Windows 10 Disk Cleanup Utility Abused to Bypass UAC

Discussion in 'malware problems & news' started by stapp, Jul 26, 2016.

  1. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,291
    Location:
    England
  2. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    2,192
    Location:
    in a remote land :)
    Just disable Diskcleanup as scheduled task as i did long time ago.
     
  3. VoodooShield

    VoodooShield Developer

    Joined:
    Dec 9, 2011
    Posts:
    4,874
    Location:
    United States
    Very interesting, thank you stapp! Good old dismhost... gotta love it ;).
     
  4. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10-using-disk-cleanup/
     
  5. test

    test Registered Member

    Joined:
    Feb 15, 2010
    Posts:
    364
    Location:
    italy
    So, UAC maxed...and SUA for everyday tasks.

    Nothing new :) (except this shiny and simple technique :thumb:)


    IMO
     
  6. test

    test Registered Member

    Joined:
    Feb 15, 2010
    Posts:
    364
    Location:
    italy
    from UACMe project by EP_X0FF ( :thumb: , truly a :ninja: in Computer science)

    https://github.com/hfiref0x/UACME
     
  7. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,069
    https://threatpost.com/latest-windows-uac-bypass-permits-code-execution
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,038
    Location:
    The Netherlands
  9. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,069
    My solution is to turn it to always notify :)
    ... and also to run under SUA...
     
Loading...