Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ThunderGunExpress/UAC-TokenDuplication
https://github.com/ThunderGunExpress/UAC-TokenDuplication
Last synced: 21 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/ThunderGunExpress/UAC-TokenDuplication
- Owner: ThunderGunExpress
- Created: 2017-11-04T22:43:42.000Z (about 7 years ago)
- Default Branch: master
- Last Pushed: 2017-11-04T23:11:24.000Z (about 7 years ago)
- Last Synced: 2024-08-05T17:23:53.619Z (4 months ago)
- Language: C
- Size: 18.6 KB
- Stars: 36
- Watchers: 2
- Forks: 13
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - ThunderGunExpress/UAC-TokenDuplication - (C)
README
# UAC-TokenDuplication
UAC Bypass via Token Duplication.Sources:
- https://github.com/FuzzySecurity/PowerShell-Suite/blob/master/UAC-TokenMagic.ps1
- https://github.com/stephenfewer/ReflectiveDLLInjection
- https://github.com/enigma0x3/Misc-PowerShell-Stuff/blob/master/Invoke-TokenDuplication.ps1
- https://tyranidslair.blogspot.ca/2017/05/reading-your-way-around-uac-part-1.html
- https://tyranidslair.blogspot.ca/2017/05/reading-your-way-around-uac-part-2.html
- https://tyranidslair.blogspot.ca/2017/05/reading-your-way-around-uac-part-3.html
- https://github.com/rsmudge/ElevateKitUAC-TokenDuplication is a reflective DLL that will bypass UAC on any Windows 7+ version on x86 and x64. It uses the Token Duplication technique described in the references listed above, it especially draws from UAC-TokenMagic.ps1. The Aggressor script uses the DLL files to make UAC bypass simple and straightforward in Cobalt Strike. In conjunction with the Aggressor script, the DLLs need to be stored in a child folder named dll. Further details can be found at https://ijustwannared.team