Running a Command Prompt as NT AUTHORITY\SYSTEM
Posted by Mike Howells on February 12, 2011
I recently ran into a situation where I was using the SysInternals tool ProcDump to write a dump file to be examined for a memory leak.
The problem started when trying to run ProcDump against the process oracle.exe. The error message was “Access denied.”
I was an administrator on the server so how could I become more powerful than an administrator?
The answer comes in the form of opening a command prompt as NT AUTHORITY\SYSTEM, which will then grant us the authority to access the oracle.exe process to create a dump file.
The first step is to download the Sysinternals tool PsExec from the below URL:
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
Extract PsTools.zip to a folder on your hard disk.
Launch a command prompt as administrator (right-click the command prompt shortcut):
In the command prompt navigate to the folder containing the PsTools.zip extracted data.
We will now launch PsExec.exe with the -i and -s switches to launch the program interactively using Local System.
psexec.exe -i -s %SystemRoot%\system32\cmd.exe
Type whoami at the newly opened command prompt and you will see that you are now running as NT AUTHORITY\SYSTEM:
You can now execute ProcDump against the process that you were previously denied access to and complete your work.
Note: If your system does not have whoami.exe, you can typically find this program as a separate download via the resource kit or support tools appropriate to your Microsoft operating system.
Mike Howells's Blog 
Vik said
Hey Mike, thanks for this valuable info..it really helped.
Jim Link said
The /accepteula switch fixed my issues. I had accepted the EULA for my logged in user, but not the SYSTEM user and it took me an hour or so to realize what the problem was as no error was being logged (since I was using the -d switch).
Kindergeburtstag Mannheim said
Hey this is kinda of off topic but I was wanting to know if blogs use WYSIWYG editors or if you have to manually code with HTML.
I’m starting a blog soon but have no coding know-how so I wanted to get guidance from someone with experience. Any help would be greatly appreciated!
mikehowells said
I use WordPress specifically because it does allow WYSIWYG and also allows for some coding. It’s kind of the perfect mix; at least for me.
Diary of a Garmin BITS Job Gone Bad « Mike Howells's Blog said
[…] Of course, there is no reason given for the failure. But, after performing some research on canceling BITS jobs, it appears that you have to be logged in as the user who created the BITS job. So, how do you log in as NT AUTHORITYSYSTEM? I actually blogged about this in 2011 in this blog article here: https://mikehowells.wordpress.com/2011/02/12/running-a-command-prompt-as-nt-authoritysystem/ […]
Eduardo Álvarez said
Great insight! It saved my life while I was trying to recover a lost sa password, and my only option left was to work from the command line as NT AUTHORITY\SYSTEM. A million thanks!
Hacking and Modding Windows Universal Apps and Games (UWP) – Behind Flatspot-Pictures said
[…] could also always just open up a shell as NT-Authority and access them that […]