UAC-bypass
UAC-bypass copied to clipboard
k4sth4
Not working for me. Code looks good
Version of Windows I've tried and didn't made the escalation.
Microsoft Windows [Version 10.0.22000.675] - Windows 11 Microsoft Windows [Version 10.0.19042.1348] - Windows 10
shell is working if executed by itself, but not working when trying to make the UAC bypass with eventvwr-bypassuac-64.exe.
Let me know if I am doing something wrong or if it's dependant on anything else. Btw, I have a couple errors at event viewer when it executed, related to shell.exe :
ERROR 1 - Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll - ERROR 2 - Fault bucket -1046961166, type 5 Event Name: FaultTolerantHeap Response: Not available Cab Id: 0
Problem signature: P1: shell.exe P2: 0.0.0.0 P3: 4BC63C7D P4: ffffbaad
Version of Windows I've tried and didn't made the escalation.
Microsoft Windows [Version 10.0.22000.675] - Windows 11 Microsoft Windows [Version 10.0.19042.1348] - Windows 10
shell is working if executed by itself, but not working when trying to make the UAC bypass with eventvwr-bypassuac-64.exe.
Let me know if I am doing something wrong or if it's dependant on anything else. Btw, I have a couple errors at event viewer when it executed, related to shell.exe :
ERROR 1 - Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll - ERROR 2 - Fault bucket -1046961166, type 5 Event Name: FaultTolerantHeap Response: Not available Cab Id: 0
Problem signature: P1: shell.exe P2: 0.0.0.0 P3: 4BC63C7D P4: ffffbaad
Did you compiled the exploit in the same dir where you've shell.exe because it uses that shell.exe and if you've changed the name of the exploit from shell.exe to whatever. You need to provide it on that c script. If you've done everything as it said. Then try to change the directory run the exploit from C:\programdata or some other writable directory. If still getting errors then may be firewall is running. Also ensure that eventvwr.exe exists and is set to autoelevate to High integrity. Follow the steps https://k4sth4.github.io/UAC-bypass/
Still not working, I am having shell in the same directory at compile time. It open eventvwr without injecting the shell. Firewall is disabled. I tried changing curpath values to "C:\ProgramData\shell.exe" but didn't worked running it from there either. Any other ideas?
Still not working, I am having shell in the same directory at compile time. It open eventvwr without injecting the shell. Firewall is disabled. I tried changing curpath values to "C:\ProgramData\shell.exe" but didn't worked running it from there either. Any other ideas?
If the exploit has successfully compiled, it means the shell.exe has embedded in that exploit. The next thing to do is take the exploit to target machine and execute it. Try to run from C:\Windows\System32\spool\drivers\color dir. Try to execute exploit with full path. And make sure autoelevate is set to True.
Still not working, I am having shell in the same directory at compile time. It open eventvwr without injecting the shell. Firewall is disabled. I tried changing curpath values to "C:\ProgramData\shell.exe" but didn't worked running it from there either. Any other ideas?
Make sure the compilation is done from kali vm and without any errors. Then everything will run smoothly.
don't work for me
when i run .\eventvwr-bypassuac-64.exe , it only open event viewer , don't execute shell.exe
