1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Can an EXE bypass user confirmation while invoking another EXE?

Discussion in 'Windows Security' started by kskarun, Jun 18, 2009.

  1. kskarun

    kskarun Guest

    I have 2 applications written in Delphi. The first exe (with a user
    interface) calls another using ShellExecuteEx(), which runs as a
    background process.

    When the first exe invokes the second, one of these two things happen:

    1. When I log in as an admin, a UAC dialog comes up with the
    Allow/Cancel prompts. Selecting Allow continues the execution.

    2. If I log in as non-admin, an admin credentials dialog box is
    displayed, and I need to enter the admin username/password to continue.

    On both occasions, I want the second exe to run without any user
    intervention. How can I make it possible?

    And yes, I tried applying the ElevateCreateProcess mitigation as
    suggested by SUA tool, but it doesn't seem to work - the behavior is as
    before.

    Thanks for your help.


    --
    kskarun
     
    kskarun, Jun 18, 2009
    #1
  3. Kromag

    Kromag Guest

    One way is by subverting. Look up Patch Guard. But I would not do this if I
    were you.
    You could seriously harm your users as well as your own security.

    There's a whitepaper written up on Google code about this and many other
    places.

    "kskarun" <guest@unknown-email.com> wrote in message
    news:092021ca724a6769c82da4c8bf06c1a4@nntp-gateway.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    >
    > I have 2 applications written in Delphi. The first exe (with a user
    > interface) calls another using ShellExecuteEx(), which runs as a
    > background process.
    >
    > When the first exe invokes the second, one of these two things happen:
    >
    > 1. When I log in as an admin, a UAC dialog comes up with the
    > Allow/Cancel prompts. Selecting Allow continues the execution.
    >
    > 2. If I log in as non-admin, an admin credentials dialog box is
    > displayed, and I need to enter the admin username/password to continue.
    >
    > On both occasions, I want the second exe to run without any user
    > intervention. How can I make it possible?
    >
    > And yes, I tried applying the ElevateCreateProcess mitigation as
    > suggested by SUA tool, but it doesn't seem to work - the behavior is as
    > before.
    >
    > Thanks for your help.
    >
    >
    > --
    > kskarun
    >
    > __________ Information from ESET Smart Security, version of virus
    > signature database 4176 (20090622) __________
    >
    > The message was checked by ESET Smart Security.
    >
    >
    >
    >
    > <!--colorc--><!--/colorc-->

    __________ Information from ESET Smart Security, version of virus signature database 4176 (20090622) __________

    The message was checked by ESET Smart Security.
     
    Kromag, Jun 22, 2009
    #2

Share This Page