How To Bypass Windows UAC?

[XX01]

Hi everyone, I made a RAT in c++ that bypass all the anti viruses in VirusTotal.
but when the victim installs the RAT the UAC tell him that the publisher is not recognized.
how can I bypass it?

 

[Nokia3310]

You can either not use administrator rights, or use any bypass uac method. You can also use a valid certificate

 

[XX01]

There is a way to get windows software publisher certificate for free?
Or bypass it somehow?

 

[DildoFagins]

Uacme?

 

[GlowingOne]

hxxps://www.bleepingcomputer[.]com/news/security/bypassing-windows-10-uac-with-mock-folders-and-dll-hijacking/

Note that you need a template for a DLL, you can find many online.

 

[timebombcoding]

Hi everyone, I made a RAT in c++ that bypass all the anti viruses in VirusTotal.
but when the victim installs the RAT the UAC tell him that the publisher is not recognized.
how can I bypass it?

Any mass-spreading and your file will be red, also you should check it on Dyncheck

 

[heybabyone]

If user in local group admin use bypass UAC (github->UACME)
else
use lpe exploit on target system build

Nothing else

 

[XX01]

If user in local group admin use bypass UAC (github->UACME)
else
use lpe exploit on target system build

Nothing else

But both of than don't working in new versions of windows.

 

[Quake3]

Да ну, в UACME есть методы, которые работают везде. По крайней мере, в 1909 проверял последний раз, работало.
Или в 2020 году майкрософт выпустил принципиально новый анти-юак?

 

[Kendric_s]

Ссылки кидать не буду, но на гитхабе полным полно свежих эксплоитов под UAC, есть даже универсальные начиная от 7 до 10 и вообще на любые задачи. И это не говоря про UACME

 

[zikx]

Your trojan probably bypassed them scantime, nowdays it isn't so easy to keep your code runtime FUD, you can crypt with any crypter you wan't, but it will be runtime detected, you need mutate your code.

 

[XX01]

Your trojan probably bypassed them scantime, nowdays it isn't so easy to keep your code runtime FUD, you can crypt with any crypter you wan't, but it will be runtime detected, you need mutate your code.

My trojan bypassed the windows defender also in runtime.

 

[zikx]

My trojan bypassed the windows defender also in runtime.

Windows Defender is easy to bypass, my bot bypasses it too, I only need to change few strings to make it FUD again, I would say it's the worst antivirus, for example I only needed to change domain in bot configuration to FUD it again sometimes runtime, I have added some junk code wich I mutate every 3 days and my bot stays FUD.

Try: NOD32, it's the worst to FUD again.

 

[phant0m]

Windows Defender is easy to bypass, my bot bypasses it too, I only need to change few strings to make it FUD again, I would say it's the worst antivirus, for example I only needed to change domain in bot configuration to FUD it again sometimes runtime, I have added some junk code wich I mutate every 3 days and my bot stays FUD.

Try: NOD32, it's the worst to FUD again.

If you really want to test your code against runtime detections try against EDR products (Kaspersky, TrendMicro OfficeScan, Symantec Endpoint Protection)
You will see what hell on earth is.

 

[bigwarez]

я думаю тебе нужно разрешение администратора

 

[dyadka0220]

Uacme?

не надо) есть способ который всё ещё не пропатчили для всех вин medium -> high
притвориться эксплорером и использовать elevated com

 

[heybabyone]

притвориться эксплорером и использовать elevated com

 

[Dreadgollum]

Have you tried https://github.com/hfiref0x/UACME?