DDR爱好者之家 Design By 杰米

很多时候我们需要管理员权限来运行bat那么就需要结合vbscript来实现了

方法一:

%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c %~s0 ::","","runas",1)(window.close)&&exit

常用

@echo off
mode con lines=30 cols=60
%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c %~s0 ::","","runas",1)(window.close)&&exit
cd /d "%~dp0"
rem 下面可以写你的bat代码了

方法二:

@echo off 
%1 %2 
ver|find "5.">nul&&goto :st 
mshta vbscript:createobject("shell.application").shellexecute("%~s0","goto :st","","runas",1)(window.close)&goto :eof 
:st 
copy "%~0" "%windir%\system32\" 

原理类似

ShellExecute method

Run a script or application in the Windows Shell.

Syntax
.ShellExecute "application", "parameters", "dir", "verb", window

.ShellExecute 'some program.exe', '"some parameters with spaces"', , "runas", 1
Key
application The file to execute (required)
parameters Arguments for the executable
dir Working directory
verb The operation to execute (runas/open/edit/print)
window View mode application window (normal=1, hide=0, 2=Min, 3=max, 4=restore, 5=current, 7=min/inactive, 10=default)
Note the different (double " and single ' ) quotes that can be used to delimit paths with spaces.

The runas verb is undocumented but can be used to elevate permissions. When a script is run with elevated permissions several aspects of the user environment may change: The current directory, the current TEMP folder and any mapped drives will be disconnected.

runas will fail if you are running in WOW64 (a 32 bit process on 64 bit windows) for example %systemroot%\syswow64\cmd.exe ...

The ShellExecute method is a member of the IShellDispatch2 object.

Examples

Run a batch script with elevated permissions, flag=runas:

Set objShell = CreateObject("Shell.Application")
objShell.ShellExecute "E:\demo\batchScript.cmd", "", "", "runas", 1

Run a VBScript with elevated permissions, flag=runas:

Set objShell = CreateObject("Shell.Application")
objShell.ShellExecute "cscript", "E:\demo\vbscript.vbs", "", "runas", 1

“If you don't execute your ideas, they die” ~ Roger Von Oech

Related:

Run with elevated permissions - Script to run as Admin
.Exec - Execute command, returning an object
.Run - Run a command
joeware.net - CPAU (Create Process As User) like RunAs but with an options to encrypt the password.
Equivalent CMD command: ShellRunAs - Run a command under a different user account

 批处理文件中的%~dp0表示含义

~是扩展的意思,相当于把一个相对路径转换绝对路径
%0代指批处理文件自身
%1表示批处理文件命令行接收到的第一个参数,%2表示第二个,以此类推
%~d0 是指批处理所在的盘符,其中d代表drive
%~p0 是指批处理所在的目录,其中p代表path
%~dp0 是批处理所在的盘符加路径


cd %~dp0 就是进入批处理所在目录了


详细解释还可参考命令 call /"htmlcode">

var command = WScript.Arguments.Item(0);
var argument = "";
for (var i = 0; i < WScript.Arguments.Count(); ++i){
 argument += WScript.Arguments.Item(i) + " ";
}
 
try{
 var shellapp = new ActiveXObject("Shell.Application");
 shellapp.ShellExecute(command, argument, null, "runas", 1);
}
catch(e){
 WScript.Echo("Something wrong: " + e.description);
}

以后要以管理员身份运行程序的时候,只要输入“Elevate <exefile> <arguments>”就可以了,比如“Elevate cmd /k”。

当然,这个逃不过UAC的检查,还是会有一个对话框弹出来要点“确定”的。

DDR爱好者之家 Design By 杰米
广告合作:本站广告合作请联系QQ:858582 申请时备注:广告合作(否则不回)
免责声明:本站资源来自互联网收集,仅供用于学习和交流,请遵循相关法律法规,本站一切资源不代表本站立场,如有侵权、后门、不妥请联系本站删除!
DDR爱好者之家 Design By 杰米