Syster User Account

[assasing123]

so i m sure many of you have hear of the privilege scalation process that allows users to use the computer as the "SYSTEM" user right? well i m trying to make the PC use that user by default and not have any other user except those strictly needed (so yeah deleting administrator even) but i m not sure of where to start first.

i do know in OLD Oses like Windows 98 since there was no such thing as system user or limited users you were always running actually as the "SYSTEM" equivalent so i want to do that with my windows XP as well to disable or get rid of any other part of the OS that might link to other users. any suggestion or idea?.

First problem = if i open the control panel and try to edit my account while logged as "SYSTEM" either:

A: if using normal control panel i get the choice to change my picture if i click that i will get a NULL error.

or

B: using clasic control panel when i click on user accounts i can't see myself (sorta obvius) but i do know it might be modificable trought the command pront since the shell and other parts must have locked access and disabled the posibility to modify this account.

if there is any GURU out there, now is the time to appear.

[DreamSkape]

Hi,

There is a provision in the Comodo System Cleaner, (under Utilities --> Login) to login directly to a user without having to enter details. Though I have not used it, it may help you bypass restrictions and log in without the welcome screen. You can download it for free at comodo.com

However, it does not provide option to disable logoff. To do that, you can use the GPEDIT.MSC if you are using XP Pro.

Hope this helps for the first part. I cant help with the second issue related to control panel.

--

--

Best Regards,

DreamSkape

Signed: Monday, June 29, 2009, 7:52:04 PM IST

Edited June 29, 2009 by DreamSkape

[JustinStacey.x]

You can't. What you are asking to do is to turn a multi-user system with integrated security right down to the kernel, into a single user system with no security whatsoever. It just can't be done; and attempting to do it will either render your system unusable or so insecure that it won't even be worth connecting it to the Internet. And even then, you won't be able to alter the behaviour of the kernel itself to behave in a manner that you are after.

What I'm really curious to know, is why you would want to do this.

[iamtheky]

you could very easily build an autoit script that performed the functions in the video, and throw it in your startup. I know its not default but its quick.

http://www.youtube.com/watch?v=cri-sCe2av0

*and you want this when you are a limited user on a very poorly managed O/s that has this hole open, and feel like elevating your rights.

Edited June 29, 2009 by iamtheky

[PC_LOAD_LETTER]

yeah add +1 to this being a terrible idea. Ive only needed to force escalate to system 1-2 times and both were purely out of frustration during a malware disinfection. I prolly could have worked around it if i had tried. anyways your average user rarely even needs admin privileges. Its like a Jeep. Yeah its kinda cool to be able to drive around with the doors off but really how practical is that really?

[jaclaz]

You can't. What you are asking to do is to turn a multi-user system with integrated security right down to the kernel, into a single user system with no security whatsoever. It just can't be done; and attempting to do it will either render your system unusable or so insecure that it won't even be worth connecting it to the Internet. And even then, you won't be able to alter the behaviour of the kernel itself to behave in a manner that you are after.

Well, actually this is more or less (read exactly) what minlogon does.

http://msdn.microsoft.com/en-us/library/ms...mbedded.5).aspx

Now, a freeware/Open Source minlogon replacement would be a nice thing to have.

jaclaz

[JustinStacey.x]

Bugger... I'm slipping.

Thanks for that Jaclaz.

[beats]

i do know in OLD Oses like Windows 98 since there was no such thing as system user or limited users you were always running actually as the "SYSTEM" equivalent so i want to do that with my windows XP as well to disable or get rid of any other part of the OS that might link to other users. any suggestion or idea?.

Yes, NT != 9x. You can't compare them like that.

First problem = if i open the control panel and try to edit my account while logged as "SYSTEM" either:

A: if using normal control panel i get the choice to change my picture if i click that i will get a NULL error.

Most likely cause is that System does not have a complete/normal User Profile.

B: using clasic control panel when i click on user accounts i can't see myself (sorta obvius) but i do know it might be modificable trought the command pront since the shell and other parts must have locked access and disabled the posibility to modify this account.

