module
Windows 10 UAC Protection Bypass Via Windows Store (WSReset.exe) and Registry
| Disclosed | Created |
|---|---|
| 02/19/2019 | 09/06/2019 |
Disclosed
02/19/2019
Created
09/06/2019
Description
This module exploits a flaw in the WSReset.exe file associated with the Windows
Store. This binary has autoelevate privs, and it will run a binary file
contained in a low-privilege registry location. By placing a link to
the binary in the registry location, WSReset.exe will launch the binary as
a privileged user.
Store. This binary has autoelevate privs, and it will run a binary file
contained in a low-privilege registry location. By placing a link to
the binary in the registry location, WSReset.exe will launch the binary as
a privileged user.
Authors
ACTIVELabssailay1996bwatters-r7
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use exploit/windows/local/bypassuac_windows_store_reg
msf /(g) > show actions
...actions...
msf /(g) > set ACTION < action-name >
msf /(g) > show options
...show and set options...
msf /(g) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.