(编辑:jimmy 日期: 2024/11/10 浏览:2)
很多时候我们需要管理员权限来运行bat那么就需要结合vbscript来实现了
方法一:
%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c %~s0 ::","","runas",1)(window.close)&&exit
常用
@echo off mode con lines=30 cols=60 %1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c %~s0 ::","","runas",1)(window.close)&&exit cd /d "%~dp0" rem 下面可以写你的bat代码了
方法二:
@echo off %1 %2 ver|find "5.">nul&&goto :st mshta vbscript:createobject("shell.application").shellexecute("%~s0","goto :st","","runas",1)(window.close)&goto :eof :st copy "%~0" "%windir%\system32\"
原理类似
ShellExecute method
Run a script or application in the Windows Shell.
Syntax
.ShellExecute "application", "parameters", "dir", "verb", window
.ShellExecute 'some program.exe', '"some parameters with spaces"', , "runas", 1
Key
application The file to execute (required)
parameters Arguments for the executable
dir Working directory
verb The operation to execute (runas/open/edit/print)
window View mode application window (normal=1, hide=0, 2=Min, 3=max, 4=restore, 5=current, 7=min/inactive, 10=default)
Note the different (double " and single ' ) quotes that can be used to delimit paths with spaces.
The runas verb is undocumented but can be used to elevate permissions. When a script is run with elevated permissions several aspects of the user environment may change: The current directory, the current TEMP folder and any mapped drives will be disconnected.
runas will fail if you are running in WOW64 (a 32 bit process on 64 bit windows) for example %systemroot%\syswow64\cmd.exe ...
The ShellExecute method is a member of the IShellDispatch2 object.
Examples
Run a batch script with elevated permissions, flag=runas:
Set objShell = CreateObject("Shell.Application") objShell.ShellExecute "E:\demo\batchScript.cmd", "", "", "runas", 1
Run a VBScript with elevated permissions, flag=runas:
Set objShell = CreateObject("Shell.Application") objShell.ShellExecute "cscript", "E:\demo\vbscript.vbs", "", "runas", 1
“If you don't execute your ideas, they die” ~ Roger Von Oech
Related:
Run with elevated permissions - Script to run as Admin
.Exec - Execute command, returning an object
.Run - Run a command
joeware.net - CPAU (Create Process As User) like RunAs but with an options to encrypt the password.
Equivalent CMD command: ShellRunAs - Run a command under a different user account
批处理文件中的%~dp0表示含义
~是扩展的意思,相当于把一个相对路径转换绝对路径
%0代指批处理文件自身
%1表示批处理文件命令行接收到的第一个参数,%2表示第二个,以此类推
%~d0 是指批处理所在的盘符,其中d代表drive
%~p0 是指批处理所在的目录,其中p代表path
%~dp0 是批处理所在的盘符加路径
cd %~dp0 就是进入批处理所在目录了
详细解释还可参考命令 call /"htmlcode">
var command = WScript.Arguments.Item(0); var argument = ""; for (var i = 0; i < WScript.Arguments.Count(); ++i){ argument += WScript.Arguments.Item(i) + " "; } try{ var shellapp = new ActiveXObject("Shell.Application"); shellapp.ShellExecute(command, argument, null, "runas", 1); } catch(e){ WScript.Echo("Something wrong: " + e.description); }
以后要以管理员身份运行程序的时候,只要输入“Elevate <exefile> <arguments>”就可以了,比如“Elevate cmd /k”。
当然,这个逃不过UAC的检查,还是会有一个对话框弹出来要点“确定”的。