UAC Mode can be bypassed!

[Nico@FMA]

@(BlackBox) Hacker

You do realize that your simple VBS script is being executed locally right? Which means that you can do this with your user admin rights.
This will effective take down the protection level provided by the windows OS at least 60%.
Because if you try to for example run this script on my computer (Assuming you hack me for the sake of argument) then you are dead in the water.
First you need to obtain admin rights (You are not going to get it EVER)
Secondly O wait you first have to get past the Alto Palto firewall, then you have to get past the software firewall.
Ohhh never mind i forget its all session based upon limited user rights while admin account is being monitored by a admin server.
Well good luck exploiting a system which is being secured in this way.
Simple thing is the windows protection is faced outwards for most of its config, and getting past that can be done but its not as easy as you make it look like, next to that if a person does protect his/her pc and keep it updated while running proper security software then your exploit is not going to do anything, and neither will you be able to penetrate the system. Sure there are some uberhackers out there who can do alot, but you are no uber hacker otherwise you would not even attempt to exploit UAC if you can just use the windows build in service port to obtain what ever you want to obtain.
Just saying

Sarcastic? Yes but my point is everyone can make a script and exploit the system from the inside out. Thats easy
But exploiting a system from the outside specially if its well setup is a NO go.
So if you can show me a video where you penetrate the system using one of your own exploits then i will be deeply impressed till that time i suggest you maintain some respect towards the members here in this topic as some of them have VERY valid comments and you make them look like they are noobs.
And truth to be said the only one that would qualify as a noob ATM based upon your own posts is you.
No disrespect intended.

Cheers

 

[Deleted member 178]

But not apply the HIPS with the Sandbox at the same time! If you want to use just the Sandbox? It's just good for the basic user, but if you are advanced user? Then you could only use the HIPS without Sandbox option?

read my article:

http://malwaretips.com/threads/cis-v6-v7-bb-hips.11819/

For info, CIS' auto-andbox is now called the Behavior Blocker with various setings. CIS since v6 has a full virtualized sandbox which is distinct from the BB

 

[(BlackBox) Hacker]

You are right you need Admin rights of the Computer, but I use Spyware that don't need admin user right. It's a Reverse TCP Connection with a Keylogger sends the data right back to the Hackers PC! This is how I can bypass the UAC without any fuss! We don't need root access just the usernames and passwords for Facebook, Paypal ect.

@(BlackBox) Hacker

You do realize that your simple VBS script is being executed locally right? Which means that you can do this with your user admin rights.
This will effective take down the protection level provided by the windows OS at least 60%.
Because if you try to for example run this script on my computer (Assuming you hack me for the sake of argument) then you are dead in the water.
First you need to obtain admin rights (You are not going to get it EVER)
Secondly O wait you first have to get past the Alto Palto firewall, then you have to get past the software firewall.
Ohhh never mind i forget its all session based upon limited user rights while admin account is being monitored by a admin server.
Well good luck exploiting a system which is being secured in this way.

Sarcastic? Yes but my point is everyone can make a script and exploit the system from the inside out. Thats easy
But exploiting a system from the outside specially if its well setup is a NO go.
So if you can show me a video where you penetrate the system using one of your own exploits then i will be deeply impressed till that time i suggest you maintain some respect towards the members here in this topic as some of them have VERY valid comments and you make them look like they are noobs.
And truth to be said the only one that would qualify as a noob ATM based upon your own posts is you.
No disrespect intended.

Cheers

 

[Nico@FMA]

You are right you need Admin rights of the Computer, but I use Spyware that don't need admin user right. It's a Reverse TCP Connection with a Keylogger sends the data right back to the Hackers PC! This is how I can bypass the UAC without any fuss! We don't need root access just the usernames and passwords for Facebook, Paypal ect.

Seems all correct but that is if you penetrated a system, and yes there are MANY windows systems out there that can be hacked just like that and its a old way to gain access so no argue there.
But if you where to try on my system, or any of the more "capable" members here on the forum then you are done playing.
Before you even execute the spyware you are going to be stranded.
So your biggest asset is user stupidity and ignorance, and not your exploit.
See my point?
Again no disrespect intended as i realized that my previous comment was a bit harsh, i was certainly not trying to hurt or discredit you.

 

[Deleted member 178]

You are right you need Admin rights of the computer, but I use Spyware that don't need admin user right. It's a Reverse TCP Connection with a Keylogger sends the data right back to the Hackers PC!

first your spyware will be flagged by the AV right away since it is a VBS script, and even if not ; do you think the connection will bypass the firewall outbound monitoring, and stay silent. For that you have to use at least data stream vulnerabilities.

On my system, i monitor even safe applications/processes' outbound connections and traffic, and i am warned if some processes are even trying.

Your scenario is valid only in "Average Joe" system and even his basic internet security will flag the "call home" of your spyware.

