Several days ago, I blogged about the free tool Steel Run As. It allows standard users to run a program with administrator rights. Since then, I came across two other tools that serve the same purpose. One is the free command line tool CPAU, recommended by Andrew in my earlier post. The other is RUNASSPC (RUNAS + PASSWORD + ENCRYPTION) which is only free for personal use. Prices range between 20 and 200 Euros, depending on the number of computers you have in your network. While playing with RUNASSPC, I learned something new about Steel Run As, which simplifies its usage under Vista if UAC is enabled.
- Pip install Boto3 - Thu, Mar 24 2022
- Install Boto3 (AWS SDK for Python) in Visual Studio Code (VS Code) on Windows - Wed, Feb 23 2022
- Automatically mount an NVMe EBS volume in an EC2 Linux instance using fstab - Mon, Feb 21 2022
I assumed that it is necessary to avoid a UAC prompt if someone with standard user rights runs a program that requires admin rights. For this reason, I included the elevate command in the batch script, in my example that allows standard users to change the TCP/IP settings.
However, it is also possible to elevate the batch script by using the Powertoys elevate tool as the command to execute, and the patch script as parameter (see screenshot). This will trigger a UAC prompt, but the user doesn't require the administrator password to proceed (usually the case if someone with standard rights launches a program that needs admin privileges). This works with Steel Run As and RUNASSPC. I also tried it with CPAU, but its password encoding feature doesn't seem to work properly in Vista.
Note: Only the checksum of the elevate command will be verified; you have to make sure that end users don't have the right to modify the batch script. Anyone who can edit the file will be able to execute any program with administrator rights.
RUNASSPC and Steel Run AS are quite similar tools. The difference is that RUNASSPC creates an encrypted, not executable, file which contains the administrator password. To let a standard user run a program with admin rights, you must start the program on the command prompt, using the encrypted file as parameter. You can create a shortcut if you want to launch the program from the desktop.
RUNASSPC has a few more options than Steel Run As, such as logon with and without profile (see screenshot). I am unsure if this justifies its price. CPAU offers even more options. However, beside the fact that it has problems with Vista, its disadvantage is that the author admits that CPAU's proprietary encoding algorithm might not be secure. RUNASSPC, on the other hand, uses the Rijndaels AES 256 Bit encryption method, which should be secure enough. I also contacted Steelsonic, the publisher of Steel Run As, to find out how their tool secures the password—unfortunately, they didn't respond. Hence, RUNASSPC may be the best choice; at least you know the admin password is safe.
Subscribe to 4sysops newsletter!
I only recommend using these tools if there is no other way to get the job done. Even if the tool of your choice is secure, storing the administrator password in a file is always risky. Making a mistake might compromise your whole network. One way to lower the risk is to use an account that has just enough privileges for the task.