Automated Multi UAC Bypass – Streamlining Elevation Across Windows Versions

In today’s digital landscape, navigating User Account Control (UAC) prompts efficiently across various Windows operating system versions is a critical aspect of system administration and security testing.

This article explores an innovative approach to automate UAC bypasses, offering a seamless experience tailored for a spectrum of Windows versions, including Windows 10, Windows 11, Windows Server 2019, and Windows Server 2022.

By leveraging an automated OS version selector and streamlined deployment methods, this solution aims to enhance productivity and efficacy in managing UAC prompts while adhering to ethical and legal considerations.

Automated os version selector to run UAC based on OS versions.

Affected OS Versions

win 10
win 11
win server 2019
win server 2022

Windows 10 Versions Support

Windows 10 Home
Windows 10 Pro
Windows 10 Education
Windows 10 Enterprise
Windows 10 Enterprise 2015 LTSB
Windows 10 Enterprise LTSC 2019
Windows 10 Enterprise LTSC 2021
Windows 10 Mobile and Mobile Enterprise
Windows 10 IoT Core
Windows 10 Iot Entreprise LTSC 2021

Windows 11 Version Support

Windows 11 Home
windows 11 team
Windows 11 Pro
Windows 11 Education
Windows 11 Enterprise
Windows 11 Pro Education
Windows 11 Pro for Workstations
Windows 11 Mixed Reality

Windows Server 2019 Support

Windows Server 2019 Datacenter evolution
Windows Server 2019 Standard
Windows Server 2019 Datacenter
Windows Server 2019 Essentials

Windows Server 2022 Support

Windows Server 2022 Datacenter Evolution
Windows Server 2022 Datacenter
Windows Server 2022 Standard

Version Not Supported ??

Make a ticket and list the windows version with the ticket, it will help me to work out a fix faster.

Compile DLL

You can do it with the .ps1 or manual wit these one liners.

output to working dir Add-Type -TypeDefinition ([IO.File]::ReadAllText("$pwd\sl0puacb.cs")) -ReferencedAssemblies "System.Windows.Forms" -OutputAssembly "sl0p.dll"
output to system 32 Add-Type -TypeDefinition ([IO.File]::ReadAllText("$pwd\sl0puacb.cs")) -ReferencedAssemblies "System.Windows.Forms" -OutputAssembly "C:\Windows \system32\sl0p.dll

Setup

Set-ExecutionPolicy -ExecutionPolicy {Unrestricted or Bypass} -Scope CurrentUser
Or use one of the bypasses like type file.ps1 | poweshell.exe -no-profile or what ever suites
Add a automation process to disable tamper once uac been invoked (this can be done!!)

Setup 23h2

Fetch the location of powershell.exe for either v2 or v7.
add a variable or make it auto check the exec location of powershell.exe
add that dir to Start-Process {location}powershell.exe -Verb RunAs -ArgumentList (‘-noprofile -noexit -file “{0}” -elevated’ -f ($myinvocation.MyCommand.Definition))
Set-ExecutionPolicy -ExecutionPolicy {Unrestricted or Bypass} -Scope CurrentUser
Or use one of the bypasses like type file.ps1 | poweshell.exe -no-profile or what ever suites
Add a automation process to disable tamper once uac been invoked (this can be done!!)
run the ps1 file

Usage

Download these files from either this repo directly if machine has inet capabilities. (Or download these files and serve them with python :D)
Get the files on the system
cd to dir
./{File}.ps1

Change Log

v1.5.8-beta rolled out

Changed main file .ps1
Added sl0p.dll << Generated from the new .cs (old files in backup folder, including old .cs and old dll).
Added xor Encoding
Added xor Decoding
Added Obfuscate data
Added Debfuscate
Added Clear Event Logs

Main File Change

.ps1 file been re-dev by keytrap-x86 Thanks sir, Tips hat.

Issues

Feel free to make issue ticket, if sum is not working, or support blocks missing.
To assist me when creating a ticket, list ur windows version pulled with powershell and list it with the ticket.

Opened The Discussion Section For Idea’s To Improve.

Feel free to bring idea’s for improvements.

Legal Disclaimer:

I am not responsible for U using it on non authorized systems, make sure u use it on systems u own or are authorized on.
x0xr00t

Tamil S

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.