Follow-up on "Setting color for all CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

anonymous — Wed, 27 Jun 2007 02:57:25 GMT

Ehm... why don't you simply use FSUTIL? For non-admin privileges (due to its LUA problem) it returns with error code 1, which is best for the cmd.exe shell.

BTW, what is this PingBack SPAM all about?

@anonymous: Excellent idea -- FSUTIL works fine for this purpose on both XP and Vista. And a lot shorter than the cacls command line.

I deleted one instance of the pingback. It happens whenever a blog post references another blog post.

-- Aaron

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

Alexander Sukhovey — Mon, 02 Jul 2007 14:05:58 GMT

Even better choice may be AT.EXE since it exists in Windows 2000 while FSUTIL.EXE was new to Windows XP.

@Al: I haven't tested the use of AutoRun on 2000, but I would guess that it would work the same way. And AT.EXE is definitely more portable for this purpose. Thanks!

-- Aaron

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

anonymous — Thu, 05 Jul 2007 07:46:57 GMT

Oh oh... two big issues there:

At first, I patched fsutil so it runs without admin privileges, since some of its functionalities (hardlinks, sparse, files) don't require either. Now it has become unsuitable for this purpose. Better go bck to cacls.

The second problem is that is invokes the program from the current directory. If you have a malicious cacls.exe (or a freshly patched fsutil.exe) laying around and you're launchung the shell from the explorer context menu, it will execute the local program, which is a security vulnerability. One should always reference it with the complete path, thus %windir%\system32\cacls.exe.

[Aaron Margosis] Hopefully you're first "big issue" won't affect anyone else. (Patching system binaries is... risky. BTW, on Vista, "mklink /h" now lets standard users create hard links). You are absolutely correct about the second issue -- I'll update the post accordingly.

Note though that when you choose "Run as administrator", the current directory is set to %windir%\system32, so that attack won't work in the elevated case.

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

Hofi — Thu, 05 Jul 2007 18:52:47 GMT

Just a tiny correction. You should use

%SystemRoot%\ because %windir% is does not exist in a command.com

[b]%SystemRoot%\system32\FSUTIL.exe > nul 2> nul && (color FC & title ADMIN - %USERDOMAIN%\%USERNAME%) || (title NONADMIN - %USERDOMAIN%\%USERNAME%)[/b]

works fine both for cmd.exe and command.com

[Aaron Margosis] But command.com doesn't invoke the AutoRun line anyway, does it?

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

Hofi — Thu, 05 Jul 2007 20:16:16 GMT

If ntcmdprompt present in config.nt then AutoRun will be invoked.

Give it a try, on my XP SP2 box that is the way it works.

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

anonymous — Fri, 06 Jul 2007 05:02:39 GMT

Patching system binaries is... risky? Come on, it's IDA Pro with the PDB debug data, and seeing a

call _IsUserAdmin(void)

test eax,eax

jnz short check_params_and_run

complain_not_admin()

is obvious. Now it's just 6 NOPs and making the jump unconditional. And then loading it into IDA and checking it again.

Sorry, this really can't go wrong.

For the command.com issue: Huh? command.com? Does this thin even exist? And I though it just launched cmd.exe. Anyway, %windir% exists on command.com since Windows 95, but %systemroot% might not.

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

Hofi — Fri, 06 Jul 2007 12:18:52 GMT

I've tried it once again.

There is no %windir% environment variable just %systemroot%.

Tried it on XP SP2 fully patched and a clean Vista installation also.

start cmd.exe

type

set

check for %windiw%

You will find it.

type command.com

type

set

check for %windir%

You won't find it

(i've checked that it is not depending on the ntcmdprompt, %windir% is not defined in XP and Vista command.com)

Closing all command shells from one command shell

Daniel — Thu, 19 Jul 2007 06:39:49 GMT

Hi is it possible to close all command shells from one command shell?

[Aaron Margosis] Not that I'm aware of.

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

Alexander Sukhovey — Thu, 19 Jul 2007 21:50:34 GMT

@Daniel

You can try "TASKKILL /IM cmd.exe". It should work if the cmd shell you are running the command in is the last one open otherwise it'll be killed before all other cmd windows are closed.

Or you can write a script that will determine PID of cmd process it is running under and skip it while closing all other windows. I'm not sure though it is what you're after.

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

Sam Black — Fri, 03 Aug 2007 20:39:09 GMT

Is there any way to get Vista to *NOT* put "Administrator" in the title (or at least not at the beginning of the title)? When you've got multiple command windows open, it's impossible to tell which is which on the task bar.

[Aaron Margosis] There's no way built into Windows to do that. But a custom program that calls the SetWindowText Windows API can change the title to anything you want it to (*). But if CMD changes its own title to something else (e.g., using the "TITLE" command) it will prepend "Administrator:" (or non-English equivalent) again if running in an elevated context.

(*) Note that this is subject to change at any time.

Ламинат цены

ламинат — Sun, 24 Aug 2008 14:34:40 GMT

0jThank's.7s I compleatly disagree with last post . xle

<a href="http://skuper.ru">паркет</a> 8k

Follow-up on "Setting color for *all* CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for *all* CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for *all* CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for *all* CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for *all* CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for *all* CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for *all* CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for *all* CMD shells based on admin/elevation status"

Closing all command shells from one command shell

re: Follow-up on "Setting color for *all* CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for *all* CMD shells based on admin/elevation status"

Ламинат цены

Follow-up on "Setting color for all CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"

re: Follow-up on "Setting color for all CMD shells based on admin/elevation status"