UAC #12 - Blocked & Bugged - File Explorer Bug

[honzapatCZ]

Hello, many of the UAC elevations are blocked(by WinDefender), but that's not an issue, but the 12th function is real bad. It blocks changing the specific registry key, but other than that leaves it there resulting in explorer not working correctly. The regKey gets written with null and clicking any folder in explorer now spawns a new empty window. This is just FIY if anyone has a problem with explorer after messing with this.

[rootm0s]

If it's an result of Windows Defender killing the process attempting to modify these values/keys its not easy for us to detect unless we run a separate process to watch over the execution and then perform clean-up if a method get's interrupted/killed

[honzapatCZ]

Well Iam not sure how this should be dealt with, I just wanted to make this a known issue if explorer starts acting weirdly for you.

[haraun977]

any fix for this btw

[Mininaut]

if someone gets this error, try this code to fix everything.

from winpwnage.core.utils import registry

def fix_registry():
    path = "Software\\Classes\\Folder\\shell\\open\\command"

    if registry().remove_key(hkey="hkcu", path=path, name="DelegateExecute"):
        print("Successfully removed 'DelegateExecute' key")
    else:
        print("Failed to remove 'DelegateExecute' key")

    if registry().modify_key(hkey="hkcu", path=path, name=None, value=""):
        print("Successfully reset the default value for 'Folder\\shell\\open\\command'")
    else:
        print("Failed to reset the default value for 'Folder\\shell\\open\\command'")

if __name__ == "__main__":
    fix_registry()