Bypass administrator priveleges!?!?
July 19, 2006 1:09 PM Subscribe
What did I do to gain Administrator privileges to install software and how can I do it again?
Background info: I work for a company that restricts users to install software in the C:\Program files folder. People can't install Yahoo or MSN messenger nor programs that install themselves (meaning you can't change the installation location). I did however found out you can install a program directly to the c: drive or to the users folder, that is if you can change the location when installing the program. I also have access to manipulate the registry. This still does not let me install yahoo or msn messenger or a few other programs. I can't even pull up the date/time window.
What I did: I downloaded the trial version of ABBYY Finereader Pro and installed it successfully. When I tried to uninstall it through add/remove option in windows, it didn't let me (told me it was busy even after closing it in task manager) so I went to the registry and deleted all traces of the program (I went to find and searched everything with ABBYY and Finereader and just deleted everything that came up. I know that was stupid.) When I tried to install it again, it gave me a registry error so I couldn't install it again. I searched the internet with the error ("the configuration data for this product is corrupt") and was told to add an "installation key" and some other keys (one of the websites is http://support.esri.com/index.cfm?fa=knowledgebase.techarticles.articleShow&d=24710). Also I downloaded PCmechanic and tried to fix the registry. The last thing was to download a program from microsoft )Windows Installer CleanUp Utility from http://support.microsoft.com/default.aspx?scid=kb;en-us;290301) to recover the registry (funny thing is that I could install everything else but not ABBYY again). after all those steps I was able to install ABBYY again. Something that I did or one of the programs I did gave me access to install any program I desired without the "Administrator access required" box. Can anyone tell me what I did and how can I do it again without doing all those steps again? I'm running Windows XP Pro. Let me know if you need any further information.
Background info: I work for a company that restricts users to install software in the C:\Program files folder. People can't install Yahoo or MSN messenger nor programs that install themselves (meaning you can't change the installation location). I did however found out you can install a program directly to the c: drive or to the users folder, that is if you can change the location when installing the program. I also have access to manipulate the registry. This still does not let me install yahoo or msn messenger or a few other programs. I can't even pull up the date/time window.
What I did: I downloaded the trial version of ABBYY Finereader Pro and installed it successfully. When I tried to uninstall it through add/remove option in windows, it didn't let me (told me it was busy even after closing it in task manager) so I went to the registry and deleted all traces of the program (I went to find and searched everything with ABBYY and Finereader and just deleted everything that came up. I know that was stupid.) When I tried to install it again, it gave me a registry error so I couldn't install it again. I searched the internet with the error ("the configuration data for this product is corrupt") and was told to add an "installation key" and some other keys (one of the websites is http://support.esri.com/index.cfm?fa=knowledgebase.techarticles.articleShow&d=24710). Also I downloaded PCmechanic and tried to fix the registry. The last thing was to download a program from microsoft )Windows Installer CleanUp Utility from http://support.microsoft.com/default.aspx?scid=kb;en-us;290301) to recover the registry (funny thing is that I could install everything else but not ABBYY again). after all those steps I was able to install ABBYY again. Something that I did or one of the programs I did gave me access to install any program I desired without the "Administrator access required" box. Can anyone tell me what I did and how can I do it again without doing all those steps again? I'm running Windows XP Pro. Let me know if you need any further information.
Two possibilities come to mind:
1) IS pushed down a policy or something lifting restrictions, your software adventure was just a coincidence.
2) Your box has been rooted, either by one of the pieces of software you installed or some other unrelated cause.
posted by Mitheral at 1:24 PM on July 19, 2006
1) IS pushed down a policy or something lifting restrictions, your software adventure was just a coincidence.
2) Your box has been rooted, either by one of the pieces of software you installed or some other unrelated cause.
posted by Mitheral at 1:24 PM on July 19, 2006
This is one of the reasons why corporate IT departments put the restrictions in effect-- so you don't mess up your machine trying to change things like the registry. I'd say your best bet is to call it a wash and call the IT department to fix the problem or reimage your machine. Sorry if I sound a little harsh, but as "the guy from IT" myself, I'd much rather have a user just ask me to install an instant messenger then try and circumvent my security settings.
To more directly answer the question at hand, it's probably a mixture of group policies and timing.
posted by GreenTentacle at 1:44 PM on July 19, 2006
To more directly answer the question at hand, it's probably a mixture of group policies and timing.
posted by GreenTentacle at 1:44 PM on July 19, 2006
Response by poster: I with more IT guys where more like you. Because my company doesn't have people like you I have to resort to things like this.
posted by nserrano at 1:56 PM on July 19, 2006
posted by nserrano at 1:56 PM on July 19, 2006
i will be honest i did not make it the whole way through your post. one giant block of text is so tough. you might want to check out portable apps though. on account of not having to install these applications in the traditional sense i think you should have no issue running anything they offer.
posted by phil at 1:59 PM on July 19, 2006
posted by phil at 1:59 PM on July 19, 2006
Without going into detail (you can Google it if you are determined) you boot off of a floppy, CD or usb, run a program that allows you to read and write to NTSF partitions, remove the SAM file (save a copy), boot into windows where you are now an admin with no password, install your program, boot off of the floppy and put the SAM file back.
posted by caddis at 2:37 PM on July 19, 2006
posted by caddis at 2:37 PM on July 19, 2006
...Or you could just use this bootdisk to reset your administrator password, then log in as admin and do whatever you need.
posted by crazyray at 3:30 PM on July 19, 2006
posted by crazyray at 3:30 PM on July 19, 2006
but then your real admins will know that you compromised your computer
posted by caddis at 3:39 PM on July 19, 2006
posted by caddis at 3:39 PM on July 19, 2006
but that bootdisk (or whatever - I have not actually read the link) is cool for when you stupidly forget your password or go without one and some joker adds one
posted by caddis at 3:41 PM on July 19, 2006
posted by caddis at 3:41 PM on July 19, 2006
Btw, if you just want to use instant messenger, go to http://www.meebo.com You can get access to all the major IM clients from there without installing anything..
posted by empath at 7:59 PM on July 19, 2006
posted by empath at 7:59 PM on July 19, 2006
Just backing phil up by pointing out that Wikipedia has a great List of Portable Applications.
posted by utsutsu at 8:14 PM on July 19, 2006
posted by utsutsu at 8:14 PM on July 19, 2006
Sorry if I sound a little harsh, but as "the guy from IT" myself, I'd much rather have a user just ask me to install an instant messenger then try and circumvent my security settings.
