flat assembler
Message board for the users of flat assembler.

Index > Windows > Drop Your Rights (XP application only) - Update v1.1

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20414
Location: In your JS exploiting you and your system
revolution 26 Dec 2008, 09:47
Browsing the Web and Reading E-mail Safely as an Administrator

I have converted the original MS DropMyRights app to asm.

It allows you to run as an administrator and access Internet data safely by dropping unnecessary administrative privileges when using any tool to access the Internet.

What this means is that you don't have to logout from your admin account and then login as a normal user just to run some app (like firefox). You get the full OS protection of a restricted user account but still be logged in as an admin.

Just use like this: DropMyRights firefox.exe

Setup/modify a shortcut for your browser and never have to be concerned about having your browser running as an admin.

Easy as that. It is only a 3kB executable and it terminates as soon as the target app has started so there is no overhead to using it.

It has three options for restricted rights:
  • Normal user. The most useful option
  • Constrained user. Can be troublesome for many apps but still useful for the ultra sceptical with apps you might download from time to time
  • Untrusted user. It may work for some apps but I haven't yet found even a simple app that can run. Probably not very useful IMO


Version 1.1 allows you to pass parameters to the target application. Use quotes around the {path} field and type the entire command line inside.

See the virustotal result, 0/39, no detections. If you get some other result then delete it and try to download again.


Description: Contains both the source file and the executable.
Download
Filename: DropMyRights-v1.1.zip
Filesize: 3.61 KB
Downloaded: 699 Time(s)

Post 26 Dec 2008, 09:47
View user's profile Send private message Visit poster's website Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel 26 Dec 2008, 12:20
Very good. But what's the purpose of doing ANYTHING under administrative rights in the first place?
You almost never need those rights. The only two annoying things I've ever encountered under LUA are the inability to burn CDs or change the system clock. But these can be avoided easily. Nero for instance has Nero BurnRights (which acts like unix's su/sudo) and some annoying policies can be carefully modified in the "Group Policy" management console.
Post 26 Dec 2008, 12:20
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20414
Location: In your JS exploiting you and your system
revolution 26 Dec 2008, 12:27
ManOfSteel: I agree with you 100%. But unfortunately many many people do run as admin (for whatever reason). This tool could be a convenience to them until they can convince themselves that always running as admin is not the best way to do things.
Post 26 Dec 2008, 12:27
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4624
Location: Argentina
LocoDelAssembly 26 Dec 2008, 18:30
Quote:
See the virustotal result, 0/39, no detections. If you get some other result then delete it and try to download again.


http://www.virustotal.com/analisis/ef31cbd1f2a9edf7f4dd817e853c032a

Although I found unneeded the re-download I did it anyway and virustotal said I have already submitted the file. Are you sure you have uploaded the version which is pleasant to F-Secure? I ask because it is supposed that any PE file generated with the official fasm cannot pass the scanning with zero detections.

BTW, would you like this thread to be moved to Projects and Ideas?

[edit]Aahh! What a cheater are you, you uploaded to virustotal the ZIP file, not the executable! Wink
Post 26 Dec 2008, 18:30
View user's profile Send private message Reply with quote
asmcoder



Joined: 02 Jun 2008
Posts: 784
asmcoder 26 Dec 2008, 21:17
[content deleted]


Last edited by asmcoder on 14 Aug 2009, 14:54; edited 1 time in total
Post 26 Dec 2008, 21:17
View user's profile Send private message Reply with quote
dacid



Joined: 31 Aug 2008
Posts: 57
dacid 26 Dec 2008, 21:48
or vista with UAC on Wink
Post 26 Dec 2008, 21:48
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20414
Location: In your JS exploiting you and your system
revolution 26 Dec 2008, 23:54
LocoDelAssembly wrote:
[edit]Aahh! What a cheater are you, you uploaded to virustotal the ZIP file, not the executable! Wink
I think that just goes to show that F-secure is not very trustworthy. It should not be affected by the zip file container.
asmcoder wrote:
i recommend runas /?
This also works but I think it is not as easy to use. You have to provide a username and a password. The OS starts a new session for it, so it uses a lot more memory for each task run that way.
dacid wrote:
or vista with UAC on Wink
Well, that is why I said it was for XP only in the title. Also Win2K doesn't have the Safer* API. So it is XP only.
Post 26 Dec 2008, 23:54
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20414
Location: In your JS exploiting you and your system
revolution 26 Dec 2008, 23:59
LocoDelAssembly wrote:
BTW, would you like this thread to be moved to Projects and Ideas?
There is a bit of an overlap I agree. But I didn't feel it was a "project" as such. Just a minor distraction for me while I was between jobs.
Post 26 Dec 2008, 23:59
View user's profile Send private message Visit poster's website Reply with quote
dacid



Joined: 31 Aug 2008
Posts: 57
dacid 31 Dec 2008, 19:38
a good distraction Smile keep up the good work!
Post 31 Dec 2008, 19:38
View user's profile Send private message Reply with quote
wht36



Joined: 18 Sep 2005
Posts: 106
wht36 11 Jul 2009, 17:44
Very nice program and conversion!

LUA prevents the user from modifying the system folders / program files directory (among other things). This means that you can't install or uninstall many programs without entering into admin mode (as many programs need to put uninstall info, dll's etc into windows folder). Some people may find this a hassle. I am running as LUA at the moment, and I find it irritating that many programs do not automatically recognise LUA and put their stuff in the user directory (instead, they attempt to store stuff to the system folders, and then quits with errors when they can't do so).
Post 11 Jul 2009, 17:44
View user's profile Send private message Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel 12 Jul 2009, 07:56
wht36 wrote:
This means that you can't install or uninstall many programs without entering into admin mode

You can also "run [it] as" and just type the admin password without logging out or switching users (XP and up).


wht36 wrote:
I find it irritating that many programs do not automatically recognise LUA and put their stuff in the user directory (instead, they attempt to store stuff to the system folders, and then quits with errors when they can't do so).

