官网地址:https://www.nirsoft.net/utils/advanced_run.html
图形界面
命令行
提权TrustedInstaller示例(提权时只能在cmd下提权,可提权到powershell窗口或cmd窗口)
代码语言:javascript复制AdvancedRun.exe /Clear /EXEFilename "C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" /StartDirectory "C:" /CommandLine "" /RunAs 8 /Run
AdvancedRun.exe /Clear /EXEFilename "C:WindowsSystem32cmd.exe" /StartDirectory "C:" /CommandLine "" /RunAs 8 /Run提权SYSTEM示例(提权时只能在cmd下提权,可提权到powershell窗口或cmd窗口)
代码语言:javascript复制AdvancedRun.exe /Clear /EXEFilename "C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" /StartDirectory "C:" /CommandLine "" /RunAs 4 /Run
AdvancedRun.exe /Clear /EXEFilename "C:WindowsSystem32cmd.exe" /StartDirectory "C:" /CommandLine "" /RunAs 4 /Run注意:提权后并非所有操作都能顺利执行,比如Win10/Win11上,提权后想关闭WindowsDefender,结果报错
对于最新版Win10/Win11来说,执行Stop-Service WinDefend 2>&1 > $null报错是by design,WinDefend 服务在PC系统上微软没有产品化方案能关闭,常规办法关不掉的话,真要干掉PC系统的Defender,也是有特殊办法的,参考https://cloud.tencent.com/developer/article/old/2291850
当然,针对Stop-Service WinDefend 2>&1 > $null 或 Stop-Service WinDefend -ErrorAction SilentlyContinue报错的问题,我试了下,有个办法可以不报错,就是用图形界面先关闭real-time protection再关闭tamper protection
步骤:设置 → 隐私和安全性 → 病毒和威胁防护 → Virus& threat protection setttings/Manage settings → 先把Real-time protection设置Off,然后再把Tamper Protection设置Off
需要提醒的是:如果一上来就发现Real-time protection的按钮是灰色点不了的,得先把Tamper Protection的按钮点亮,然后Real-time protection的按钮会跟随变亮,然后再设置Real-time protection为Off,然后再设置Tamper Protection为Off。另外,Set-MpPreference -DisableRealtimeMonitoring $true 这个命令不靠谱,不一定能关闭Real-time protection,可靠的办法是通过图形界面关闭。
