Login Register

UAC Bypass? filter_list
UAC Bypass? #1

Essentially what I am exploring at this moment and time is some form of priv escalation on Windows. There are several resources especially FuzzSecurity's Article and others. There is of course UACME and other sources on github, but just wondering if anyone on this forum has a better knowledge on bypassing UAC that isn't 'common' since 'explorer.exe' injection has been used and abused or at least point me in the right direction?

[+] 1 user Likes numer_05's post

RE: UAC Bypass? #2
This is a quite good article explaining an alternative way to bypass the user account control (UAC) in windows.
Hopefully you'll have some good use of it Smile

Ransomware is more about manipulating vulnerabilities in human psychology than the adversary’s technological sophistication.

[+] 1 user Likes Tracefl0w's post

RE: UAC Bypass? #3
I have a different suggestion. A while back I saw you can use any flavor of Linux to modify system files to open an administrator console. From there do whatever you want!

First create a live boot of Kali Linux on your USB, and boot into Kali. And then you should see a menu with a bunch of boot options, just select the first one. Then you need to mount your drive with Windows in your terminal. Then search for a file called 'sethc.exe' which is located in Windows/System32. You're going to want to rename it to 'sethc2.exe' so you can change it back later. Then find the 'cmd.exe' and rename it to 'sethc.exe'. Now just boot into Windows and once you get to the login screen, spam your ctrl key so Windows thinks it's opening sticky keys, and you should get the admin console!

Yeah it's a lot of work, but it's just an alternative.
(This post was last modified: 06-29-2019, 12:02 AM by Drako.)
[Image: tumblr_n4fsswcwZa1sbhzgao1_250.gif]

"Crack it open, throw it in a pan and let it cook." ~ Filthy Frank


Users browsing this thread: 1 Guest(s)