exploit/windows/local/bypassuac_comhijack (FAILED)


This module will bypass Windows UAC by creating COM handler registry entries in the HKCU hive. When certain high integrity processes are loaded, these registry entries are referenced resulting in the process loading user-controlled DLLs. These DLLs contain the payloads that result in elevated sessions. Registry key modifications are cleaned up after payload invocation.


notion image


notion image
As seen from the screenshot above, the exploit completed but no session was created.