How to run scripts from root`a in Windows?
Answer 1, Authority 100%
runas / user: username "command.exe / parameters"
runas / user: Mymachine \ Administrator cmd.exe
– run the interpreter of the cmd.exe commands on behalf of the user “Administrator” computer “MyMachine”. When executing the command, the user password will be requested, on behalf of which the task must be performed.
runas / noprofile / env / user: MyDomain \ admin "mmc% windir% \ system32 \ diskmgmt.msc"
– run the MMC console with snap control on the user name “admin” in Domain “MyDomain”. The user profile is not loaded, and the current environment variables are used. User profile download is necessary only when the task is to be performed that any data from it will be required. If the / ENV
parameter is specified, then environment variables are inherited from the current user environment.
Runas / Savecred / User: admin @ MyDomain Regedit.exe
– Run the registry editor “regedit.exe” on behalf of the user “admin” domain “MyDomain” with the memorization of the entered password. If there is a / savecred
parameter, the entered password is remembered in the registry in an encrypted form and will not be requested.
Runas / ShowtrustLevel
– Display trust levels that exist in the system. In response, the list will be displayed:
The following confidence levels are available in the system:
0x20000 (normal user)
In addition to the trustlevel
equal 0x20000
, you can use the values of 0x10000
corresponding to the minimum set of privileges and 0x40000
standard for This user is a set. To view the differences in different confidence levels, you can use the Whoami
command by performing it in a command processor session running with each of the TRUSTLEVEL
runas / trustlevel: 0x20000 cmd.exe
– run the cmd.exe command processor using the level of trust obtained in the previous example.
runas / trustlevel: 0x40000 cmd.exe
– run cmd.exe command processor using a standard confidence level.
Note: In the command line session running using the / trustlevel
parameter, the privilege list corresponding to each level of trust can be obtained using the WHOAMI / PRIV
command, and full information about Account – Whoami / All
Note: The / profile
parameter is incompatible with the `/ NetOnly parameter.
Note: The / savecred
parameter is incompatible with the / SmartCard
parameter.
Here is an option with password transfer:
echo password | Runas / NetOnly / User: Workgroup \ user "Command.exe"
Answer 2, Authority 7%
Teams similar “sudo” no.
For Winows Vista-10:
You can run CMD on behalf of the administrator or select it in the properties of the shortcut.
If the CMD is running with administrator rights, the word “administrator” appears in the window header; The Whoami / Groups
command shows SID S-1-16-12288
instead of S-1-16-8192
; Teams Net Session
or Dir C: \ Windows \ Temp
work (have access).
In this case, the CMD and the script have the maximum administrator rights, but do not have unlimited access. In the folder / security properties and also for the registry keys, you can also disable access for the administrator. The administrator has the ability to change these settings, but they act before that. But in rare cases of administrator rights, it really is not enough, this is self-defense of Windows.
Most programs also receive administrator rights if you run them in CMD from the administrator. Exception – Windows Explorer has always limited rights. You can check it in the Task Manager / Details / Hidden Column “with a higher level of permissions”
Or in ProcessExplorer / Hidden Column “Process Image / Integrity LEVEL”
Runas
Suitable only for Windows XP / 2003, but does not change anything in Windows Vista – 10 due to UAC (User Account Control).
Answer 3
Have sudo for Windows https://chocolatey.org/packages/sudo . And also chocolatey package manager)