Sometime you may need to impersonate the system account (e.g. to look inside the HKEY_LOCAL_MACHINE\SAM and HKEY_LOCAL_MACHINE\SYSTEM subkeys or exploring "System Volume Information"); using psexec you can run a process as system.
C:\>psexec.exe /s /i cmd.exe
PsExec v1.56 - Execute processes remotelyCopyright (C) 2001-2004 Mark RussinovichSysinternals - www.sysinternals.com
Microsoft Windows XP [Version 5.1.2600](C) Copyright 1985-2001 Microsoft Corp.
C:\WINDOWS\system32>WHOAMI.EXE
NT AUTHORITY\SYSTEM
C:\WINDOWS\system32>exit
cmd.exe exited on MYCOMPUTER with error code 0.
The -i switch is what causes process to appear on the console desktop and it's typically useful when you want to run a GUI application on the local system where you can interact with it.
- Blogger Comment
- Facebook Comment
Subscribe to:
Post Comments
(
Atom
)
0 commenti:
Post a Comment