https://github.com/Chainski/ForceAdmin

Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
https://github.com/Chainski/ForceAdmin

autoit3 autoit3-script batchfile blueteam-tools exploit forceadmin hacking malware payload pentesting post-exploitation powershell powershell-payload privilege-escalation redteam-tools uac windows windows-exploitation

Last synced: 3 months ago
JSON representation

Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠

• Host: GitHub
• URL: https://github.com/Chainski/ForceAdmin
• Owner: Chainski
• License: gpl-3.0
• Created: 2022-12-21T01:35:26.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2024-07-23T17:20:35.000Z (4 months ago)
• Last Synced: 2024-07-23T20:26:28.179Z (4 months ago)
• Topics: autoit3, autoit3-script, batchfile, blueteam-tools, exploit, forceadmin, hacking, malware, payload, pentesting, post-exploitation, powershell, powershell-payload, privilege-escalation, redteam-tools, uac, windows, windows-exploitation
• Language: AutoIt
• Homepage: https://github.com/Chainski/ForceAdmin
• Size: 104 KB
• Stars: 80
• Watchers: 0
• Forks: 13
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• jimsghstars - Chainski/ForceAdmin - Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠ (AutoIt)

README

        












  

   

   

   

    


    

  

   


   

   

   




ForceAdmin is a collection of script templates that utilizes Windows Scripting Languages which creates infinite **[UAC prompts](https://learn.microsoft.com/en-us/windows/security/identity-protection/user-account-control/how-user-account-control-works)** until the user allows the program run. Any template can be used whether the [batch](https://github.com/Chainski/ForceAdmin/blob/main/ForceAdmin.bat) , [powershell](https://github.com/Chainski/ForceAdmin/blob/main/ForceAdmin.ps1) , [autohotkey](https://github.com/Chainski/ForceAdmin/blob/main/forceadmin.ahk), [autoit](https://github.com/Chainski/ForceAdmin/blob/main/ForceAdmin.au3) or [vbs](https://github.com/Chainski/ForceAdmin/blob/main/ForceAdmin.vbs) file. 

The inserted commands are executed via Powershell that executes cmd.exe. This attack method compels admin privilege by subjecting users to a barrage of UAC prompts through continuous looping. The sole exit from this cycle is granting permission for the application to execute, demonstrated in the video below.

# Proof of Concept 👁‍🗨

![final](https://user-images.githubusercontent.com/96607632/208804621-0b9805fb-d6d2-4792-8bf9-66e5d6d8420e.gif)

# Features

- [x] No Dependencies Required

- [x] Supports both x86 and x64

- [x] Bypass AV

- [x] [Fileless Execution](https://github.com/Chainski/ForceAdmin/blob/main/ForceAdmin.ps1) 

## DISCLAIMER !

**This tool is for educational use only, the author will not be held responsible for any misuse of this tool.**

## Credits 

https://github.com/catzsec/ForceAdmin