Answer the question
In order to leave comments, you need to log in
How to run cmdkey.exe /list as a user with admin rights but without knowing the password?
There are several dozen computers, not in the domain, but with centrally managed anti-virus software, so you can run arbitrary commands from the System user. It is required to collect the saved credentials for connections to fileshares, which can be obtained by the command
cmdkey.exe /list
The command gives data for the user from which it is run.
Question: is it possible, and if so, how can I run a command as a specific user via runas / PowerShell / etc so that they do not need to enter their password? (i.e. you need an analogue of the Linux sudo -u someuser cmd )
Answer the question
In order to leave comments, you need to log in
As far as I know, no password.
You can use a script from the system to put another script into the user's autoload, and at the next login it will be executed from the user.
as an option to use LiteManager (not advertising). In it, you can run CMD on behalf of the user or system.
Under windows this is not possible. There are crutches like https://github.com/gerardog/gsudo , but none of them bypass UAC completely, of course.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question