module
Windows Escalate UAC Protection Bypass (Via Shell Open Registry Key)
| Disclosed |
|---|
| Mar 17, 2017 |
Disclosed
Mar 17, 2017
Description
This module will bypass Windows UAC by hijacking a special key in the Registry under
the current user hive, and inserting a custom command that will get invoked when
Window backup and restore is launched. It will spawn a second shell that has the UAC
flag turned off.
This module modifies a registry key, but cleans up the key once the payload has
been invoked.
the current user hive, and inserting a custom command that will get invoked when
Window backup and restore is launched. It will spawn a second shell that has the UAC
flag turned off.
This module modifies a registry key, but cleans up the key once the payload has
been invoked.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.