Many of us work with Applications; either we develop or deploy them! While doing so, its important to test the developed application as a Standard User. Especially when the organization has a locked-down environment or the New Generation Operating Systems with UAC.
This helps in understanding the application behavior better. Standard User Analyzer tool exactly helps you in this purpose! This tool is a part of the Application Compatibility Toolkit.
Step 1: Install the Application Compatibility Toolkit and Start the Standard User Analyser. You dont need to run this as administrator; you can just launch it.
The application launches as below,
If you are aware of the SysInternals Tools Filemon/Regmon, this tool pretty much does the similar job. When you launch an application, it will monitor all the files, registries, INI files modified, the name-spaces which the app calls, the credential Privilages Process calls etc. This will give a detailed analysis on how this application behaves as a standard user.
You also have an option to run the same application as an administrator user and compare these 2 reports. This can be done, by marking the checkbox “Elevate” in the Launch Options.
Step 2: In the Target application tab, browse to the executable which the application will be launching. In this example, it is StockViewer.exe. Click on the button Launch. (You can also specify any command line arguments / parameters for this executable)
This tool needs a pre-requisite “Application Verifier”. If you have not installed this application, you will get this below dialog. Download and install this app.
Application Verifier is designed specifically to detect and help debug memory corruptions and critical security vulnerabilities. This is achieved by monitoring a native application’s interaction with the Windows operating system, profiling its use of objects, the registry, the file system, and Win32 APIs (including heaps, handles, locks, etc), and indicating issues when and where they are discovered. Application Verifier also includes checks to predict how well an application may perform under various account privileges. You can download it here
Once Application Verifier is installed, This will actually start monitoring your application usage. You may also get this below warning message,
Step 3: Start your application which you want to monitor; you can perform all the operations which an end-user would do!
While this demo, i launched my application and found that this application asked for administrator rights while launching, and also gives some ‘access denied’ error. When I close this app, the Standard User Analyzer has fetched all the requirement information which the application has accessed.
These logs and reports will explain you on the application behavior. It will also help your developers to fix this application easily. Looking from the application Compatibility front, this tool also gives you an option which identifies the mitigations and provides you options to fix them.
When you click on the Apply Mitigation, you will get the below dialog with the list of shims which would mitigate the issues identified.
You can also export this mitigation as an msi, so that you can deploy the same using any deployment tools in your organization!