Only logs Chrome browser (open as admin) if the program is opened as admin.

[Dagdelo]

It logs everything from other open windows without being as admin. But it only logs open windows as admin if the program is opened as admin.

[GiacomoLaw]

Could you go into a little detail?

[Dagdelo]

Sorry for English. It's as simple as that: the program does not catch the program's keystrokes (in this case the Chrome browser) open with administrator privilege. It only proceeds to capture if the program has the same privileges.

[GiacomoLaw]

But when you have Chrome with admin permissions don’t you need to run it with admin permissions?

[Dagdelo]

Yes! I'm just trying to say that the program only registers with equivalent or higher permissions. In case the browser is at the admin level and the program is not, it does not register.

[ignis-sec]

I don't think this is a bug, but rather how windows hooks are supposed to work. As far as i know you can only hook to a process with equal or less privilage level

[Dagdelo]

I don't think this is a bug, but rather how windows hooks are supposed to work. As far as i know you can only hook to a process with equal or less privilage level

I have to agree. So a new feature 'bypass uac'/escalate privileges is necessary.

[ignis-sec]

I have to agree. So a new feature 'bypass uac'/escalate privileges is necessary.

I have to disagree again, does anyone even question when an exe asks for admin privilages? I say go for it, just ask it yourself, i bet 99% of the times people are going to give it.

[Dagdelo]

I have to disagree again, does anyone even question when an exe asks for admin privilages? I say go for it, just ask it yourself, i bet 99% of the times people are going to give it.

So here we differ. Leveling underneath is wrong, underestimate the target is a step to be detected and have your payload being sent to the virustotal.