Not really. The NT system account is designed for this purpose. It's an internal account, does not show up in User Manager, cannot be added to any Groups, nor can it have User Rights assigned to it. For more information, see: How the System account is used in Windows.

[assasing123]

The reason is simple, i m often messing up with memory dumps and other stuff that i link to process run by system (and yes i crash my PC very often).

also because i want to create a really totally stripped version of XP not for normal users though. but something where every single cycle of the procesor and every byte of ram and hard disk is not being wasted on stuff.

sort of like a pure kernel + drivers + gui, nothing else.

alike a game console you could say.

i m not asking for if should or not. neither i m asking what would be the consequences, i m aware of those.

so please avoid posting those things. also as the minwin guy said, MS did it for minwin so there should be a way to do this on XP.

and yes i m running SP3 Pro.

so if anyone knows how to do what i want, mind illuminating me?

Edited August 27, 2009 by assasing123

[iamtheky]

Clarifying post #4:

This has not been checked, but seems correct in my head

Run this:

schtasks /create /SC onlogon /tn command /tr "cmd.exe" /RU %username% /RP %Password%

Throw an autoit script in your startup that contains all of 3 lines. Syntax below may be questionable.

winwaitactive (svchost.exe)

send (taskkill /IM explorer.exe)

send (explorer.exe)

Edited August 27, 2009 by iamtheky

[jaclaz]

so please avoid posting those things. also as the minwin guy said, MS did it for minwin so there should be a way to do this on XP.

What the "minwin guy" said is slightly different, a substitute for winlogon.exe, called minlogon.exe actually exists, and it is 100% usable on a "normal" XP.

So, THERE IS A WAY, using minlogon.exe to do this on XP.

The "minlogon.exe" component is part of XP embedded, for which you can buy a License.

XP embedded is also available as a trial download, so you may also try it.

It does not exist AFAIK a similar Freeware/Open Source/Redistributable substitute for Winlogon.exe, though.

jaclaz

[DreamSkape]

I dont think you need to download any third party. After I recommended COMODO in the second post, I did some research and set my PC so that it automatically goes straight to the desktop without any login screen. The command is "control userpasswords2". You can use it to disable other accounts too, but it is not advisable to disable admin account (the first one from top).

I also wrote a step by step guide to the process that can be found at http://www.brighthub.com/computing/windows.../42774.aspx?p=2

Hope this is what you are looking for.

--

Best Regards,

Arun Kumar M.

Signed: Friday, August 28, 2009, 3:28:35 PM IST

[JustinStacey.x]

Dreamskape, please read the posts. What you have suggested is not what the user is after, at all.

[iamtheky]

Still going with this first command so it pops up every logon, do this once

schtasks /create /SC onlogon /tn command /tr "cmd.exe" /RU %username% /RP %Password%

Autoit seems to work as following from the run key:

sleep (20000);adjust pending boot time

send ("^+{esc}");opens task manager

sleep (1000);wait for it..

winactivate ("Windows Task Manager") ;activates the window

winwaitactive ("Windows Task Manager");makes sure its active

send ("expl");type as many characters of explorer as you need to identify it in the manager

sleep (1000);probably unnecessary wait for a sec

send ("{del}");end the process

sleep (1000);again with the waiting, may actually be a delay for the dialog this time

send ("{enter}");confirms the ending of the process

sleep (15000);delay to allow the current explorer to close out completely

WinActivate ("C:\WINDOWS\System32\svchost.exe");activate the scheduled process window that should of popped on logon

WinWaitActive ("C:\WINDOWS\System32\svchost.exe");double check to make sure its the active window

send ("explorer.exe");types explorer.exe

send ("{enter}");executes

Exit

Edited August 28, 2009 by iamtheky

[assasing123]

Allthough the IT method works, it dosn't removes the bytes still of the other accounts and register bounds. easy to notice since if you use ctrl+alt+supr you get a task manager that belongs to the user that logged in originally and not to the system, to run the taskmgr from the system user is needed to type it as a command on the command pront or run box