News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests
NB: Posting URL's See here: Posted URL Change

Main Menu

createprocess The requested operation requires elevation

Started by TouEnMasm, August 04, 2015, 10:58:30 PM

Previous topic - Next topic

TouEnMasm

Hello,
i use a Execute proc to run an executable.
This work always with XP.
Now windows 8 and 10 ask,"Do you want to run this one ?" for a certain number of executable,
Like regedit.exe. No problem with notepad.exe.

How to use createprocess for regedit.exe ???.

Thanks for answer

Quote
Execute proc Param:DWORD ;la ligne parametre addr
;-------- avec XP,la manière la plus simple,est de former une seule ligne,Param
   ; Un shell pour executer un autre programme
   ;          necessite
   ; processInfo   PROCESS_INFORMATION <> ;structure API
   ; programname db "MSGBOX.EXE",0
   ; Parametres db "test.bat chose machin",0
   ; IDM_CREATE_PROCESS equ 1
   ; IDM_TERMINATE equ 2
   ; IDM_EXIT equ 3
   ; ExitCode DWORD ?
   ;invoke GetStartupInfo,addr startupinfo   
   ;---------- creer le process
   mov startInfo.cb,sizeof STARTUPINFO
   
   invoke GetStartupInfo,ADDR startInfo
   invoke CreateProcess,NULL,Param,NULL,NULL,FALSE,\
      NORMAL_PRIORITY_CLASS,NULL,NULL,ADDR startInfo,ADDR processInfo
   .if eax == FALSE
      invoke RetrouveMessageErreur,TXT("CreateProcess")
   ;INVOKE     MessageBox, NULL,TXT("Execute_Independant_Win failed"),\
   ;         TXT("CreateProcess Failed"), MB_YESNO
   .else
   ;   ;le process devient indépendant
   ;   invoke CloseHandle,processInfo.hProcess
   ;   mov processInfo.hProcess,0
   ;   invoke CloseHandle,processInfo.hThread
   ;   mov processInfo.hThread,0
   .endif
   
   ret
Execute endp
Fa is a musical note to play with CL

dedndave

there may be a way using the manifest
i am still using XP, so i really can't play with it   :P

dedndave

something you might try....
create a shortcut to your program - and set the shortcut properties to run as admin

TouEnMasm


a soluce is given by
Quote
.data
   shExInfo SHELLEXECUTEINFO  <>
.code
   invoke RtlZeroMemory,addr shExInfo,sizeof shExInfo
   mov shExInfo.cbSize,sizeof shExInfo
   mov shExInfo.fMask,SEE_MASK_NOCLOSEPROCESS
   mov shExInfo.hwnd,0
   mov shExInfo.lpVerb,TXTO("runas")             ;Operation to perform
   mov shExInfo.lpFile,TXTO("regedit.exe")      ;Application to start   
   mov shExInfo.nShow,SW_SHOW
   invoke ShellExecuteEx,addr shExInfo 

I have not find a way to use a manifest

Quote
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
        <dependency>
                <dependentAssembly>
                        <assemblyIdentity
                                type="win32"
                                name="Microsoft.Windows.Common-Controls"
                                version="6.0.0.0"
                                processorArchitecture="X86"
                                publicKeyToken="6595b64144ccf1df"
                                language="*"
                        />
                </dependentAssembly>
        </dependency>
        <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
                <security>
                        <requestedPrivileges>
                                <requestedExecutionLevel
                                       level="asInvoker"
                                       uiAccess="false"/>
                        </requestedPrivileges>
                </security>
        </trustInfo>
</assembly>

Fa is a musical note to play with CL

mabdelouahab

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel
          level="requireAdministrator"
          uiAccess="false"/>
        </requestedPrivileges>
       </security>
  </trustInfo>
</assembly>

Zen

Inside Windows Vista User Account Control, Mark Russinovich, TechNet

Windows Vista Application Development Requirements for User Account Control Compatibility, MSDN

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<v3:trustInfo xmlns:v3="urn:schemas-microsoft-com:asm.v3">
<v3:security>
<v3:requestedPrivileges>
<v3:requestedExecutionLevel level="highestAvailable"/>
</v3:requestedPrivileges>
</v3:security>
</v3:trustInfo>
</assembly>


Quote from: User Account Control, Wikipedia)A program can request elevation in a number of different ways. One way for program developers is to add a requestedPrivileges section to an XML document, known as the manifest, that is then embedded into the application. A manifest can specify dependencies, visual styles, and now the appropriate security context. Setting the level attribute for requestedExecutionLevel to "asInvoker" will make the application run with the token that started it, "highestAvailable" will present a UAC prompt for administrators and run with the usual reduced privileges for standard users, and "requireAdministrator" will require elevation. In both highestAvailable and requireAdministrator modes, failure to provide confirmation results in the program not being launched.
Inspecting an executable's manifest to determine if it requires elevation is not recommended, as elevation may be required for other reasons (setup executables, application compatibility). However, it is possible to programmatically detect if an executable will require elevation by using CreateProcess() and setting the dwCreationFlags parameter to CREATE_SUSPENDED. If elevation is required, then ERROR_ELEVATION_REQUIRED will be returned. If elevation is not required, a success return code will be returned at which point one can use TerminateProcess() on the newly created, suspended process. This will not allow one to detect that an executable requires elevation if one is already executing in an elevated process, however.
(From: User Account Control, Wikipedia)

Gunther

Hi Zen,

that's an interesting article by Mark Russinovich, indeed. But it covers Vista. Is that valid for later Windows versions, too?

Gunther
You have to know the facts before you can distort them.

Zen

GUNTHER,
Excellent question.  :dazzled:
I think (from what I've read),...the UAC has evolved (Microsoft has altered UAC activity in Windows 7, to make it "less annoying" by default).

Windows 7 Feature Focus: User Account Control, Oct 2010

...If you GOOGLE "Disabling User Account Control UAC",...you will get a gazillion webpages devoted to this important subject.


mabdelouahab

Avast has a problem with the use of UAC, It is considered malware

Gunther

Quote from: mabdelouahab on August 05, 2015, 05:39:31 AM
Avast has a problem with the use of UAC, It is considered malware

Probably a false positive.

Quote from: Zen on August 05, 2015, 04:09:21 AM
I think (from what I've read),...the UAC has evolved (Microsoft has altered UAC activity in Windows 7, to make it "less annoying" by default).

That's not a real surprise.

Quote from: Zen on August 05, 2015, 04:09:21 AM
...If you GOOGLE "Disabling User Account Control UAC",...you will get a gazillion webpages devoted to this important subject.

Yes, about every Windows you want. I'll check it out. Thank you.

Gunther
You have to know the facts before you can distort them.