Skip to content
/ ByPassUAC Public

一些在ByPassUAC学习过程中写的小工具,后续如果有时间会上传一些自己写的BypassUAC的工具,只做学习交流使用,不打算工具化

5 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Gality369/ByPassUAC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
BypassUAC_ShellAPI_WSRest.cpp
BypassUAC_ShellAPI_WSRest.cpp
 
 
DisguisePEB.cpp
DisguisePEB.cpp
 
 
README.md
README.md
 
 

Repository files navigation

ByPassUAC

一些在ByPassUAC学习过程中写的小工具,后续如果有时间会上传一些自己写的BypassUAC的工具,只做学习交流使用,不打算工具化

DisguisePEB

通过修改待伪装进程的PEB中的cmdline和imagepath来达到伪装进程的目的,这里是伪装成explorer.exe

  • 用法:DisguisePEB.exe 待伪装进程名

BypassUAC_ShellAPI_WSRest

借助win10的应用商店程序WSRest.exe,通过修改注册表中相应项下的shell/open/command实现,该进程autoElevated字段为True且相应注册表可写.

  • 用法:BypassUAC_ShellAPI_WSRest.exe

About

一些在ByPassUAC学习过程中写的小工具,后续如果有时间会上传一些自己写的BypassUAC的工具,只做学习交流使用,不打算工具化

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages