master-hax · May 5, 2020 08:14 · Dec 2, 2019 · Nov 25, 2019 · Nov 25, 2019 · Nov 25, 2019
diff --git a/elevate.go b/elevate.go
@@ -21,7 +21,7 @@ func runMeElevated() {
 	verb := "runas"
 	exe, _ := os.Executable()
 	cwd, _ := os.Getwd()
-	args := ""
+	args := strings.Join(os.Args[1:], " ")
 
 	verbPtr, _ := syscall.UTF16PtrFromString(verb)
 	exePtr, _ := syscall.UTF16PtrFromString(exe)

diff --git a/Elevate when needed in Go.md b/Elevate when needed in Go.md
@@ -8,7 +8,7 @@ This wasn't accurately detecting that I was elevated, and was reporting that I w
 
 I didn't want to try writing to an Admin protected area of the filesystem or registry because Windows has the ability to transparently virtualize those writes for standard users, which would have created a false positive.
 
-I found this post on Reddit that recommended attempting to os.Open \\.\PHYSICALDRIVE0 which is not something that is virtualized, and this worked well for my purpose.  
+I found this post on Reddit that recommended attempting to os.Open \\\\.\\PHYSICALDRIVE0 which is not something that is virtualized, and this worked well for my purpose.  
 https://www.reddit.com/r/golang/comments/53dthc/way_to_detect_if_the_programs_running_with/
 
 To relaunch the tool as Admin with a UAC prompt, I used the ShellExecute function in the golang.org/x/sys/windows package, using the "runas" verb that I learned about from here:  

diff --git a/Elevate when needed in Go.md b/Elevate when needed in Go.md
@@ -3,10 +3,11 @@ I wanted to be able to have it reliably detect if it was running as admin alread
 When the user runs the tool with the specific switch to trigger this functionality (-install or -uninstall in my case) they are prompted by UAC (User Account Control) to run the program as admin, which allows the tool to relaunch itself with the necessary rights.
 
 To detect if I was admin, I tried the method described here first:  
-https://coolaj86.com/articles/golang-and-windows-and-admins-oh-my/
+https://coolaj86.com/articles/golang-and-windows-and-admins-oh-my/  
 This wasn't accurately detecting that I was elevated, and was reporting that I was not elevated even when running the tool in CMD prompt started with "Run as Administrator" so I needed a more reliable method.
 
 I didn't want to try writing to an Admin protected area of the filesystem or registry because Windows has the ability to transparently virtualize those writes for standard users, which would have created a false positive.
+
 I found this post on Reddit that recommended attempting to os.Open \\.\PHYSICALDRIVE0 which is not something that is virtualized, and this worked well for my purpose.  
 https://www.reddit.com/r/golang/comments/53dthc/way_to_detect_if_the_programs_running_with/
 

diff --git a/Elevate when needed in Go.md b/Elevate when needed in Go.md
@@ -0,0 +1,16 @@
+I'm buiding a command line tool in Go that has an option to install itself as a service on Windows, which it needs admin rights for.
+I wanted to be able to have it reliably detect if it was running as admin already and if not, relaunch itself as admin.
+When the user runs the tool with the specific switch to trigger this functionality (-install or -uninstall in my case) they are prompted by UAC (User Account Control) to run the program as admin, which allows the tool to relaunch itself with the necessary rights.
+
+To detect if I was admin, I tried the method described here first:  
+https://coolaj86.com/articles/golang-and-windows-and-admins-oh-my/
+This wasn't accurately detecting that I was elevated, and was reporting that I was not elevated even when running the tool in CMD prompt started with "Run as Administrator" so I needed a more reliable method.
+
+I didn't want to try writing to an Admin protected area of the filesystem or registry because Windows has the ability to transparently virtualize those writes for standard users, which would have created a false positive.
+I found this post on Reddit that recommended attempting to os.Open \\.\PHYSICALDRIVE0 which is not something that is virtualized, and this worked well for my purpose.  
+https://www.reddit.com/r/golang/comments/53dthc/way_to_detect_if_the_programs_running_with/
+
+To relaunch the tool as Admin with a UAC prompt, I used the ShellExecute function in the golang.org/x/sys/windows package, using the "runas" verb that I learned about from here:  
+https://www.codeproject.com/Articles/320748/Haephrati-Elevating-during-runtime
+
+The sample Go code is below. Other solutions talk about creating and embedding an application manifest with the requiresAdministrator attribute set, but this method does not require a manifest to be present.
diff --git a/elevate.go b/elevate.go
@@ -0,0 +1,48 @@
+package main
+
+import (
+	"fmt"
+	"golang.org/x/sys/windows"
+	"os"
+	"syscall"
+	"time"
+)
+
+func main() {
+	// if not elevated, relaunch by shellexecute with runas verb set
+	if !amAdmin() {
+		runMeElevated()
+	}
+	time.Sleep(10*time.Second)
+
+}
+
+func runMeElevated() {
+	verb := "runas"
+	exe, _ := os.Executable()
+	cwd, _ := os.Getwd()
+	args := ""
+
+	verbPtr, _ := syscall.UTF16PtrFromString(verb)
+	exePtr, _ := syscall.UTF16PtrFromString(exe)
+	cwdPtr, _ := syscall.UTF16PtrFromString(cwd)
+	argPtr, _ := syscall.UTF16PtrFromString(args)
+
+	var showCmd int32 = 1 //SW_NORMAL
+
+	err := windows.ShellExecute(0, verbPtr, exePtr, argPtr, cwdPtr, showCmd)
+	if err != nil {
+		fmt.Println(err)
+	}
+}
+
+func amAdmin() bool {
+	_, err := os.Open("\\\\.\\PHYSICALDRIVE0")
+	if err != nil {
+		fmt.Println("admin no")
+		return false
+	}
+	fmt.Println("admin yes")
+	return true
+}
+
No results found