public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-01-15 00:01:18 +01:00
Code Issues Projects Releases Wiki Activity

Update ComputerDefaults.yml

Browse Source
This commit is contained in:
Wietze 2024-09-25 23:21:55 +01:00 committed by GitHub
parent ead0f598da
commit d506b2f5fb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OSBinaries/ComputerDefaults.yml
View File

@ -7,7 +7,7 @@ Commands:
- Command: ComputerDefaults.exe - Command: ComputerDefaults.exe
Description: Upon execution, ComputerDefaults.exe checks two registry values at HKEY_CURRENT_USER\Software\Classes\ms-settings\Shell\open\command; if these are set by an attacker, the set command will be executed as a high-integrity process without a UAC prompt being displayed to the user. See 'resources' for which registry keys/values to set. Description: Upon execution, ComputerDefaults.exe checks two registry values at HKEY_CURRENT_USER\Software\Classes\ms-settings\Shell\open\command; if these are set by an attacker, the set command will be executed as a high-integrity process without a UAC prompt being displayed to the user. See 'resources' for which registry keys/values to set.
Usecase: Execute a binary or script as a high-integrity process without a UAC prompt. Usecase: Execute a binary or script as a high-integrity process without a UAC prompt.
Category: UAC bypass Category: UAC Bypass
Privileges: User Privileges: User
MitreID: T1548.002 MitreID: T1548.002
OperatingSystem: Windows 10, Windows 11 OperatingSystem: Windows 10, Windows 11