After I become SYSTEM...

The ubiquitous operating system, discussion of its (many) flaws, and how to mitigate the risks of those flaws

After I become SYSTEM...

Post by karasu21 on Wed Dec 09, 2009 7:49 am
([msg=31183]see After I become SYSTEM...[/msg])

Maybe I posted the first one in the wrong forum but I really hope someone could give me ideas...

I tried to use the interactive cmd.exe trick to become SYSTEM (which succeeded since my Startup menu already says SYSTEM)

However, whenever I try to access a drive ("C:\" for example), I always get the "Access to the resource C: has been disallowed"
What's happening? I thought SYSTEM already have the highest privileges on a Windows computer. This restriction was already existing on a standard user account but it still persisted when I became SYSTEM.

Any ideas on what's happening?

Oh, I already tried gpedit and disabled the restriction but the problem still persists...

Any help will be appreciated...
There are only 10 people in this world. Those who can read binary and those who don't
karasu21
New User
New User
 
Posts: 6
Joined: Thu Jul 10, 2008 11:31 am
Blog: View Blog (0)


Re: After I become SYSTEM...

Post by faazshift on Wed Dec 09, 2009 10:45 am
([msg=31188]see Re: After I become SYSTEM...[/msg])

Hmm... I just tried the same thing (going from my admin account to SYSTEM) on my laptop and I had full access to drive c. Im guessing that even though explorer is being run as the SYSTEM user, something is still persisting from the user that was previously in use (maybe some other process needs to be run as SYSTEM?).
faazshift
Contributor
Contributor
 
Posts: 516
Joined: Wed Jun 03, 2009 3:55 pm
Location: Riverton, Utah
Blog: View Blog (0)


Re: After I become SYSTEM...

Post by karasu21 on Wed Dec 09, 2009 10:52 pm
([msg=31209]see Re: After I become SYSTEM...[/msg])

Then that program doesn't recognize me as SYSTEM? Or was it too strict to block even SYSTEM to access drives?... Whenever I try to Google the error (the "Access to the resource blah blah blah" error), they always say that it is fixable via gpedit.msc or rsop.msc, but that is assuming that the current user is a standard user and doesn't have enough privs (I think).
There are only 10 people in this world. Those who can read binary and those who don't
karasu21
New User
New User
 
Posts: 6
Joined: Thu Jul 10, 2008 11:31 am
Blog: View Blog (0)


Re: After I become SYSTEM...

Post by faazshift on Wed Dec 09, 2009 11:56 pm
([msg=31211]see Re: After I become SYSTEM...[/msg])

Hmm, if you can become SYSTEM, I would think that it would work like its supposed to (since it has more privs than admin). Im not sure why its not working for you. Of course, im not an 'expert' with windows.
faazshift
Contributor
Contributor
 
Posts: 516
Joined: Wed Jun 03, 2009 3:55 pm
Location: Riverton, Utah
Blog: View Blog (0)


Re: After I become SYSTEM...

Post by insomaniacal on Thu Dec 10, 2009 6:46 am
([msg=31217]see Re: After I become SYSTEM...[/msg])

If you are still in your GUI, chances are that explorer.exe was launched by your normal account, and has all the security settings loaded for your account. Trying killing that and running it again as System. There might be a few other processes that you should do this with, but that's all I can think of off the top of my head.
It's not who votes that counts, it's who counts the votes
insomaniacal.blog.com
User avatar
insomaniacal
Addict
Addict
 
Posts: 1210
Joined: Sun May 24, 2009 10:21 am
Blog: View Blog (0)


Re: After I become SYSTEM...

Post by Overlord5 on Mon Apr 05, 2010 11:46 pm
([msg=37759]see Re: After I become SYSTEM...[/msg])

Hahaha. I know what you're talking about. One of my friends computer did this to him. A couple of question:

Are you logging in from the network?
In cmd if you type CD .. Can you change directories?

And I'm sure if I wasn't too lazy, I could find the registry file.

Anywho if this is your own computer you should just back stuff up, and format it again.
Overlord5
New User
New User
 
Posts: 23
Joined: Mon Apr 05, 2010 10:56 pm
Blog: View Blog (0)



Return to Microsoft Windows

Who is online

Users browsing this forum: No registered users and 0 guests

cron