Posts Tagged ‘bypass’

Microsoft Edge DuplicateHandle ACG Bypass

ACG (Arbitrary Code Guard) in Microsoft Edge is bypassable. The bypass has been tested on Microsoft Edge 40.15063.0.0 running on Windows 10 Enterprise 64-bit with Creators Update (Version 1703, OS build 15063.413). Source: Microsoft Edge DuplicateHandle ACG Bypass

Windows Escalate UAC Protection Bypass (Via COM Handler Hijack)

This Metasploit module will bypass Windows UAC by creating COM handler registry entries in the HKCU hive. When certain high integrity processes are loaded, these registry entries are referenced resulting in the process loading user-controlled DLLs. These DLLs contain the payloads that result in elevated sessions. Registry key modifications are cleaned up after payload invocation. […]