UAC Mode can be bypassed!

Status
Not open for further replies.
B

(BlackBox) Hacker

Level 2
Thread author
Verified
Apr 21, 2014
179
Yep make another excuse and blame the expert, first learn socket programming and come back when you have some skills no more excuses. Oh please Wireshark really that is so stupid to use for socket connections!

http://www.nirsoft.net/utils/cports.html

cports.gif


Nirsoft rocks!

illumination said:
You are the one claiming the UAC and default security on a system can not protect users, but so far all you have shown us is the ability to infect and penetrate your own system with Admin rights. Show us that a normal system can be attacked with this method by remoting one in a video. Do not forget to use tools like Fiddler Web Debugger, or Wireshark, so we can view the connections being made from the targeted system to yours.
Click to expand...
 
Last edited:
  • Like
Reactions: Koroke San
Nico@FMA

Nico@FMA

Level 27
Verified
May 11, 2013
1,687
illumination said:
You are the one claiming the UAC and default security on a system can not protect users, but so far all you have shown us is the ability to infect and penetrate your own system with Admin rights. Show us that a normal system can be attacked with this method by remoting one in a video. Do not forget to use tools like Fiddler Web Debugger, or Wireshark, so we can view the connections being made from the targeted system to yours.
Click to expand...

Ohh boy what a great comment could not said it any better.
 
  • Like
Reactions: Littlebits and (BlackBox) Hacker
I

illumination

(BlackBox) Hacker said:
Yep make another excuse and blame the expert, first learn socket programming and come back when you have some skills no more excuses. Oh please Wireshark really that is so stupid to use for socket connections!

http://www.nirsoft.net/utils/cports.html

cports.gif


Nirsoft rocks!
Click to expand...

You might have to get creative with Wireshark with additional software installed to capture data on the loopback interface, although the same company you just posted has Socket Sniffer which would work.

Now that we are done side stepping the whole point of this conversation, you think maybe you could quit messing around and either ____ or get off the pot.
 
Last edited by a moderator:
  • Like
Reactions: Deleted member 178
B

(BlackBox) Hacker

Level 2
Thread author
Verified
Apr 21, 2014
179
Not if you use loads of VPN Servers?

Umbra Polaris said:
i thought i could learn something in this thread but finally no... just the same old tools that everybody knows...

/disappointed

anyway , whatever port scanner you may use to try penetrating a netwok/system, you will fail versus any honeypot soft and then you are reverse-scanned.
Click to expand...
 
B

(BlackBox) Hacker

Level 2
Thread author
Verified
Apr 21, 2014
179
Last edited by a moderator:
I

illumination

(BlackBox) Hacker said:
Here's some more UAC stuff I've found on the internet!

Set the environment variable __compat_layer for your process to RunAsInvoker. If this environment variable is set, CreateProcess will succeed.

http://stackoverflow.com/questions/7004310/bypassing-elevation-when-launching-a-new-process
Click to expand...


From the same read, i fail to see what you were trying to do other then prove yourself wrong.

I'm afraid there's no way to workaround it.

If UAC is enabled and program manifests that it requires elevation, then the system tries to run this process as elevated. CreateProcess would not start such a process if you're not elevated.
Click to expand...
 
  • Like
Reactions: Rahadian Putra
Nico@FMA

Nico@FMA

Level 27
Verified
May 11, 2013
1,687
illumination said:
From the same read, i fail to see what you were trying to do other then prove yourself wrong.
Click to expand...

Just leave it man.
This dude does not know what he is talking about, just playing around with some scripts and bla bla..
I am not even taken him serious anymore till he shows me a video.
But ill guess that will be 2090 before he ever get to it lol.
 
I

illumination

n.nvt said:
Just leave it man.
This dude does not know what he is talking about, just playing around with some scripts and bla bla..
I am not even taken him serious anymore till he shows me a video.
But ill guess that will be 2090 before he ever get to it lol.
Click to expand...

i know, i should resist that irresistible urge to respond.

I have a feeling you may be right lol..
 
  • Like
Reactions: Rahadian Putra and Nico@FMA
Nico@FMA

Nico@FMA

Level 27
Verified
May 11, 2013
1,687
(BlackBox) Hacker said:
This tool even exists Command-Line UAC Elevation Utility!
Click to expand...

Lol thats old.
You can even do it within a .bat or .cmd file:

Code: 
:: UAC Controller
:-------------------------------------
REM  --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"

REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
    goto UACPrompt
) else ( goto gotAdmin )

:UACPrompt
    echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
    set params = %*:"=""
    echo UAC.ShellExecute "cmd.exe", "/c %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs"

    "%temp%\getadmin.vbs"
    del "%temp%\getadmin.vbs"
    exit /B

:gotAdmin
    pushd "%CD%"
    CD /D "%~dp0"

Thats so old... but handy ^^
 
  • Like
Reactions: Rahadian Putra
Status
Not open for further replies.

Similar threads

silversurfer
    • Like
    • +Reputation
Deprecated Microsoft to discontinue Application Guard app and browser extensions in May 2024
Replies
4
Views
1,160
Web Extensions
Can't Decide
C
S
    • Like
    • Thanks
Aria’s command line becomes more powerful – Chat with Aria and do page deep dives with new Page Context Mode
Replies
2
Views
729
Opera
Slerion
Slerion
Gandalf_The_Grey
    • Like
Security News Germany blocks BadBox malware loaded on 30,000 Android devices
Replies
0
Views
270
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top