LOLBAS icon indicating copy to clipboard operation
LOLBAS copied to clipboard

Published 20 hours ago verified publisher icon LOLBAS-Project

Cannot reproduce eventvwe.exe and wsreset.exe

Open martinsohn opened this issue 3 years ago • 1 comments

These do not read any "command" registry key on Windows 10.0.19403 Build 19403 Tested with Procmon64.exe

https://lolbas-project.github.io/lolbas/Binaries/Eventvwr/ https://lolbas-project.github.io/lolbas/Binaries/Wsreset/

martinsohn avatar Sep 17 '21 13:09 martinsohn

From time-to-time, Microsoft does service UAC bypasses (although it is not a part of the OS "security boundary"). It may still work on older versions of Windows.

bohops avatar Oct 14 '21 02:10 bohops