&DisplayLang=en

Next, script something up -- here's a simple test...


set WshShell = CreateObject("WScript.Shell")
WshShell.Run "runas /user:administrator ""C:\windows\system32\cmd.exe"""
WScript.Sleep 100
WshShell.Sendkeys "hokeyPassword"
WshShell.SendKeys "{ENTER}"


... For your test, just replace the cmd.exe, location etc. with whatever you
need to run.

Next, test your script to be sure it will execute...

cscript metrotest.vbs

Next, encode the script...

"C:\Program Files\Windows Script Encoder\screnc" metrotest.vbs
metro.vbe


Then finally, run the encoded version:

cscript metro.vbe

...now you can put this line in a *.bat file and execute it.  The net result is you'll have a script that executes your program(s) without a clear text file. Remember to save off a copy of the original *.vbs file though, since if even one character changes in the encoded *.vbe version, the script won't run!

 

 

Tuesday, May 6, 2008 7:08 AM

Feedback

No comments posted yet.


Post A Comment
Title:
Name:
Email:
Comment:
Verification: