Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Endpoint Management Community Blog

Giving Installation Executables Administrator Rights

Created: 18 Apr 2007 • Updated: 18 Apr 2007 • 15 comments
riva11's picture
+8 8 Votes
Login to vote

I've found a very cool freeware tool called "SteelSonic Run-As". It allows you to create standalone .exe files with administrative permissions. This .exe file allows computers to run as a standard user with admin privileges. The best thing is that can you do this without giving the computer user any administrator privileges.

Overview

Sometimes you need to install or execute programs without provide administrator rights to anyone. Imagine that you need to install some program without having access to the high level tools that would normally help you do this job?

For example, you can install Microsoft Office only using this tool by simply creating a .exe program that points to the setup stored on a software storage server and recording the admin/password information. After setting things up, you send this .exe program to the end user and he will be able to run this program without asking anyone to (with administrator priviliges) to perform the installation.

Moreover, "Steel Run-As" supports file CRC checking. The CRC (or cyclic redundancy check) produces a fixed size checksum and is usually used to detect errors after transmission or storage. Using the CRC also prevents the end user from renaming the target file.

License

Steel Run-As has a Freeware license for all private and corporate users.

How to Use

  • Run the Steel Run AS program
  • Add the information required to the mail screen
  • Click on the "Create Executable" and select the destination path for that "run as" executable

You can download Steel Run-As HERE.

Comments 15 CommentsJump to latest comment

FrankB's picture

As per chance I gave someone this advice today.

And I know you're not Dutch. This is really spooky!

2 Minds alike it seems :)

FrankB

______________________________________________
Frank Bastiaens
Senior Technical Consultant
Vanderlet B.V.

0
Login to vote
toralf's picture

On their home page it is nowhere said how they encrypt/secure the password.

Ciao
toralf

-2
Login to vote
at7427's picture

If you open the new executable with notepad you can easily see the username/password. I like the idea but there needs to be some sort of encryption to be viable.

-2
Login to vote
toralf's picture

If it is that easy to find out, you can give the password directly to the user. Which might end up as the better (less-risky) solution.

Ciao
toralf

0
Login to vote
FrankB's picture

The solution is simple, compress the executable with UPX, and Encrypt it.

Ok, it is a failure that it is not in the tool, but it is not something it can't be solved :)

FrankB

______________________________________________
Frank Bastiaens
Senior Technical Consultant
Vanderlet B.V.

-6
Login to vote
toralf's picture

That's true. It can be solved.
Nevertheless, the tool is promising some kind of security while it is a actually opening a breach. When it comes to security the mechanisms used should be outlined clearly. Thus, it would have been different for my judgement, if they had posted this on their webpage right away.

Ciao
toralf

0
Login to vote
riva11's picture

I tried to investigate and reproduce your steps but in the .exe file I don't see any information about domain, user or password ... I missed something?

BTW, someone else has tried to reproduce the same thing? and with the same results?

Thanks
PM

+6
Login to vote
toralf's picture

Sorry, I didn't. I trusted the information published. Maybe I was to quick to judge.

Ciao
toralf

+2
Login to vote
at7427's picture

I just verified it myself. If you open the .exe in notepad you'll see it in plain text amongst the gibberish. You can also simplify the process by doing a ctrl-f and searching. The trick is putting a space between each letter.

+2
Login to vote
riva11's picture

ok, thanks for your clarification.I tried to looking for a user account info (including spaces) .... but I'll take a look in the file in deep.
Regards
PM

+7
Login to vote
mb773's picture

Thanks Riva11!
I think that could be helpful for some installation without use evolute applications.

+6
Login to vote
riva11's picture

After a contact with the software author, I confirm that SteelRunAs program has got a 64bit encryption for password stored inside the executable.

Regards
PM

+5
Login to vote
mb773's picture

I didn't find any clear password in the exe file. 64bit encryption is an excellent way to protect this vital information.
Thanks

+5
Login to vote
riva11's picture

yes, exactly what I already posted.
The encryption allows to protecs any vital information included in the executable file.

Regards
PM

+6
Login to vote
riva11's picture

Update: Win XP,Vista,2003,2008 and Windows 7 Compatible

+3
Login to vote