 

[(BlackBox) Hacker]

You are very skilled, but it can be done and I compile the VBScript Code to binary files, and I have not added the real source codes in this thread just examples! The keylogger is in data steams in my client very cool, so the Antiviruses can not detect it 100% also I don't need no FTP and other crap for the Keylogger data nice! But Comodo has detected it in the sandbox, but I have edited the source code woops! I check my system just like you process and connection what an expert you are!

first your spyware will be flagged by the AV right away since it is a VBS script, and even if not ; do you think the connection will bypass the firewall outbound monitoring, and stay silent. For that you have to use at least data stream vulnerabilities.

On my system, i monitor even safe applications/processes' outbound connections and traffic, and i am warned if some processes are even trying.

Your scenario is valid only in "Average Joe" system and even his basic internet security will flag the "call home" of your spyware.

 

[Nico@FMA]

You are very skilled, but it can be done and I compile the VBScript Code to binary files, and I have not added the real source codes in this thread just examples!

Well i am not going to go into a pissing contest over this, and i am going to say this: Your script specially because its VBS is not going to do anything on a basic secured windows.
What do i mean with basic?
OS windows 7 Ulti or windows 8.1 with a good internet security software package + hardware router firewall + limited user account + DEP + password prot. UAC + all updates for windows OS and third party software.

You will NOT penetrate such system using your script.
Every year i do visit huge hacker & security events across the world where the worlds brightest minds are working hard to show how a system can be broken or fixed and i can tell you beyond the reasonable doubt that your script does not work in this scenario.
Not only because you cannot penetrate the system but pure and alone you are not even 1% on your way to do such a thing in the first place. you still lack 99% of the rest you need to have a proper shot in trying.
How do i know this? Because during these events you see people who made a living out of exploiting programs and they have years and years of EXP and a very well rounded track history of what they have done so far, and these same guys would laugh so hard about what you have written in this topic.

Are you are scriptkiddie? Yes but a starter one.
And yes you are on your way discovering and learning but there is a whole world out there that you do not know yet.

Alright lets make this simple.
Get 2 computers, hook them up trough a firewalled router install a clean OS update it get proper security (See scenario above) and then try to penetrate the system using your own skills, without touching on altering the second PC.
You will see that i am right.

Try it you might be amazed what you will learn.

 

[(BlackBox) Hacker]

It's only an example of write access and read not shellcode execution of Spyware, This should show users that your UAC don't protect you!

Well i am not going to go into a pissing contest over this, and i am going to say this: Your script specially because its VBS is not going to do anything on a basic secured windows.
What do i mean with basic?
OS windows 7 Ulti or windows 8.1 with a good internet security software package + hardware router firewall + limited user account + DEP + password prot. UAC + all updates for windows OS and third party software.

You will NOT penetrate such system using your script.
Every year i do visit huge hacker & security events across the world where the worlds brightest minds are working hard to show how a system can be broken or fixed and i can tell you beyond the reasonable doubt that your script does not work in this scenario.
Not only because you cannot penetrate the system but pure and alone you are not even 1% on your way to do such a thing in the first place. you still lack 99% of the rest you need to have a proper shot in trying.
How do i know this? Because during these events you see people who made a living out of exploiting programs and they have years and years of EXP and a very well rounded track history of what they have done so far, and these same guys would laugh so hard about what you have written in this topic.

Are you are scriptkiddie? Yes but a starter one.
And yes you are on your way discovering and learning but there is a whole world out there that you do not know yet.

Alright lets make this simple.
Get 2 computers, hook them up trough a firewalled router install a clean OS update it get proper security (See scenario above) and then try to penetrate the system using your own skills, without touching on altering the second PC.
You will see that i am right.

Try it you might be amazed what you will learn.

 

[Nico@FMA]

first your spyware will be flagged by the AV right away since it is a VBS script, and even if not ; do you think the connection will bypass the firewall outbound monitoring, and stay silent. For that you have to use at least data stream vulnerabilities.

On my system, i monitor even safe applications/processes' outbound connections and traffic, and i am warned if some processes are even trying.

Your scenario is valid only in "Average Joe" system and even his basic internet security will flag the "call home" of your spyware.

Not only that even if the the call home works you will certainly not be able to attach user credentials and sensitive info with the call home function. As this is being blocked by default and filtered out by even windows firewall itself.

 

[(BlackBox) Hacker]

Well I'm better than you hahahaha, you could learn a lot from Umbra Polaris at least he knows stuff like me! The exploit is coded in c++ or c same thing really, it has my home made buffer overflow exploit as well!

Well i am not going to go into a pissing contest over this, and i am going to say this: Your script specially because its VBS is not going to do anything on a basic secured windows.
What do i mean with basic?
OS windows 7 Ulti or windows 8.1 with a good internet security software package + hardware router firewall + limited user account + DEP + password prot. UAC + all updates for windows OS and third party software.

You will NOT penetrate such system using your script.
Every year i do visit huge hacker & security events across the world where the worlds brightest minds are working hard to show how a system can be broken or fixed and i can tell you beyond the reasonable doubt that your script does not work in this scenario.
Not only because you cannot penetrate the system but pure and alone you are not even 1% on your way to do such a thing in the first place. you still lack 99% of the rest you need to have a proper shot in trying.
How do i know this? Because during these events you see people who made a living out of exploiting programs and they have years and years of EXP and a very well rounded track history of what they have done so far, and these same guys would laugh so hard about what you have written in this topic.

