Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version

Elevating during runtime

, 15 Feb 2013 CPOL
How can an applicaiton elevate itself to gain "Admin" rights during runtime
ElevateUAC.zip
ElevateUAC.exe
HowToElevate_By_Michael_Haephrati.zip
ElevateUAC.suo
ElevateUAC.vcxproj.filters
// How to Elevate during runtime - POC by Michael Haephrati
// �2011 Michael Haephrati (haephrati@gmail.com )

#include "stdafx.h"

BOOL IsRunAsAdministrator()
{
    BOOL fIsRunAsAdmin = FALSE;
    DWORD dwError = ERROR_SUCCESS;
    PSID pAdministratorsGroup = NULL;

    // Allocate and initialize a SID of the administrators group.
    SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
    if (!AllocateAndInitializeSid(
        &NtAuthority, 
        2, 
        SECURITY_BUILTIN_DOMAIN_RID, 
        DOMAIN_ALIAS_RID_ADMINS, 
        0, 0, 0, 0, 0, 0, 
        &pAdministratorsGroup))
    {
        dwError = GetLastError();
        goto Cleanup;
    }

    // Determine whether the SID of administrators group is enabled in 
    // the primary access token of the process.
    if (!CheckTokenMembership(NULL, pAdministratorsGroup, &fIsRunAsAdmin))
    {
        dwError = GetLastError();
        goto Cleanup;
    }

Cleanup:
    // Centralized cleanup for all allocated resources.
    if (pAdministratorsGroup)
    {
        FreeSid(pAdministratorsGroup);
        pAdministratorsGroup = NULL;
    }

    // Throw the error if something failed in the function.
    if (ERROR_SUCCESS != dwError)
    {
        throw dwError;
    }

    return fIsRunAsAdmin;
}

void ElevateNow()
{
	BOOL bAlreadyRunningAsAdministrator = FALSE;
	try
	{
		bAlreadyRunningAsAdministrator = IsRunAsAdministrator();
	}
	catch(...)
	{
		std::cout << "Failed to determine if application was running with admin rights" << std::endl;
		DWORD dwErrorCode = GetLastError();
		TCHAR szMessage[256];
		_stprintf_s(szMessage, ARRAYSIZE(szMessage), _T("Error code returned was 0x%08lx"),dwErrorCode);
		std::cout << szMessage << std::endl;
	}
	if(!bAlreadyRunningAsAdministrator)
	{
		wchar_t szPath[MAX_PATH];
		if (GetModuleFileName(NULL, szPath, ARRAYSIZE(szPath)))
		{
			// Launch itself as admin
			SHELLEXECUTEINFO sei = { sizeof(sei) };
			sei.lpVerb = L"runas";
			sei.lpFile = szPath;
			sei.hwnd = NULL;
			sei.nShow = SW_NORMAL;

			if (!ShellExecuteEx(&sei))
			{
				DWORD dwError = GetLastError();
				if (dwError == ERROR_CANCELLED)
				{
					// The user refused to allow privileges elevation.
					std::cout << "End user did not allow elevation" << std::endl;
				}
			}
			else
			{
				_exit(1);  // Quit itself
			}
		}
	}
}

int _tmain(int argc, _TCHAR* argv[])
{
	
	std::cout << "How to Elevate during runtime - POC by Michael Haephrati" << std::endl;
	
	std::cout << "Press Y <ENTER> to elevate, or any other key <ENTER> to quit" << std::endl;
	TCHAR ch = getchar();
	if(ch == 'Y' || ch == 'y')
	{
		if(IsRunAsAdministrator())
		{
			std::cout << "The applicaiton is already running with admin privileges" << std::endl;
		}
		else
		{
			ElevateNow();
		}

		std::cout << "(please send your comments to Michael Haephrati haephrati@gmail.com) Press any key to continue";
		std::cin.get();
		std::cin.get();
	}
	else
	{		
		std::cout << "(please send your comments to Michael Haephrati haephrati@gmail.com) Press any key to continue ...";
		std::cin.get();
		std::cin.get();
	}

	return 0;
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Michael N. Haephrati
CEO
United States United States
Michael Haephrati, is an entrepreneur, inventor and a musician. Haephrati worked on many ventures starting from HarmonySoft, designing Rashumon, the first Graphical Multi-lingual word processor for Amiga computer. During 1995-1996 he worked as a Contractor with Apple at Cupertino. Worked at a research institute made the fist steps developing the credit scoring field in Israel. He founded Target Scoring and developed a credit scoring system named ThiS, based on geographical statistical data, participating VISA CAL, Isracard, Bank Leumi and Bank Discount (Target Scoring, being the VP Business Development of a large Israeli institute).

During 2000, he founded Target Eye, and developed the first remote PC surveillance and monitoring system, named Target Eye.

Other ventures included: Data Cleansing (as part of the DataTune system which was implemented in many organizations.


Follow on   Twitter   Google+   LinkedIn

| Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.1411022.1 | Last Updated 16 Feb 2013
Article Copyright 2012 by Michael N. Haephrati
Everything else Copyright © CodeProject, 1999-2014
Layout: fixed | fluid