How do you run an application as TrustedInstaller or SYSTEM using without external programs?

This question is not a duplicate of other questions that have to do with running programs as TrustedInstaller or SYSTEM, because this one is specifically about not using external programs.

Using only the Command Prompt and/or PowerShell, but without external programs or commands, how can you run an application as TrustedInstaller or SYSTEM?


Solution 1:

AFAIK, there is no simple way to log in as SYSTEM or as TrustedInstaller without using third-party tools such as Microsoft's own (well, actually Russinovich's Sysinternals') PsExec, Nirsoft's NirCmd or Sordum's PowerRun.

It is easy, however, to make use of these tools appear to be native to Windows GUI, i.e., as a context menu item for executables, with a Registry tweak that adds the particular tool to the right-click menu.

[Even with those privileges, at times it may be impossible to perform simple tasks, such as using Regedit to modify a key owned by TrustedInstaller, without taking ownership.]