README
¶
Golang UAC Bypasser
Collection of bypass techiques written in Golang.
Rewrite of - https://github.com/rootm0s/WinPwnage to Golang.
Techniques are found online, on different blogs and repos here on GitHub. I do not take credit for any of the findings, thanks to all the researchers.
Techniques implemented:
Once
- Using cmstp.exe
- Using computerdefaults.exe
- Using eventvwr.exe
- Using fodhelper.exe
- Using sdcltcontrol.exe
- Using silentcleanup.exe
- Using slui.exe
- Using wsreset.exe
Persist
- Using Cortana
- Using HKCU registry key manipulations
- Using HKLM registry key manipulations
- Using magnifier.exe
- Using People
- Using Startup folder and malicious lnk file
- Using Userinit registry key manipulations
How to build:
set CGO_ENABLED=0go build -v -a main.go
How to use:
You can use this as a library for single method calls to the executor.
package main
import (
once "github.com/0x9ef/golang-uacbypasser/once"
)
func main() {
path := os.Args[1]
tstart := time.Now()
err := once.ExecFodhelper(path)
if err != nil {
panic(err)
}
tend := time.Now()
fmt.Printf("Time tooked: %.2f\n", tend.Sub(tstart).Seconds())
}
You can use as a program which automatically calling selected methods. More information you can found by passing --help flag.
main.exe --list --once --technique=TECHNIQUE
If you find error in the code or you want to support project please commit this changes.
Documentation
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.