tldr; 我需要以管理员身份运行命令并检索输出
我已经创建了一个可以完成此任务的蝙蝠文件,但是我想将其转换为纯红宝石作为学习练习。 使用反引号,我可以从命令中获取输出,但是不幸的是,该输出告诉我我缺少用户特权。通过该站点,我找到了如何以正确的方式戳UAC,但是我似乎无法识别它想要的命令(bcdedit / v)
我已阅读https://docs.microsoft.com/en-us/windows/desktop/shell/shell-shellexecute和Detect if running with administrator privileges under Windows XP 以及大量堆栈溢出问题相似的问题,但还没有明确的指导方针来做到这一点。
def running_in_admin_mode?
(`reg query HKU\\S-1-5-19 2>&1` =~ /ERROR/).nil?
end
unless running_in_admin_mode?
shell = WIN32OLE.new('Shell.Application')
shell.ShellExecute("ruby", File.expand_path(__FILE__), nil, 'runas')
exit
end
更新:所以这种工作。它会在IRB shell中刷新我想要的输出,但是会打开无限的新shell,从而锁定计算机。
require 'win32ole'
shell = WIN32OLE.new('Shell.Application')
shell.ShellExecute("ruby", File.expand_path(__FILE__), nil, 'runas')
response = `bcdedit /v`
p response
exit
更新:暂时不要这样做。而是仅检查响应。代码还没有完全起作用,但是在这里,我可以防止有人想要介入。
require 'win32/registry'
require 'win32ole'
p 'Device Guard v0.1'
p 'Checking for requisite permissions'
def disable
p 'Would you like me to disable Docker and enable VMWare? [Yes] or [No]'
case (gets.downcase.chomp)
when 'yes'
puts "Disabling docker"
`bcdedit /set hypervisorlaunchtype off` # seems to work ok
Win32::Registry::HKEY_CURRENT_USER.open('SOFTWARE\Microsoft\Windows\CurrentVersion\Run') do |reg|
value = reg['Docker for Windows'] # need to save the location of the executable for next time
reg.delete_value('Docker for Windows') # Access denied even when run as admin :()
end
when 'no'
recheck
else
puts 'Instructions unclear'
disable
end
end
def enable
p 'Would you like me to disable VMWare and enable Docker? [Yes] or [No]'
case (gets.downcase.chomp)
when 'yes'
Win32::Registry::HKEY_CURRENT_USER.open('SOFTWARE\Microsoft\Windows\CurrentVersion\Run') do |reg|
docker_location = reg['Docker for Windows']
p docker_location
`bcdedit /set hypervisorlaunchtype Auto`
end
when 'no'
recheck
else
puts "Instructions unclear"
enable
end
end
def recheck
p 'Well what do you want me to do then? [Recheck] or [Exit]'
case (gets.downcase.chomp)
when 'recheck'
startup
when 'exit'
puts "bye then"
exit
else
puts "Instructions unclear"
recheck
end
end
def check_hypervisor(response)
edited_response = response.match('hypervisorlaunchtype(.*)')[1]
if edited_response.end_with?(" Off")
p 'Hypervisor Launch Type is disabled'
p 'This means VMWare should run and Docker is disabled'
enable
elsif edited_response.end_with?(" Auto")
p 'Hypervisor Launch Type is enabled'
p 'This means that Docker should run and VMWare is disabled'
disable
end
end
def startup
response = `bcdedit /v`
unless response.include?("Windows Boot Manager")
no_access
end
unless response.include?("Access is denied")
check_hypervisor(response)
end
end
def no_access
p 'I am not running as admin. Please run me from a shell with admin privilages'
exit
end
startup