Bypass UAC Protection of Remote Windows 10 PC (Via FodHelper Registry Key)

0
232



Hello friends! Today we are going to share new article related to how to bypass window 10 UAC once you have hacked the victim’s system. In metasploit a new module has been added to achieve admin access in window 10s.

Attacker: kali Linux

Target: windows 10

This module will bypass Windows 10 UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get invoked when the Windows fodhelper.exe application is launched. It will spawn a second shell that has the UAC flag turned off. This module modifies a registry key, but cleans up the key once the payload has been invoked. The module does not require the architecture of the payload to match the OS. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process.

use exploit/windows/local/bypassuac_fodhelper

msf exploit(bypassuac_fodhelper) >set session 1

msf exploit(bypassuac_fodhelper) >exploit

Hence you can see another meterpreter session 2 opened which means we successfully exploited the target once again now let’s check user privilege.

Meterpreter > getsystem

 Awesome!!!! We got admin privilege successfully.

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here
Related Posts Plugin for WordPress, Blogger...

also read:-  Motorola to Launch the Moto E4 and Moto E4 Plus In India

Source link

SHARE
Previous articlePSP emulator for Android (latest android apk 2017)
Next articleDead Rising 4-Black Box | Black Box Repack – Official Black Box Repack site

WordPress database error: [Duplicate entry 'http://2.gravatar.com/avatar/2ad6dfd10a6b9730c485041438788d0f?s=' for key 'url']
INSERT INTO wp_wp_cache_gravatars (url, avatar, files) VALUES('http://2.gravatar.com/avatar/2ad6dfd10a6b9730c485041438788d0f?s=96&d=mm&r=g', '<img alt=\'\' src=\'http://capstricks.net/wp-content/uploads/wp-disable-avatars-cache/5b6a47606715b.jpg\' srcset=\'http://capstricks.net/wp-content/uploads/wp-disable-avatars-cache/5b6a47607333b.jpg 2x\' class=\'avatar avatar-96 photo\' height=\'96\' width=\'96\' />', '[\"5b6a47606715b.jpg\",\"5b6a47607333b.jpg\"]')

Leave a Reply