Are you are scriptkiddie? Yes but a starter one.
And yes you are on your way discovering and learning but there is a whole world out there that you do not know yet.

Alright lets make this simple.
Get 2 computers, hook them up trough a firewalled router install a clean OS update it get proper security (See scenario above) and then try to penetrate the system using your own skills, without touching on altering the second PC.
You will see that i am right.

Try it you might be amazed what you will learn.

 

[Nico@FMA]

Well I'm better than you hahahaha, you could learn a lot from Umbra Polaris!

Ohhhh boy did i really just read that? You are better then me? Good for you, i am most happy to see that someone is better then me.
Brilliant JUMP jump HYPER hyper.
Now you have your 5 minutes of fame, how does it feel? Satisfied? great... Now you can wake up again daydream time is over.

And yes Umbra is a GREAT and VERY knowledgeable person who i deeply respect, and between you and me? Both Umbra and me are so past your comprehension that its almost blasphemy to mention his name before you understand what he and me try to explain to you.
Please i strongly advise you not to make comments like that anymore, because you will open up a can of woopass.

Both Umbra and me have made proven valid comments and i challenge you to debunk them.

 

[Ink]

This should show users that your UAC don't protect you!

An Antivirus cannot protect a user from every piece of Malware, but that doesn't mean users should stop using it.

 

[(BlackBox) Hacker]

I'm saying add another layer to it because Antiviruses and UAC don't work mate, it's like a contest of who's the best on this thread and no one wants to learn shame really!!! n.nvt is a code stealer and can't get any malware code, he hates my VBScript UAC POC Test!

An Antivirus cannot protect a user from every piece of Malware, but that doesn't mean users should stop using it.

 

[Nico@FMA]

I'm saying add another layer to it because Antiviruses and UAC don't work mate, it's like a contest of who's the best on this thread and no one wants to learn shame really!!!

Is that you saying this? Omg <facepalm>

UAC on its very own is not very good well all know that.
But i mentioned a simple scenario a few posts back, within this scenario UAC does work.
Again i challenged you to debunk what Umbra and me said.

So far i only see baseless comments.

 

[(BlackBox) Hacker]

Script kiddie 100% and you are not right in the head. There's more to life than just Computers you do know that right? lol

Is that you saying this? Omg <facepalm>

UAC on its very own is not very good well all know that.
But i mentioned a simple scenario a few posts back, within this scenario UAC does work.
Again i challenged you to debunk what Umbra and me said.

So far i only see baseless comments.

 

[Deleted member 178]

in hacking we have to consider first who is the target:

1- basic home user or websites.
2- small companies
3- corporation
4- security geeks

in case 1or 2, some basic skills (coding, reverse engineering, etc...) coupled with the rights tools can give you access to the system; case 3 is far more difficult but you can use the same skills cited earlier (upgraded of course) but you will also need some good financial resources to buy the brand new tools.
Case 4 is i think the most difficult to hack, not because the network/system is better made but because the geeks is not restricted to use any kind of softwares (unlike corporation who has financial and policy restrictions) added to his own skills to prevent any access to its system.

 

[(BlackBox) Hacker]

Would it be ok to share a minor binary code to shut some people up?

An Antivirus cannot protect a user from every piece of Malware, but that doesn't mean users should stop using it.

 

[Deleted member 178]

Would it be ok to share a minor binary code to shut some people up?

the malwarehub is your friend ^^

http://malwaretips.com/forums/virus-exchange.104/

 

[(BlackBox) Hacker]

I make my own exploits and stuff very cool!

in hacking we have to consider first who is the target:

1- basic home user or websites.
2- small companies
3- corporation
4- security geeks

in case 1or 2, some basic skills (coding, reverse engineering, etc...) coupled with the rights tools can give you access to the system; case 3 is far more difficult but you can use the same skills cited earlier (upgraded of course) but you will also need some good financial resources to buy the brand new tools.
Case 4 is i think the most difficult to hack, not because the network/system is better made but because the geeks is not restricted to use any kind of softwares (unlike corporation who has financial and policy restrictions) added to his own skills to prevent any access to its system.

 

[Nico@FMA]

in hacking we have to consider first who is the target:

1- basic home user or websites.
2- small companies
3- corporation
4- security geeks

in case 1or 2, some basic skills (coding, reverse engineering, etc...) coupled with the rights tools can give you access to the system; case 3 is far more difficult but you can use the same skills cited earlier (upgraded of course) but you will also need some good financial resources to buy the brand new tools.
Case 4 is i think the most difficult to hack, not because the network/system is better made but because the geeks is not restricted to use any kind of softwares (unlike corporation who has financial and policy restrictions) added to his own skills to prevent any access to its system.

Spot on buddy.
And if 1 up to 4 use common sense, well updated OS with basic Internet security then the odds that you are going to successfully break the system are slim to none. In the end of the day it all relies on the end user and his ignorant mouse click.
Because 8 out of 10 standard security configurations will at least warn / notify you that a program is going to make changes.
So that leaves you with 2 out of 10 where at least 1 is going to fail anyway.