not really programming and probably butchered the execution on that cmd but this felt like the only place it would be funny to post it
not really programming and probably butchered the execution on that cmd but this felt like the only place it would be funny to post it
idk if its system or trustedinstaller that i literally logged into and launched a “user session”, its been a while since i played around windows. but yeah it kinda works although it breaks explorer heavily (lol)
just use a normal admin user and use nircmd to run 7zip totalcmd etc as SYSTEM
Edit: I was scrolling back up and realized I responded to the wrong person about the psexec thing. I apologize for any misunderstanding (I’m gonna leave it because its still kind of good info in there and I suck at typing on mobile).
I’m not a fan of psexec anymore, in a lot of environments is blocked or gets picked up by overzealous AV. Might I suggest using using something like NTObjectManager to just spawn a child process of TrustedInstaller?
It works really well, I’ve never seen it flagged by AV, and it’s nice being able to remove shit that system can’t. One thing I had a hard time getting away from PSExec for was remote sessions when remote management was turned off. Thankfully you can just invoke-command to call cmd and enable WinRM remotely… Goddamn I hate Windows but love the simplicity to utilized it’s “under documented” features.