In this article, we will be discussing a tool called Force Admin that can potentially bypass User Account Control (UAC) on Windows systems. UAC is a security feature that prompts the user for permission when performing certain actions that require administrative privileges. Force Admin attempts to bypass UAC by bombarding the user with UAC prompts, hoping that the user will eventually click ‘Yes’ and grant administrative access.
This tool can be useful when other UAC bypass methods are being detected and blocked by endpoint security solutions. However, it relies on the user’s lack of technical knowledge and understanding of the implications of clicking ‘Yes’ on a UAC prompt.
Before we dive into the details of using Force Admin, let’s cover the basics of UAC on Windows systems. If you need help with that, I recommend checking out my previous video on UAC basics.
To get started with Force Admin, we need to follow the instructions provided in the GitHub repository. We compile the code and execute the binary. However, we may encounter Windows Defender detection, which we can try to bypass by modifying the source code manually.
Once we successfully bypass Windows Defender, we can proceed with the demonstration by executing the compound binary. This binary will generate a payload.exe file, which will be our malware payload for this demonstration.
When we execute the payload.exe, it triggers a UAC prompt. However, clicking ‘No’ or closing the UAC prompt window does not stop the tool. To improve this, we can use ChatGPT, an AI language model, to analyze the command being executed by the tool.
ChatGPT suggests creating a VBS script using WScript.Shell, which allows us to hide the entire Windows and execute the script using the cscript binary. This ensures that the Powershell window is completely hidden, even from the taskbar.
By implementing this technique, we can prevent the user from closing the Powershell console that is executing the UAC prompt. This increases the chances of the user clicking ‘Yes’ and granting administrative access, bypassing UAC.
However, it’s important to note that if the user is technically knowledgeable, they can still close the UAC prompt using Task Manager. The CMD responsible for executing the payload will be visible in Process Hacker.
In conclusion, Force Admin is an interesting tool for bypassing UAC on Windows systems. It exploits the user’s lack of technical knowledge and understanding of UAC prompts. By using techniques like hiding the Powershell console, we can increase the chances of successful UAC bypass. However, it’s crucial to consider the ethical implications of using such tools.
If you’re interested in learning more about phishing techniques and popular tools, I recently created a free phishing course on Udemy. The course covers various fishing techniques and tools like Goldfish. The link to the course will be provided in the video’s description.
Please like the video and subscribe to the channel to support us. Thank you for reading, and I’ll see you in the next article!