I dunno, I get pretty cheesed off when people ask me to install stuff like IM clients. I'd almost rather them try to circumvent the security, fail, and then not do it. If they don't fail, then at least I'm not aware of them chatting at work.
posted by hoborg at 8:32 PM on July 19, 2006
I dunno, I get pretty cheesed off when people ask me to install stuff like IM clients. I'd almost rather them try to circumvent the security, fail, and then not do it. If they don't fail, then at least I'm not aware of them chatting at work.
posted by hoborg at 8:32 PM on July 19, 2006
I can't tell you what you did, but I just wanted to clarify your situation: is your computer currently broken or not? And can you currently install everything you want or not? As I read your question, the computer works and you have admin privileges right now. You just want to know how you did it so you can repeat it if necessary later.
posted by jacalata at 9:11 PM on July 19, 2006
posted by jacalata at 9:11 PM on July 19, 2006
I have to agree with Mitheral. I believe that your IT department pushed changes out since you're last successful attempt.
And for all your at work Instant Messenger needs I suggest using www.meebo.com . Much easier than fooling with the registry, and a lot safer.
posted by aznhalf at 4:06 AM on July 20, 2006
And for all your at work Instant Messenger needs I suggest using www.meebo.com . Much easier than fooling with the registry, and a lot safer.
posted by aznhalf at 4:06 AM on July 20, 2006
What type of network are you running. In my organization - we are mainly a novell shop - all the policies are loaded from Netware. If a user click Workstation only checkbox on login (only logging into domain) they can download and install all they want.
Mind you we always catch the buggers, thanks to trusty firewall log and reporting utilites. First time ok , second time your supervisor is notified, third time we remove internet from your computer (your know remove the tubes from it).
posted by bleucube at 6:22 AM on July 20, 2006
Mind you we always catch the buggers, thanks to trusty firewall log and reporting utilites. First time ok , second time your supervisor is notified, third time we remove internet from your computer (your know remove the tubes from it).
posted by bleucube at 6:22 AM on July 20, 2006
Response by poster: My computer is still working perfectly. I've tried Meebo and even some other software like Trillian, but I still have the urge for the real deal. My Organization is running Windows 2003. And yes, I still have access to install programs. I do not want to delete the admin password (I knew about the boot disc since I've used it before in my home PC) I just want to be able to install any software if I have to. I'll take a look into the portable apps again. I knew a few months ago there were hardly any of them.
posted by nserrano at 6:54 AM on July 20, 2006
posted by nserrano at 6:54 AM on July 20, 2006
It could be something else as well. You stated you installed trialware software. It's possible that the trialware installed reg keys that did not contain the key words you searched for to manually delete (usually a bad idea, BTW) to prevent people from just reinstalling the trialware instead of buying their product. Those orphaned keys may not have been cleaned up until you ran those on of those other cleanup tools. (I do not know if the installer was Windows Installer based or not; not all Windows installation packages are.) The installer could also have been "phoning home" to the vendor or some service was running that you did not uninstall.
Are you an admin on the server that is running Win 2003? Do other users also share that server? If you share it, maybe they just want to protect other users from an outage caused by someone installing virus laden software, software that introduces vulnerabilities, or unlicensed software that could that could cost the company a lot of money when some whistleblower brings it to the vendors attention.
Your IT dept may have good reasons that you don't know about for having the policies they do (perhaps they just want to know which apps are installed so they can know what security patches to apply to the machines to protect you and your data). Also by herding the installs to the Program Files directory, they can quickly tell what was installed by users and what may not belong there. I seem to remember that in order to have the designed for Windows XP logo, your application should install to the Program Files directory by default. If your application does install there, you don't have to grant unnecessary Admin rights for users to use the application.
Sorry if that seems a bit pedantic, but I'm on the IT side of the argument and a lot of what non-IT users see as a barrier is really just best practices to prevent them from having to rebuild a server due to someone else's poor judgement.
posted by neboysha at 8:21 PM on July 20, 2006
Are you an admin on the server that is running Win 2003? Do other users also share that server? If you share it, maybe they just want to protect other users from an outage caused by someone installing virus laden software, software that introduces vulnerabilities, or unlicensed software that could that could cost the company a lot of money when some whistleblower brings it to the vendors attention.
Your IT dept may have good reasons that you don't know about for having the policies they do (perhaps they just want to know which apps are installed so they can know what security patches to apply to the machines to protect you and your data). Also by herding the installs to the Program Files directory, they can quickly tell what was installed by users and what may not belong there. I seem to remember that in order to have the designed for Windows XP logo, your application should install to the Program Files directory by default. If your application does install there, you don't have to grant unnecessary Admin rights for users to use the application.
Sorry if that seems a bit pedantic, but I'm on the IT side of the argument and a lot of what non-IT users see as a barrier is really just best practices to prevent them from having to rebuild a server due to someone else's poor judgement.
posted by neboysha at 8:21 PM on July 20, 2006
This thread is closed to new comments.
posted by nserrano at 1:18 PM on July 19, 2006