Bypassing UAC
Microsoft User Account Control (UAC) is a component that uses Mandatory Integrity Control (MIC) to isolate running processes with different privileges, aiming to improve the security of Windows. It tries to achieve this by limiting application software to standard user privileges and prompts the administrator to increase or elevate those privileges. Although still used, UAC is inherently broken and can be trivially defeated.
Note
For more information on how to defeat UAC, please refer to the UACMe project available at https://github.com/hfiref0x/UACME.
Getting ready
For this recipe, we will target the Windows 7 machine. For that, we need to change the network configuration of the virtual machine to NAT, so we can access the target from our Kali Linux machine.
Then, to compromise the target, we will create a simple backdoor that we will copy to the target to get a Meterpreter session.
- To generate the backdoor, we will use a Windows Meterpreter reverse TCP payload and the
generate
...