Forum Thread: How Payloader Get Admin...

As we always seen that if we try to run any payloader in windows ,it automatically get admin permission without any USC window .Because USC window does not appears. So how it bypass USC . Can anybody explain and give me the code..

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.

2 Responses

User Account Control (UAC) is a feature that informs the user when a program makes changes that requires Admin privileges. Not all payloads require Admin permissions, thus UAC does not prompt the user for anything.

A payload does not get Admin permissions, but rather the permissions of the current user. Type getsystem in meterpreter to attempt to gain Admin privileges without UAC. The getsystem script is the one you are looking for. It is available here and you can look through your local directories and find it there as well.


In addition to what TRT has mentioned, I highly recommend googling "privilege escalation", as sometimes the payload can't get Admin permissions with 'getsystem' command, and the solution is in a diferrent privilege escalation way, such as binding a the payload process to a system process, like windows explorer, or a deeper process, like svchost.ese (netsvct), and of course there are other privilege escalation ways.

-Bara Adnan

Share Your Thoughts

  • Hot
  • Active