Every one of us use most of the applications. Either we develop the applications or deploy them. Whatever it is, it is much important to test the developed application as a standard user especially if an organization has a locked-down environment or the new generation operating system with UAC. Most of the times, this helps us in understanding the application behavior better. One of the software is Standard User Analyzer tool. It is able to help us in this purpose as this tool is a part of the Application Compatibility Toolkit.
Now, let’s discuss the procedure.
Step # 1. Install the Application Compatibility Toolkit and start the Standard User Analyzer. It is not required to run this as administrator. It’s required to just launch it. The application will be like mentioned below.
This tool works similar to SysInternals Tools Filemon/Regmon. The application is capable of monitoring all the files, registries, INI files modified, the name-spaces which the app calls and the credential Privilages Process calls when the application is launched. This will provide us a detailed analysis on how this application acts as a standard user. Moreover, you can also have an option to run the same application as an administrator user and compare these 2 reports. You can do this by checking the “Elevate” option in the Launch Options.
Step # 2. It is required to browse the executable file from the Target application tab. You can check this example. It is StockViewer.exe. Click on the button launch. Moreover, you can also specify any command line arguments/ parameters for this executable.
Usually, this tool needs a pre-requisite “Application Verifier”. If you’ve not installed this application, you can get the dialog box as shown below. Download and install this app. This Application Verifier is specifically designed to detect and help debug memory corruptions and critical security vulnerabilities. This is achieved by monitoring a native application’s interaction with the Windows Operating System, profiling its use of objects, the registry, the file system, and Win32 APIs (including heaps, handles, locks, etc), and indicating issues when and where they are discovered. Besides, the Application Verifier even includes checks to predict how well an application may perform under various account privileges.
If the Application Verifier is successfully installed, this will start monitoring your application usage. During this, you can get the warning image as shown below.
Step # 3. Now, you can start your application which you want to monitor, you can perform all the operations which an end-user would do. During this demo, you can see this application to ask for the administrative rights while launching and also it gives some “Access denied” error message. If you close this app, the Standard User Analyzer will gather all the required information which the application has accessed.
Moreover, these logs and reports will explain you on the application behavior. It will even help the developers to fix the application easily. Other than the application compatibility, this tool is able to provide you an option which identifies the mitigations and provides you the options to fix them.
If you click on Apply Mitigation, you will get the below dialog with the list of shims which would mitigate the issues identified.