Saturday, October 19, 2013

How to resolve "You don't have administrator rights! freeSSHd will close!" error message while launch freeSSHd?

Setup SSH server using freeSSHd 1.2.6 on my machine running on Window 7. Error message "You don't have administrator rights! freeSSHd will close!" keep prompting when the app is launched.

Below are the steps to resolve this issue
1. Download OllyDbg from Launch the app

2. Open "FreeSSHDService.exe" as displayed in the screenshot below.
Note: The file located at the FreeSSHd installation folder

3. Press Ctrl+G and search for address "0041312A"

4. Right click on the selected "0041312A" address, select "Binary" -> "Edit" menu.

5. Change "HEX +00" field value from "74 49" to "90 90". Click on Ok button.

6. Right click on the modified address, select "Copy to executable" -> "Selection" menu.

7. A new exe will be generated. Right click on any boundaries of the window,select "Save File" menu.

8. Overwrite the existing "FreeSSHDService.exe", launch the app, you can find FreeSSHD icon in the system tray..


prathima b r said...

Thank you so much its working...

Carl said...

Thank you, this works perfectly on a Windows Server 2003!

Chacotey said...

perfecto probado en windows server 2012

Leroy Diocotlhe said...

This works!!!

Zuko said...

Works perfect!, thanks.

Arif Khan said...

That works smoothly. Many thanks!

David Boerner said...

That address can not be found any longer, not sure of freesshd changed...

Miguel Prieto Hortal said...

Gracias, me ha funcionado perfectamente

Unknown said...

For freeSSHd version 1.3.0 I NOP'ed 2 bytes starting from address 0098333E and could open exe after that. Thanks for the guide!

x said...

What would be the address on freeSSHd

Andy Franks said...

I changed it at 0130333f, and it's 74 49 I think instead of the existing binary bytes given. You can tell from the screen shot which line it is approximately.
At own risk but worked for me.

Dipen Parekh said...

Hi Friends, Please ensure that the module at top says FreeSSHD and not ntdll or any other module. To change the module press Alt+E and select the FreeSSHDService.exe module, generally the first one in the list. Easier way to find the Address in this module is to right click and Search for-->All referenced text strings, a new window opens, here right click and "Search for text" then search for the text "Tray icon shown (admin logged in)", note down this address, go back to the main window and then search for the noted address and then scroll up 4 lines and you will find the address with value of 74 49 or 74 56, change this to 90 90 and follow the rest of the steps.

Yozzer Hughes said...

Version 1.3.1 can run on a non-admin account by :-

Short way
Load OllyDbg (run as administrator - lol that's what this is about)
File>>Open point to your original executable
Right click in CPU main thread >> View >> MODULE freeSSHD (if you can't find it on the list you are already in it)
*This opens and sets the module to the right one.

enter 0025333E
*scrolls to the instruction at this addrress
highlight and right click >> binary >> edit >> enter 90 90 >> OK
select the 2 90 NOP instructions SHIFT+ LEFT MOUSE
right click >> copy to executable >> selection >> OK

*opens a new window
right click >> save file >> save your file
run it

Why this requires this silly account when Windows can run in admin mode I do not understand.


Thomas Sayne said...

I installed version 1.3.1 and edited the bytes at 0130333f. The existing bytes were 74 56, rather than 74 49. The rest of the directions were fine.

Rafael Santos said...

Don't work if I use the version

somebody has the same problem?

stbrownlow said...

If you cannot find the address, follow the instructions provided by "Dipen Parekh" in the comments above

yuryg5 said...

You can just open it (version 1.3.1) in hex editor and look for these bytes 85C07456 and then replace them with 85C09090

Corbett Enders said...

TL;DR .... follow the instructions provided by "Dipen Parekh" in the comments above. Worked perfectly.

Nrawut Phrommahit said...

I use version 1.3.1
go to addr => 00402DE1
and edit as instruction

Many thank for helping us.

Tim Alder said...

What can I say but.... you're brilliant!

Thank you so much. Worked exactly as directed on version, Server 2008. What I can't understand is why this issue has occurred only once on many installations - all of which are identical i.e. they are all produced from the one disk image.

truth adjustr said...

Dipen Parekh is the man! Otherwise, you could hose your Windows machine irreparably.