How to run scripts from root`a in Windows?
Answer 1, Authority 100%
runas / user: username "command.exe / parameters"
runas / user: Mymachine \ Administrator cmd.exe – run the interpreter of the cmd.exe commands on behalf of the user “Administrator” computer “MyMachine”. When executing the command, the user password will be requested, on behalf of which the task must be performed.
runas / noprofile / env / user: MyDomain \ admin "mmc% windir% \ system32 \ diskmgmt.msc" – run the MMC console with snap control on the user name “admin” in Domain “MyDomain”. The user profile is not loaded, and the current environment variables are used. User profile download is necessary only when the task is to be performed that any data from it will be required. If the
/ ENV parameter is specified, then environment variables are inherited from the current user environment.
Runas / Savecred / User: admin @ MyDomain Regedit.exe – Run the registry editor “regedit.exe” on behalf of the user “admin” domain “MyDomain” with the memorization of the entered password. If there is a
/ savecred parameter, the entered password is remembered in the registry in an encrypted form and will not be requested.
Runas / ShowtrustLevel – Display trust levels that exist in the system. In response, the list will be displayed:
The following confidence levels are available in the system:
0x20000 (normal user)
In addition to the
0x20000 , you can use the values of
0x10000 corresponding to the minimum set of privileges and
0x40000 standard for This user is a set. To view the differences in different confidence levels, you can use the
Whoami command by performing it in a command processor session running with each of the
runas / trustlevel: 0x20000 cmd.exe – run the cmd.exe command processor using the level of trust obtained in the previous example.
runas / trustlevel: 0x40000 cmd.exe – run cmd.exe command processor using a standard confidence level.
Note: In the command line session running using the
/ trustlevel parameter, the privilege list corresponding to each level of trust can be obtained using the
WHOAMI / PRIV command, and full information about Account –
Whoami / All
/ profile parameter is incompatible with the `/ NetOnly parameter.
/ savecred parameter is incompatible with the
/ SmartCard parameter.
Here is an option with password transfer:
echo password | Runas / NetOnly / User: Workgroup \ user "Command.exe"
Answer 2, Authority 7%
Teams similar “sudo” no.
For Winows Vista-10:
You can run CMD on behalf of the administrator or select it in the properties of the shortcut.
If the CMD is running with administrator rights, the word “administrator” appears in the window header; The
Whoami / Groups command shows SID
S-1-16-12288 instead of
S-1-16-8192 ; Teams
Net Session or
Dir C: \ Windows \ Temp work (have access).
In this case, the CMD and the script have the maximum administrator rights, but do not have unlimited access. In the folder / security properties and also for the registry keys, you can also disable access for the administrator. The administrator has the ability to change these settings, but they act before that. But in rare cases of administrator rights, it really is not enough, this is self-defense of Windows.
Most programs also receive administrator rights if you run them in CMD from the administrator. Exception – Windows Explorer has always limited rights. You can check it in the Task Manager / Details / Hidden Column “with a higher level of permissions”
Or in ProcessExplorer / Hidden Column “Process Image / Integrity LEVEL”
Runas Suitable only for Windows XP / 2003, but does not change anything in Windows Vista – 10 due to UAC (User Account Control).
Have sudo for Windows https://chocolatey.org/packages/sudo . And also chocolatey package manager)