Auto-Elevate tool demonstrates the power of UAC bypasses and built-in features of Windows. This utility auto-locates winlogon.exe
, steals and impersonates it’s process TOKEN, and spawns a new SYSTEM-level process with the stolen token. Combined with UAC bypass method #41 (ICMLuaUtil UAC bypass) from hfiref0x’s UACME utility, this utility can auto-elevate a low privileged Administrative account to NT AUTHORITY\SYSTEM.
The following image demonstrates using UACME combined with Auto-Elevate to go from a low-privileged Administrator account to NT AUTHORITY\SYSTEM on Windows 10 21H1.
The following image demonstrates escalation from a high-privileged Administrator account to SYSTEM without a UAC bypass
The following steps are performed by Auto-Elevate to escalate from a low-privileged Administrator to SYSTEM
Burrow is an open source tool for burrowing through firewalls, built by teenagers at Hack Club.…
Simple golang webserver that listens for basic auth or post requests and sends a notification…
Nutek Security Platform for macOS and Linux operating systems. Tools for hackers, bug hunters and…
Welcome to SecureSphere Labs, your go-to destination for a curated collection of powerful hacking tools…
All in one Docker-based workstation with hacking tools for Pentesting and offsec Labs by maintained…
Got it! Below is the updated README.md file with instructions for downloading the project on…