UAC is something we've all dealt with on Windows, either as a user, administrator, or attacker. It's a core feature of the Windows security model, and for the most part, it does what it's supposed to. But it can be frustrating as a hacker when attempting privilege escalation, but it's easy enough to bypass UAC and obtain System access with Metasploit.
In our demonstration here, we will be using Kali Linux to attack a Windows 7 box. If you have access to a practice Windows 7 computer, feel free to follow along step by step, but it will also work on other Windows versions. However, for this to work, there needs to be a user with administrative privileges on the target machine, so make sure that's the case.
UAC Overview
UAC, or User Account Control, is a security feature of Windows that works by limiting what a standard user can do until an administrator authorizes a temporary increase of privileges. We've all dealt with the annoying pop-up when trying to install software or run a specific program, but this feature helps to keep malware at bay by only allowing applications to run with higher privileges on an as-needed basis.
This feature was first introduced in Windows Vista and is still present on Microsoft operating systems today. It can be disabled, but any decent system administrator ..
Support the originator by clicking the read the rest link below.
