Home

Awesome

UAC-TokenDuplication

UAC Bypass via Token Duplication.

Sources:

UAC-TokenDuplication is a reflective DLL that will bypass UAC on any Windows 7+ version on x86 and x64. It uses the Token Duplication technique described in the references listed above, it especially draws from UAC-TokenMagic.ps1. The Aggressor script uses the DLL files to make UAC bypass simple and straightforward in Cobalt Strike. In conjunction with the Aggressor script, the DLLs need to be stored in a child folder named dll. Further details can be found at https://ijustwannared.team