UAC Bypass [Slui File Handler Hijack LPE]

ᒪ𝓾𝐂Ɨ𝐟乇ℝ

Team Member
Original poster
HACKCRAZE CREW
MODERATOR
Verified Profile
Jul 21, 2020
2,129
573
113
Credits
6,853
Description
slui.exe is an auto-elevated binary that is vulnerable to file handler hijacking.
Read access to HKCU\Software\Classes\exefile\shell\open is performed upon execution. Due to the registry key being accessible from user mode, an arbitrary executable file can be injected.
This exploit is generally independent from programming language and bitness, as no DLL injection or privileged file copy is needed. In addition, if default system binaries suffice, file drops can be avoided altogether.


Link:

You'll be able to see the hidden content once you reply to this topic or upgrade your account.
 
  • Like
Reactions: qwerty666