@akjudge - I only tried it on AssessChk and the first time, it showed the EULA, can you run AssessChk twice and post the screenshot each time? Please read the entire response first as I actually managed to figure out how it's done.
Because for me, even the first time, I tried to type in I forgot exactly what the character before the accepteula shows on the EULA screen, it might have been - or ~ in that black box on the bottom and then clicked the Execute next to it and all it did was it thought I was trying to put that as part of the AssessChk command line. I could not get the EULA to show up again to tell you exactly what to type but what I did was not even supposed to work as it seems like this is a problem with the CLI Sysinternals tools in general, not WSCC other than WSCC includes the Sysinternals CLI tools and people had to downgrade to older versions per Google as seen at:
1.
accesschk accepteula Flag which says:
"accesschk accepteula Flag
Hey there!
accesschk.exe is a
Microsoft Sysinternals tool that is great for auditing privileges on your systems, and for auditing privileges on
others’ systems.
When run for the first time, accesschk.exe, and most other sysinternals tools, pop up a window asking for the user to accept the End User License Agreement (EULA), despite being a CLI application.
What this means, is that, if attempting to use accesschk.exe in a scenario where you only have CLI access to a Windows host, such as getting a limited shell in a penetration test, you can’t use accesschk.exe.
Fortunately, the Sysinternals team added a flag to tell the program that you accept the EULA, and not to display a popup, /accepteula.
Unfortunately, this flag was removed from their tools at some point, and sending /accepteula no longer gives the desired effect.
It took me a while, but I found the below link using archive.org, which expands out to an old version of accesschk.exe which accepts the /accepteula flag.
"
2.
Windows XP SP0/SP1 Privilege Escalation to System Tutorial - read the "PROBLEM" part under 2. Check for vulnerability which says:
"PROBLEM:
When accesschk.exe is uploaded and we execute the latest version of accesschk.exe from SysInternals, we won't be able to execute this in our low level shell. Why you ask? Well, when you run accesschk.exe for the first time in a GUI environment, it will give you a pop up window asking you to accept their EULA. If we run accesschk.exe via CLI it would freeze our shell. Wouldn't they build in some kind of parameter in the accesschk.exe binary to accept the EULA via CLI? Yes, they actually did. In older versions of accesschk.exe there was a parameter /accepteula which did exactly that, but they removed the parameter in newer releases. That being said, we will have to download an older version of accesschk.exe to fulfill our needs.
You can download older versions with the /accepteula parameter from
here and
here."
But this is my wscc that I just tried again just now on AccessChk itself where I first click on AccessChk
which shows:
So perhaps in v6.15 and possibly earlier versions that came out after the problem, sysinternals fixed it because of feedback so one can accept the EULA again or they changed it to -accepteula instead of /accepteula as seen below?
In any case, let's try this on Contig:
and it looks like the EULA screen came up which was what I needed:
So it actually says:
Code:
This is the first run of this program. You must accept EULA to continue.
Use -accepteula to accept EULA.
so you would type in "
-accepteula" in the black box and then click on
Execute as shown below:
and then it should work without the EULA screen:
Looks like I was wrong initially in my previous first original response, you have to do the EULA for each Sysinternals CLI tool the first time you run it.
