Friday, October 13, 2006

Am I command prompt admin?

Have you ever been in a situation where you wanted to know whether you are logged into a Windows Vista command promt as an administrator or a limited user?

Well, this is a small tip to let you SEE the difference :)

We have a registry key that gives us an option to autorun a specific BAT file whenever a command prompt is executed:

HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\

All you need to do is to add a String value called "autorun" and point to the BAT file we will create in a few seconds... Use "quotes" in the path, like in my case: "C:\!MY AREA\admintest.bat"

The BAT file itself needs to include the following code:

@echo off
pushd %SystemRoot%\System32
set ADMINTEST=~_~_ThisGottaBeUnique_~_~
:START
MD %ADMINTEST% > NUL 2>&1
if exist %SystemRoot%\System32\%ADMINTEST% GOTO ADMIN
GOTO END
:ADMIN
color 5f
RD %ADMINTEST%
:END
set ADMINTEST=popd

Basically it tries to create a (hopefully) unique directory below "Systemroot\System32" and tests if it succeedes, as only admins can create directories at that location it is pretty simple to figure out.

The rest is just setting the COLOR of the CLI background.

This picture shows the elements needed to perform this little trick - two different CLI's, one as a limited user (black) and one as an admin (purple) - the last title bar still shows "Administrator: Command Prompt" which is the only 'hint' we have by default.

In the background you will see the registry setting as well as the BAT script... I hope you can use this IRL, if not... it's still pretty kewl :)

0 Comments: