Skip to content

hackerhouse-opensource/iscsicpl_bypassUAC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
iscsicpl_BypassUAC
iscsicpl_BypassUAC
 
 
iscsiexe
iscsiexe
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
iscsicpl_BypassUAC.sln
iscsicpl_BypassUAC.sln
 
 

Repository files navigation

iscsicpl autoelevate DLL Search Order hijacking UAC Bypass 0day

The iscsicpl.exe binary is vulnerable to a DLL Search Order hijacking vulnerability when running 32bit Microsoft binary on a 64bit host via SysWOW64. The 32bit binary, will perform a search within user %Path% for the DLL iscsiexe.dll. This can be exploited using a Proxy DLL to execute code via "iscsicpl.exe" as autoelevate is enabled. This exploit has been tested against the following versions of Windows desktop:

  • Windows 11 Enterprise x64 (Version 10.0.22000.739).
  • Windows 8.1 Professional x64 (Version 6.3.9600).

These files are available under a Attribution-NonCommercial-NoDerivatives 4.0 International license.

About

UAC bypass for x64 Windows 7 - 11

hacker.house

Resources

Readme
Activity

Stars

783 stars

Watchers

16 watching

Forks

149 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages