Interactive Session 0 in Windows 7

I'm trying to launch cmd.exe in session 0. So far I've done the following from an elevated command prompt:

sc config UI0Detect start= auto
net start UI0Detect

And the response indicates that the service was started correctly. It is at this point that I assumed if I switched to session 0, cmd.exe would be running.

I switch to session 0 using the following command:

rundll32 winsta.dll,WinStationSwitchToServicesSession

This successfully switches me to session 0, but the only window that's available is the one that has the option to return to session 1.

How do I get cmd.exe to launch in session 0?

omghai2u

Posted 2012-05-21T04:10:54.307

Reputation: 2 670

Why would you want to do this? UI0Detect allows old services to pop up a message box, not starting new GUI Apps. cmd.exe has a GUI – Peter Hahndorf – 2012-05-21T04:56:08.073

6@PeterHahndorf I understand that it's fun to deflect answering questions by saying "let's take a step back and see if this is what we really need to do because this sounds like a bad idea", and it's a relatively nice way to condescend fellow developers. But since this is for a debugging scenario and meant to be a quick fix (and alternative to using some 3rd party app like AlwaysUp), I don't really see how asking "why" is a helpful response. Thanks anyway. – omghai2u – 2012-05-21T05:12:30.627

I think Peter has a point. The question you should have wrote is "This is what I'm trying to do." A quick fix will only involve future pain. I can't count how many times I've heard "quick fix" only to still see the "quick fix" in production three years later. . . needing another "quick fix". I'm assuming you are typing to run a batch script of some sort? – surfasb – 2012-05-21T08:54:33.843

1@surfasb The question you suggested is essentially the question I wrote: "I'm trying to launch cmd.exe in session 0." Please keep answers focused on that question. Thanks. And there's no chance this will make its way into production, or for it to involve future pain. The way I do it for production is already set but I can't use it for debugging. The way I currently do it for debugging is cumbersome and involves using a 3rd party app. – omghai2u – 2012-05-21T19:20:56.823

Answers

To launch cmd.exe in session 0, use psexec from Sysinternals

psexec.exe -s 0 cmd.exe

Now you have a console running in session 0,

you can also start cmd.exe in session 0 and display GUI:

psexec.exe -s -i 0 cmd.exe

that way when you switch to session 0, the cmd.exe will be waiting for you there.

you have as many rights as you can get in Windows 7:

whoami /all

if you use other PsTools, remember to use the /accepteula switch:

pslist /accepteula

otherwise the program pops up a message box to ask to accept the Eula, the program will hang because there is no UI in session 0 to close the message box.

To verify that you are running in session 0, you can use qprocess:

qprocess /ID:0

you will see your 'cmd.exe' among all the service processes.

Peter Hahndorf

Posted 2012-05-21T04:10:54.307

Reputation: 10 677

Awesome thanks for attempting to answer my question. This would certainly work, my specific intention (as pointed out in the comments), however was to avoid using 3rd party apps. Is there a nice way to do this that doesn't necessitate the use of SysInternals tools (or really anything that doesn't come stock on Windows)? Thanks again. – omghai2u – 2012-05-23T23:58:53.903

2I don't consider the Sysinternal tools '3rd party' they are from Microsoft and you don't have to install them. – Peter Hahndorf – 2012-05-24T05:15:55.033

Sorry, I was considering anything not installed by default "3rd-party". – omghai2u – 2012-05-27T23:47:15.267

Peter. Awesome, thank you. Works perfectly for starting a process in session 0 (which means it keeps running when you log off.) – Daniel James Bryars – 2013-10-22T01:51:45.697

5The first command line is wrong: -s runs as SYSTEM user and doesn't take an argument. Perhaps you meant -i 0 in the first example and -s -i 0 in the second one? – jwg – 2014-03-05T09:46:19.673

It won't work. It merely starts a process as System.

Services are programs written in a special way to accept commands from the service control manager.

MS has a utility that allows running a program as a service. It's called Srvany and is in the Windows 2003 Resource Kit Tools.

Download Windows Server 2003 Resource Kit Tools

David

Posted 2012-05-21T04:10:54.307

Reputation: 111

I discovered the solution by accident one day, but http://www.alex-ionescu.com/?p=59 also documents a solution near to what I found

Create a batch file with the following (call it some.bat)

start cmd

Then create a service to call this batch file (using an Admin Command Prompt)

sc create access0 type= interact type= own binpath= some.bat

(Note the space after each =, and I suggest using full path for some.bat)

Then it is a matter of starting the services

sc start ui0detect
sc start access0

(There is no need to make ui0detect auto start with sc config UI0Detect start= auto)

And if all goes well, you will get the flashing box of imminent messages! Go to View Messages and you will have yourself an Admininstrator (nt authority\system) Command Prompt that will not be auto destroyed by a failed service start (hence the need for a batch file with the start command)

This does work, although sometimes it doesn't work the first try.

I believe this gives you access to the interactive session 0 only, which only exists for the nt authority\system user

Andy

Posted 2012-05-21T04:10:54.307

Reputation: 101

-2

You can use the shortcut start(Windows)+R to start the 'run' dialog. From there, just type 'cmd' (no quotes) and voila. cmd

Y2Forever

Posted 2012-05-21T04:10:54.307

Reputation: 1

Welcome to SuperUser. Your post does not answer the OPs question. Starting CMD normally does not put one into Session 0.

– I say Reinstate Monica – 2015-01-01T23:17:07.243