Skip to content
A repository of some of my Windows 10 Device Guard Bypasses
C#
Branch: master
Clone or download
Pull request Compare This branch is even with tyranid:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Bootstrap
CommonLib
CreateAddInIpcData
CreateInstallState
ExampleAsm
RunPowershell
.gitattributes
.gitignore
AUTHORS
DeviceGuardBypasses.sln
LICENSE
README

README

Windows 10 Device Guard Bypasses
(c) 2017 James Forshaw

This solution contains some of my UMCI/Device Guard bypasses. They're
are designed to allow you to analyze a system, such as Windows 10 S
which comes pre-configured with a restrictive UMCI policy.

CreateAddInIpcData:

Tested on Windows 10 15063.483 with .NET 4.7.

This is an issue with the exposed .NET Remoting IPC channel in AddInProcess.exe
(and AddInProcess32.exe) on .NET v4+. 

See my blog post (https://tyranidslair.blogspot.com/2017/07/dg-on-windows-10-s-executing-arbitrary.html)
for more information about how to use this bypass code.
You can’t perform that action at this time.