Because they are badly-designed or outdated software.
If the program constantly needs to write files in its own directory, just don't install it under "Program Files".

One interesting thing I've found (on my computer at least) is that all OSS software use the proper locations (HKCU hive key and %AppData%), but only few proprietary software do.
Post 12 Jul 2009, 07:56
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3175
Location: Denmark
f0dder 12 Jul 2009, 12:02
ManOfSteel wrote:
If the program constantly needs to write files in its own directory, just don't install it under "Program Files".
Or set NTFS permissions for the program folder.

ManOfSteel wrote:
One interesting thing I've found (on my computer at least) is that all OSS software use the proper locations (HKCU hive key and %AppData%), but only few proprietary software do.
That sounds like a broad overgeneralization to me Smile
Post 12 Jul 2009, 12:02
View user's profile Send private message Visit poster's website Reply with quote
pete



Joined: 20 Apr 2009
Posts: 110
pete 13 Jul 2009, 06:00
I wasn't aware of this problem, till now. Thank you for the source too. I didn't recognize yet that FASM has an "du" directive for defining unicode-strings.

P.S.: have you recognized the "Target"/"Start in"-path in the "Setting the Icon and Run Mode" chapter from your MS-link?
Post 13 Jul 2009, 06:00
View user's profile Send private message Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel 13 Jul 2009, 11:46
f0dder wrote:
ManOfSteel wrote:
If the program constantly needs to write files in its own directory, just don't install it under "Program Files".
Or set NTFS permissions for the program folder.

Why break the hierarchy's permission inheritance and introduce exceptions? I find it more orderly to segregate those misbehaving applications from the rest.

f0dder wrote:
ManOfSteel wrote:
One interesting thing I've found (on my computer at least) is that all OSS software use the proper locations (HKCU hive key and %AppData%), but only few proprietary software do.
That sounds like a broad overgeneralization to me Smile

Ok, bolds and underlines are useful.
The fact is, ON MY COMPUTER, out of 25 OSS and 21 proprietary applications (freeware or not), I have 3 proprietary and 0 OSS misbehaving applications. The ratio for misbehaving proprietary applications was much higher a few years ago, but since then, I've been replacing them with OSS.
Many OSS software begin in the *nix/*nix-like world. For them, using %AppData% and HKCU is just like using /home/<user>. It's the natural order of things for them. Many proprietary software programmers wipe their rears with protocols and standards, or use outdated methods (e.g. .ini files in the Windows/WINNT or Program Files directories). And users are not much better. Most of them are annoyed when properly-written software use the right locations instead of the program's directory.


pete wrote:
P.S.: have you recognized the "Target"/"Start in"-path in the "Setting the Icon and Run Mode" chapter from your MS-link?

It's in the properties of every shortcut to an exe file. Is that what you're asking?
Post 13 Jul 2009, 11:46
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2465
Location: Bucharest, Romania
Borsuc 13 Jul 2009, 13:39
ManOfSteel wrote:
Because they are badly-designed or outdated software.
If the program constantly needs to write files in its own directory, just don't install it under "Program Files".

One interesting thing I've found (on my computer at least) is that all OSS software use the proper locations (HKCU hive key and %AppData%), but only few proprietary software do.
System files -- i agree.
But registry? Worst possible thing to happen. Just imagine how hard it is to migrate or update your current configs.

I LOVE apps that write to their own folders, because I can put them on a USB stick and have them configured forever, unlike crappy apps who need "installations" and centralized settings and shit like that. Mad

most "commercial" software also writes shitload of crap in the registry compared to OSS, which usually doesn't even use the damn registry.

_________________
Previously known as The_Grey_Beast
Post 13 Jul 2009, 13:39
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20414
Location: In your JS exploiting you and your system
revolution 13 Jul 2009, 13:52
Borsuc: The problem with software writing to it's own folders is one of security. There is always a trade-off when security is involved. If you like apps that write their own folders then you also have to deal with apps (like malware) writing to other apps folders and creating havoc. Centralised settings have kind of the same problem but all that happens is that you have to reconfigure (i.e. restore from backup) just the settings and not the whole set of apps.
Post 13 Jul 2009, 13:52
View user's profile Send private message Visit poster's website Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 4060
Location: vpcmpistri
bitRAKE 13 Jul 2009, 14:19
Does that mean some people prefer to buy their malware? Very Happy
Post 13 Jul 2009, 14:19
View user's profile Send private message Visit poster's website Reply with quote
pete



Joined: 20 Apr 2009
Posts: 110
pete 14 Jul 2009, 06:19
ManOfSteel wrote:
pete wrote:
P.S.: have you recognized the "Target"/"Start in"-path in the "Setting the Icon and Run Mode" chapter from your MS-link?

It's in the properties of every shortcut to an exe file. Is that what you're asking?

No, i was just pointing out that the use a path with the bad "w*rez" word.
Post 14 Jul 2009, 06:19
View user's profile Send private message Reply with quote
guignol



Joined: 06 Dec 2008
Posts: 763
guignol 06 Sep 2009, 16:14
Image


Description: Why, is there anything wrong with me?
Download
Filename: ShellRunas 1.01.7z
Filesize: 39.86 KB
Downloaded: 536 Time(s)



Last edited by guignol on 15 Sep 2009, 10:21; edited 1 time in total
Post 06 Sep 2009, 16:14
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20414
Location: In your JS exploiting you and your system
revolution 06 Sep 2009, 16:25
guignol wrote:
Why, is there anything wrong with me?
What are you asking about?
Post 06 Sep 2009, 16:25
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.