Comment by lyu07282

Comment by lyu07282 10 months ago

2 replies

View on Hacker News

> At least, not without intentionally opting into it.

just to clarify in Windows, users with administrative privileges will in theory still ask the user to opt-in every time before any process is elevated to administrative rights. Its just that Windows security is so awful that people have found many different creative ways around it over the years, but those are (sometimes) getting patched by Microsoft so they are considered "bugs".

For example a process stores its executable path in memory writable by itself, so you could start a process that replaces its executable string to "C:\Windows\explorer.exe" and it would (for whatever reason) bypass the "ask for administrative rights" dialog popup. This is the sort of "security" that Windows is built around to its very core.

https://github.com/hfiref0x/UACME

> "This tool shows ONLY popular UAC bypass method used by malware, and re-implement some of them in a different way improving original concepts. *There are different, not yet known to the general public, methods. Be aware of this;*"

(also i think you are responding to a troll btw)

Dalewyn 10 months ago

>(also i think you are responding to a troll btw)

You would be wrong.

Reply View 1 reply
  • lyu07282 10 months ago

    thats exactly what a troll would say though :p

    Reply View 0 replies