3

I am writing a VB script that checks if applications are available and accessible e.g. cmd.exe, powershell.exe and so forth.

My script allows me to see if an application exists (it either works or does not and returns a Boolean)

If cmd is disabled via GPO, cmd will still technically work as it will load up, you just cannot use it.

I'd need some way to check if cmd has been disabled - without administrative rights.

I have tried running shell(cmd.exe), this would return a true or a false if the application launched so would always return true even if disabled (and false if the application did not exist).

What would be the correct approach, using - preferably using VB to check if cmd has been disabled that would work under these circumstances?

Journeyman Geek
  • 129,178
TheHidden
  • 131
  • 5
  • 2
    Check the associated GPO registry key? – Seth May 04 '18 at 09:28
  • @Seth Im not actually a windows user or developer, this is my first project I am messing with so Im not sure how I would accomplish this, I will however look into it. thanks – TheHidden May 04 '18 at 09:30
  • 1
    gpresult can query the restrictions placed on a system. If something is not restricted, gpresult will not show it. Its up to you to translate this into something you can work with. For example, get the output into a string, then search it for a keyword. – LPChip May 04 '18 at 10:52
  • @LPChip wow thanks thats extremely useful I will try it out, if this question was able to be answered I would accept that. though both of the useful comments are very good! a combination of answers – TheHidden May 05 '18 at 16:31
  • 1
    This is controlled by the DisableCMD value in HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System. If the value is 0 or is not present, the user can run cmd.exe. – Patrick Seymour May 05 '18 at 17:36
  • Does cmd /c work if cmd is disabled? If not, then generate a random string (e.g., vu7zwyd4), run cmd /c copy nul C:\temp\vu7zwyd4, and check whether the file was created (and delete it if it was). – Scott - Слава Україні May 05 '18 at 21:34
  • So this got reopened - had a little hassling from folks, and some edits, but I think its in shape. If folks want to write an answer that would be awesome. – Journeyman Geek May 06 '18 at 11:21

1 Answers1

0

Check if user is allowed to use the command prompt.

It is indeed not possible to check on enabled/disabled because the opening of the command prompt will always work, it's just any activity in it that's enabled/disabled. I used Scott's idea of trying something and see if it works. In my situation, I didn't have the permission to make a file in the directory, so I tried something else.

Solution: A hidden cmd window is started with a simple echo. (ProcesID (=output) is put in a string) => 2 possible scenario's: 1. If cmd is enabled, it will be closed after this command (due to /c). 2. If disabled, it will stay open, with the msg "The command prompt is disabled by the administrator", waiting for keypress.

Then, a list of tasks with the PID of this cmd is taken and put into a string with the ShellRun function from bburns.km with the change proposed by Pupa Rebbe on stackoverflow. 1. If the PID is in the list, the cmd exists and thus was not allowed (is hanging). The cmd is killed. 2. If the PID is not in the string, it means the cmd was closed as it should have been and thus is enabled.

Here's the code:

' Check if user is allowed to use the command prompt '
' by starting temporary cmd.exe and see if it hangs. '
Function IsCmdAllowed() As Boolean

  Dim TaskId As String, TaskList As String

  IsCmdAllowed = False

  ' Start hidden cmd, echo to have something that doesn't harm, keep Taskid. '
  TaskId = Shell("cmd.exe /c timeout /t 5 /nobreak echo ""hihi""", vbHide)

  ' not sure if waiting 0,5 sec is really necessary. '
  Application.Wait (Now + TimeValue("0:00:01") / 2)

  ' See if cmd still exists (check PID) and put data of cmd in string. '
  TaskList = ShellRun("Tasklist /fi ""PID eq " & TaskId & """ /nh")

  ' If The TaskId of cmd is in the string, it still exists'
  If Not TaskId = "" And _
     InStr(TaskList, TaskId) Then
    ' Kill the temporary cmd '
    Shell ("TASKKILL /PID " & TaskId)
  Else
    IsCmdAllowed = True
  End If

End Function

'Run a shell command, returning the output as a string: see bburns.km. '
Public Function ShellRun(sCmd As String) As String

  Dim oShell As Object, oExec As Object

  Set oShell = CreateObject("WScript.Shell")

  'run command
  Set oExec = oShell.Exec(sCmd)

  ShellRun = oExec.StdOut.ReadAll

End Function
Bever
  • 1