WINDOWS: Elevating PowerShell to Admin Mode without UAC prompt

WINDOWS: Elevating PowerShell to Admin Mode without UAC prompt

ยท

2 min read

PowerShell is a powerful tool, allowing to perform a myriad of tasks with just a few commands. However, there are times when elevated privileges are required to execute certain commands. This is as easy as right-clicking PowerShell and "Run As Administrator" ๐Ÿ‘Ž. Not as easy though when you want to launch it entirely from the terminal, without any GUI popup (UAC).

Microsoft provides a not so beautiful but powerful command to do that too. Drumrolls......

The Runas Command

The `runas` command in Windows allows users to run a program with different user credentials than the ones currently in use. To open PowerShell in administrator mode with a domain admin user, the following command can be used:

runas /user:DOMAIN\adminuser "powershell.exe -NoProfile -ExecutionPolicy Bypass -Command \"Start-Process powershell -ArgumentList '-NoProfile -NoExit' -Verb RunAs\""

NOTE: Remember to replace placeholders like "DOMAIN" and "adminuser" with your actual domain name and admin username.

This command will give a command line prompt to enter password.

This command utilizes the `-NoExit` parameter, ensuring that the PowerShell console remains open after execution.

Breaking Down the Command

- runas /user:DOMAIN\adminuser: Specifies the domain and admin user for which elevated privileges are required.

- powershell.exe -NoProfile -ExecutionPolicy Bypass: Launches PowerShell with specific settings. The `-NoProfile` flag ensures a minimal profile is used, and `-ExecutionPolicy Bypass` allows the execution of scripts.

- Start-Process powershell: Initiates a new PowerShell process.

- -ArgumentList '-NoProfile -NoExit': Passes additional arguments to the new PowerShell process. The `-NoExit` parameter prevents the console from closing immediately.

- -Verb RunAs: Requests to run the process with elevated permissions.

Use Cases

- Script Execution: Running scripts that require administrative privileges.

- System Configurations: Making changes to system settings that necessitate elevated access.

- Software Installations: Installing software that requires administrative rights.

ย