[WIN7] Why standard user can override admin permissions.

Discussion in 'Windows Operating Systems' started by waveform, Nov 3, 2020.

  1. waveform

    waveform Member

    Joined:
    Nov 4, 2007
    Messages:
    300
    Location:
    USA
    I don't know if this is by Microsoft design or a bug, but when I was experimenting to test if windows would block me from editing a system file. In a standard user account I made in Win7, I tried to edit a hosts file with NotePad++. Windows did block me, but then notepad++ came up with an option to escalate itself to admin mode. I was then able to edit the hosts file and save it. (Notepad++ did this without me providing an admin password) This seem like a major security issue if a standard user can just bypass windows write-permissions simply by running a program as admin. Again Notepad++ did this without me providing an admin password.

    I'm guessing this freedom would not be possible if I was logged into a domain account / controler?
     
    Last edited: Nov 3, 2020
  2. waltermitty

    waltermitty Member

    Joined:
    Feb 19, 2016
    Messages:
    1,453
    Location:
    BRISBANE
    You're in the Administrators group locally (check lusrmgr.msc)
     
  3. theSeekerr

    theSeekerr Member

    Joined:
    Jan 19, 2010
    Messages:
    3,599
    Location:
    Broadview SA
    Yeah, if Notepad++ can escalate you to admin, you're an admin. It's not doing a privilege-escalation attack.
     
  4. OP
    OP
    waveform

    waveform Member

    Joined:
    Nov 4, 2007
    Messages:
    300
    Location:
    USA
    @ waltermitty, The user account by the way is called TEST

    I just checked lusrmgr.msc/ users and groups section, TEST account is listed only as user.

    Clicking yes to this prompt, allows the Notepad++ to save the file. But I'm working under a standard account as I took this screen.
    I provided this prompt NO password to elevate Notepad to run as admin. WTF
     

    Attached Files:

    Last edited: Nov 17, 2020
  5. CAPT-Irrelevant

    CAPT-Irrelevant Member

    Joined:
    Sep 7, 2007
    Messages:
    7,367
    Location:
    Sydney
    Which build of NP are you running?
     
  6. OP
    OP
    waveform

    waveform Member

    Joined:
    Nov 4, 2007
    Messages:
    300
    Location:
    USA
    Is it possible that the hosts file in windows is not considered a system file? But I think it is because it says it's locked when you try to save a change to it while under a user account.

    Notepad++ v7.6.6 (32-bit)
    Build time : Apr 3 2019 - 23:49:50
    Path : C:\Program Files (x86)\Notepad++\notepad++.exe
    Admin Mode : OFF
    Local Conf mode : OFF
    OS : Windows 7 (64-bit)
    exe size: 2.71
    Plugins : DSpellCheck.dll mimeTools.dll NppConverter.dll NppExport.dll
    --------------------


    Note: The Admin Mode : OFF section of the debug print out, displays as OFF while I'm logged in under the standard user account, but when log in under my main admin account, it displays ON.
     
    Last edited: Nov 17, 2020
  7. CAPT-Irrelevant

    CAPT-Irrelevant Member

    Joined:
    Sep 7, 2007
    Messages:
    7,367
    Location:
    Sydney
    Any specific reason you're using an 18 month old build?
    Are you opening this under your Admin or the Std User?
     
  8. OP
    OP
    waveform

    waveform Member

    Joined:
    Nov 4, 2007
    Messages:
    300
    Location:
    USA
    I'm not even using it these days. I was just testing the permissions under windows for my A+ book. what does the age of the program have to do with the fact that windows should block a standard user from editing a system file unless the admin password is provided? Which I did not.

    The Admin Mode displays as OFF while I'm logged in under the standard user account, but when logged in under my main admin account, it displays ON.
    When I'm testing this, I'm logging out of my admin account and logging on to my TEST account, which is a standard user account. I'm 110% sure of this.
     
    Last edited: Nov 17, 2020
  9. CAPT-Irrelevant

    CAPT-Irrelevant Member

    Joined:
    Sep 7, 2007
    Messages:
    7,367
    Location:
    Sydney
    AFAIK there's been instances of CVE issues with NP++, so I figured you might be running a vulnerable build.
     
  10. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,471
    What are the UAC settings on the system?
     

Share This Page

Advertisement: