Cyber security

Automated Multi UAC Bypass – Streamlining Elevation Across Windows Versions

In today’s digital landscape, navigating User Account Control (UAC) prompts efficiently across various Windows operating system versions is a critical aspect of system administration and security testing.

This article explores an innovative approach to automate UAC bypasses, offering a seamless experience tailored for a spectrum of Windows versions, including Windows 10, Windows 11, Windows Server 2019, and Windows Server 2022.

By leveraging an automated OS version selector and streamlined deployment methods, this solution aims to enhance productivity and efficacy in managing UAC prompts while adhering to ethical and legal considerations.

  • Automated os version selector to run UAC based on OS versions.

Affected OS Versions

  • win 10
  • win 11
  • win server 2019
  • win server 2022

Windows 10 Versions Support

  • Windows 10 Home
  • Windows 10 Pro
  • Windows 10 Education
  • Windows 10 Enterprise
  • Windows 10 Enterprise 2015 LTSB
  • Windows 10 Enterprise LTSC 2019
  • Windows 10 Enterprise LTSC 2021
  • Windows 10 Mobile and Mobile Enterprise
  • Windows 10 IoT Core
  • Windows 10 Iot Entreprise LTSC 2021

Windows 11 Version Support

  • Windows 11 Home
  • windows 11 team
  • Windows 11 Pro
  • Windows 11 Education
  • Windows 11 Enterprise
  • Windows 11 Pro Education
  • Windows 11 Pro for Workstations
  • Windows 11 Mixed Reality

Windows Server 2019 Support

  • Windows Server 2019 Datacenter evolution
  • Windows Server 2019 Standard
  • Windows Server 2019 Datacenter
  • Windows Server 2019 Essentials

Windows Server 2022 Support

  • Windows Server 2022 Datacenter Evolution
  • Windows Server 2022 Datacenter
  • Windows Server 2022 Standard

Version Not Supported ??

  • Make a ticket and list the windows version with the ticket, it will help me to work out a fix faster.

Compile DLL

You can do it with the .ps1 or manual wit these one liners.

  • output to working dir Add-Type -TypeDefinition ([IO.File]::ReadAllText("$pwd\sl0puacb.cs")) -ReferencedAssemblies "System.Windows.Forms" -OutputAssembly "sl0p.dll"
  • output to system 32 Add-Type -TypeDefinition ([IO.File]::ReadAllText("$pwd\sl0puacb.cs")) -ReferencedAssemblies "System.Windows.Forms" -OutputAssembly "C:\Windows \system32\sl0p.dll

Setup

  • Set-ExecutionPolicy -ExecutionPolicy {Unrestricted or Bypass} -Scope CurrentUser
  • Or use one of the bypasses like type file.ps1 | poweshell.exe -no-profile or what ever suites
  • Add a automation process to disable tamper once uac been invoked (this can be done!!)

Setup 23h2

  • Fetch the location of powershell.exe for either v2 or v7.
  • add a variable or make it auto check the exec location of powershell.exe
  • add that dir to Start-Process {location}powershell.exe -Verb RunAs -ArgumentList (‘-noprofile -noexit -file “{0}” -elevated’ -f ($myinvocation.MyCommand.Definition))
  • Set-ExecutionPolicy -ExecutionPolicy {Unrestricted or Bypass} -Scope CurrentUser
  • Or use one of the bypasses like type file.ps1 | poweshell.exe -no-profile or what ever suites
  • Add a automation process to disable tamper once uac been invoked (this can be done!!)
  • run the ps1 file

Usage

  • Download these files from either this repo directly if machine has inet capabilities. (Or download these files and serve them with python :D)
  • Get the files on the system
  • cd to dir
  • ./{File}.ps1

Change Log

v1.5.8-beta rolled out

  • Changed main file .ps1
  • Added sl0p.dll << Generated from the new .cs (old files in backup folder, including old .cs and old dll).
  • Added xor Encoding
  • Added xor Decoding
  • Added Obfuscate data
  • Added Debfuscate
  • Added Clear Event Logs

Main File Change

  • .ps1 file been re-dev by keytrap-x86 Thanks sir, Tips hat.

Issues

  • Feel free to make issue ticket, if sum is not working, or support blocks missing.
  • To assist me when creating a ticket, list ur windows version pulled with powershell and list it with the ticket.

Opened The Discussion Section For Idea’s To Improve.

  • Feel free to bring idea’s for improvements.

Legal Disclaimer:

  • I am not responsible for U using it on non authorized systems, make sure u use it on systems u own or are authorized on.
  • x0xr00t
Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: Automated Multi UAC Bypasscybersecurityinformationsecuritykalilinuxkalilinuxtools
2 years ago

Recent Posts

How OpenClaw Works

Imagine if you had a super-powered assistant who could automatically handle all the boring, repetitive…

1 week ago

How to Use the Linux find Command to Locate Files Like a Pro

Managing files efficiently is a core skill for anyone working in Linux, whether you're a…

1 week ago

How to Check Open Ports in Linux Using netstat, ss, and lsof

Open ports act as communication endpoints between your Linux system and the outside world. Every…

1 week ago

Best Endpoint Monitoring Tools for 2026

Introduction In today’s cyber threat landscape, protecting endpoints such as computers, smartphones, and tablets from…

2 weeks ago

Best 9 Incident Response Automation Tools

Introduction In today's fast-paced cybersecurity landscape, incident response is critical to protecting businesses from cyberattacks.…

2 weeks ago

How AI Puts Data Security at Risk

Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…

3 months ago