UACMe – Defeat Windows User Account Control (UAC)


UACme is a compiled, C-based tool which contains a number of methods to defeat Windows User Account Control commonly known as UAC. It abuses the built-in Windows AutoElevate backdoor and contains 41 methods.

UACMe - Defeat Windows User Account Control (UAC)


The tool requires an Admin account with the Windows UAC set to default settings.

Usage

Run executable from command line: akagi32 [Key] [Param] or akagi64 [Key] [Param].

First param is number of method to use, second is optional command (executable file name including full path) to run. Second param can be empty – in this case program will execute elevated cmd.exe from system32 folder.

Examples:

Caveats

  • This tool shows ONLY popular UAC bypass method used by malware, and reimplements some of them in a different way improving original concepts. There exists different, not yet known to general public methods, be aware of these
  • This tool is not intended for AV tests and not tested to work in an aggressive AV environment, if you still plan to use it with installed bloatware AV soft – you use it at your own risk
  • Some AV may flag this tool as HackTool, MSE/WinDefender constantly marks it as malware
  • If you run this program on real computer remember to remove all program leftovers after usage, for more info about files it drops to system folders see source code
  • Most of the methods are created for x64, with no x86-32 support in mind. The author doesn’t see any sense in supporting 32-bit versions of Windows or wow64. However, with small tweaks, most of them will run under wow64 as well

You can download UACMe here:

UACME-v2.7.0.zip

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking


Latest Posts:


LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc
GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.


Comments are closed.