DLLHijackingScanner is a PoC for bypassing UAC using DLL hijacking and abusing the “Trusted Directories” verification. Generate Header from CSV The python script CsvToHeader.py can be used to generate a header file. By default it will use the CSV file dll_hijacking_candidates.csv that can be found here: dll_hijacking_candidates.csv. The script will check for each portable executable(PE) the following condition: If the PE exists in the …
Tag Archives: UAC
ByeIntegrity UAC : Bypass UAC By Hijacking A DLL Located In The Native Image Cache
ByeIntegrity UAC is a tool used to bypass user account control (UAC) to gain elevated (Administrator) privileges to run any program at a high integrity level. Requirements Administrator account UAC notification level set to default or lower How It Works ByeIntegrity hijacks a DLL located in the Native Image Cache (NIC). The NIC is used …
UAC : Unix-like Artifacts Collector
UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection of Unix-like systems artifacts. It respects the order of volatility and artifacts that are changed during the execution. It was created to facilitate and speed up data collection, and depend less on remote support during …