Wednesday, October 29, 2014

Running something on Windows startup with elevated privilege


To launch a .exe on Windows startup with administrator privileges, I know that:



  • the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run method is not good, because it will always display a prompt on each startup "Are you sure to ...",


  • the TaskScheduler method works,



but:



  • what about adding a shortcut to the .exe in Startup folder of the Start menu?


I've tried it, but it silently fails - the .exe doesn't start.


I also tried to edit the properties of the shortcut: Compatibility tab > Run as admin, and also Settings for all users button, then Run as admin.


Idem: it silently fails to start.


Question 1: How to make a .exe with elevated privilege start on Windows startup with a shortcut in Startup folder?


Question 2: Will this show a UAC prompt on each startup?


Answer



Simple answer, you cannot.


This is a security violation. If this were possible, malware could invest itself easily on a target system. To prevent applications from running with administrative privileges, the methods you described that work are the only ways you can take. They require administrative privileges to setup which is the only way it can be prevented to make malicious programs to take over without the users consent.


If you somehow force a program to run with administrative privileges at startup through the startup folder (requires scripts and what not) it will trigger a UAC prompt.


Only the task schedule method can be used to do it without a UAC prompt. Of course, setting up the task requires UAC in the first place.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...