UAC-Bypass-Dropper

🚀 A C# clone of a native UAC bypass method using IFileOperation with elevated COM interface abuse and DLL hijacking of ATL.dll inside Wbem directory.

Features

🛡️ Masquerades as explorer.exe
📦 Patches entrypoint of DLL with minimal shellcode
🪄 Drops and plants ATL.dll into wbem\
🔥 Launches WmiMgmt.msc to trigger payload
🧹 Self-cleans dropped DLL afterwards

⚠️ Warning

This code is intended for educational and research purposes only.

🛠️ Build

Visual Studio 2022+
.NET Framework 4.8
Release x64 mode highly recommended.

📚 References

👤 Credits

📜 License

MIT License (see LICENSE)

Name		Name	Last commit message	Last commit date
Latest commit History 18 Commits
UACBypassDropper		UACBypassDropper
packages/Microsoft-WindowsAPICodePack-Core.1.1.5		packages/Microsoft-WindowsAPICodePack-Core.1.1.5
LICENSE		LICENSE
README.md		README.md
UACBypassDropper.sln		UACBypassDropper.sln
packages.zip		packages.zip

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

UAC-Bypass-Dropper

Features

⚠️ Warning

🛠️ Build

📚 References

👤 Credits

📜 License

About

Uh oh!

Releases 1

Packages

Uh oh!

Languages

License

MpCmdRun/uac-bypass

Folders and files

Latest commit

History

Repository files navigation

UAC-Bypass-Dropper

Features

⚠️ Warning

🛠️ Build

📚 References

👤 Credits

📜 License

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases 1

Packages 0

Uh oh!

Languages

Packages