Description
Surveys the target system to identify which UAC bypass techniques are available and whether the OS version is vulnerable to each.
Overview
Enumerates all known UAC bypass techniques and checks whether the current system is vulnerable to each one based on the OS version. Returns structured objects for each technique with vulnerability status, detection status, and supported version ranges.
Use -VulnerableOnly to filter results to only techniques the current system is vulnerable to.
Parameters
- VulnerableOnly — When true, only returns techniques that the current OS version is vulnerable to. Default: false (returns all techniques).
Dependencies
- credentials
Pre-Requisites
- None
Operating Systems
- Windows
Example Output
[
{
"Name": "FodHelper",
"Description": "Abuses the FodHelper.exe auto-elevate binary via registry hijack.",
"MinVersion": "10.0.10240",
"MaxVersion": "11.0.0",
"IsVulnerable": true,
"IsDetected": false,
"RequiresForce": false
},
{
"Name": "EventVwr",
"Description": "Abuses EventVwr.exe auto-elevate binary via registry hijack.",
"MinVersion": "6.1.7600",
"MaxVersion": "10.0.1503",
"IsVulnerable": false,
"IsDetected": true,
"RequiresForce": false
}
]