Windows 10: Windows Admin token power - malwares

Discus and support Windows Admin token power - malwares in AntiVirus, Firewalls and System Security to solve the problem; Hello,1: recently, coding a program in C#, i noticed a thing: if you open a program {System.DiagnosticS.Process.Start"PATH";} as administrator, that... Discussion in 'AntiVirus, Firewalls and System Security' started by Also_called_BSOD, Jun 16, 2021.

  1. Windows Admin token power - malwares


    Hello,1: recently, coding a program in C#, i noticed a thing: if you open a program {System.DiagnosticS.Process.Start"PATH";} as administrator, that program will be able to run other programs as administrator without user account control.Isn't this too over powered?2: There exists a key in Win registry. If you create that key, taskkill.exe won't kill anymore processes. I found that key testing a malware. Once you've created that key, when you open cmd, type taskkill /IM random.exe and run the command, you'll notice an error like: taskkill.exe wasn't found. This is very over powered. I have

    :)
     
    Also_called_BSOD, Jun 16, 2021
    #1
  2. Namslas90 Win User

    admin password?

    You can reset the Admin Password using Windows XP repair; See Here for step by step.

    *Toast :toast:
     
    Namslas90, Jun 16, 2021
    #2
  3. Tryx3 Win User
    Login with the One Username, but have the option to select Admin or user.

    Grant,

    The user account & security models are significantly different now and have been since Windows 7 [I think the major change was actually introduced with Vista].

    • When an Admin user account logs in, the user account is only granted the rights [the "tokens"] of a Standard user account.
    • To grant Admin permission [to grant the Admin token] for an individual task, "Elevation UI" dialogs are used to give permission to proceed. They elevate the single approved task only.
    • Windows does not provide any means of selecting Admin / Standard tokens at login. All logins assign Standard tokens only.

    The ability for an Admin user account to run as an Admin [i.e. with the Admin token] at all times was removed deliberately.

    • Malware or a hacker could make use of the Admin token of a logged on Admin user [if Admin tokens were permanently assigned] to do whatever they wanted on the system without hindrance & without necessarily being noticed.
    • You could emulate having permanent Admin tokens by turning off UAC but doing so on a network-connected computer would be hazardous both to you and to other network users [unless you had done a complete malware scan after your last connection to the internet,
      to any external drives or to anything else].
    • Speaking personally in an attempt to convey the gravity of the situation, I allow temporary visitors to connect their computers to my network but I wouldn't let them anywhere near it or any of my peripherals / removable hardware if they had UAC turned off.

    As you might guess, I disagree strongly with the comment that this would be a "great recommendation". The current user account & security models are major components of the overall security system that has made Windows 10 so well-defended against malware.

    - - - - - - - - - - - - - - - - - -

    By the way, you can always get to a list of all the threads you are involved with in this forum by clicking on your username

    GrantDaly anywhere that it appears. So you can, if you wish, just save

    GrantDaly
    in your Favorites and use that as your staging post for all visits to the forum.

    Denis
     
    Tryx3, Jun 16, 2021
    #3
  4. mrpradeep Win User

    Windows Admin token power - malwares

    How do I import RSA Token on Windows Phone 8?

    Hi,

    Probably it might be helpful for those who may not be using sdtid file.

    In my case, the normal process of RSA seeding (for windows desktops) was as below:

    • Generating an activation code in the online portal.
    • Along with the activation code, the portal used to display the URL for importing tokens from web as https://custom.url.com/tokens
    • In the desktop RSA application, select 'import tokens from web' option
    • Paste above URL and then activation code in the specified fields to import the tokens
    However, when I installed RSA app in my windows phone (Windows-10), the app was expecting import URL in com.rsa.securid:// format. Finally it turned out that I need to enter the URL in following format:
    com.rsa.securid://ctkip?scheme=https&url=custom.url.com/tokens

    Once I pasted the link in this format, it was pretty simple. App asked for activation code, which was already available with me (as per step-1 above). The import was successful.
     
    mrpradeep, Jun 16, 2021
    #4
Thema:

Windows Admin token power - malwares

Loading...
  1. Windows Admin token power - malwares - Similar Threads - Admin token power

  2. RAT/Malware - Getting back Admin

    in Windows 10 Ask Insider
    RAT/Malware - Getting back Admin: I’m trying to fix a family members computer. I suspect was exposed to a RAT, where they pose as windows employees and get access to the computer, remove you from admin and install adware etc. Can anyone identify if any of these are troublemakers on this computer? CCleaner...
  3. Can malware get installed by a non-admin account without admin credentials?

    in Windows 10 Ask Insider
    Can malware get installed by a non-admin account without admin credentials?: Is that possible? If yes, how can I fugure out if it has happened submitted by /u/xdxdxdk [link] [comments] https://www.reddit.com/r/Windows10/comments/k3sfg3/can_malware_get_installed_by_a_nonadmin_account/
  4. Giving Myself Admin Powers

    in AntiVirus, Firewalls and System Security
    Giving Myself Admin Powers: Hello, I have 1 account only that dosent have administrator, I cant give myself administrator, I have tried everything, And nothing works. Please give me tips on how to give administrator to myself. Thanks...
  5. Power BI Admin Rights in Windows 10

    in Windows 10 Customization
    Power BI Admin Rights in Windows 10: I'm trying to set myself with admin rights for Power BI so that I can change the settings in the admin portal...Tenant Settings. Currently, I only see Capacity Settings in "Admin Portal", I believe this is because I'm not set up as the admin. Once I'm able to access Tenant...
  6. Game download using a token

    in Windows 10 Installation and Upgrade
    Game download using a token: I just tried using a token to download a game, but mid-install, I lost wifi connection. Not only did the game not download, the token now says it's already been used. How do I download the game to my PC using the same token?...
  7. Log in as ssh user "admin" fails with "unable to generate user token for admin as i am not...

    in Windows 10 Network and Sharing
    Log in as ssh user "admin" fails with "unable to generate user token for admin as i am not...: Open ssh server on windows 10 is configured to log on as local "Administrator" user. Logging to ssh server as user "administrator" works fine. But logging in as local "admin" user fails with "get_user_token - unable to generate user token for admin as i am not running as...
  8. Gain admin powers with standard account

    in AntiVirus, Firewalls and System Security
    Gain admin powers with standard account: Hello, So recently, i created a standard account to use as a testing account. I have rarely needed to use my admin account or install any programs. However, i noticed that i had forgotten the password to my admin account. I have access to the standard one right now. Any...
  9. Windows admin powers

    in Windows 10 Customization
    Windows admin powers: So, I have done something wrong in the settings of my pc and now the account I'm using no longer has administrator powers, I am the only one that uses this pc and there are no other accounts I have created, I really need admin powers to do the stuff I need to do, so I'm...
  10. Windows Hello in Token, a biometric ring

    in Windows 10 News
    Windows Hello in Token, a biometric ring: Leveraging Windows Hello technology, this new biometric ring helps eliminate the need for passwords. [img] There’s a good chance you’ve received an email today saying, “Congratulations, you’ve won!” or that “Your friend has tagged a photo of you” on a social...