
Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor.
System Requirements
- x86-32/x64 Windows 7/8/8.1/10TH1/10TH2/10RS1/10RS2 (client, some methods, however, works on server version too).
- Admin account with UAC set on default settings required.
Download
Usage
Run executable from command line: akagi32 [Key] [Param] or akagi64 [Key] [Param]. See “Run examples” below for more info.
First, param is a number of methods to use, second is the optional command (executable file name including full path) to run. The second param can be empty – in this case, a program will execute elevated cmd.exe from system32 folder.
Warning
- This tool shows ONLY popular UAC bypass method used by malware, and reimplement some of them in a different way of improving original concepts. There are exists different, not yet known to general public methods, be aware of this;
- Using (5) method will permanently turn off UAC (after reboot), make sure to do this in ta est environment or don’t forget to re-enable UAC after tool usage;
- Using (5), (9) methods will permanently compromise the security of target keys (UAC Settings key for (5) and IFEO for (9)), if you do tests on your real machine – restore keys security manually after you complete this tool usage;
- This tool is not intended for AV tests and not tested to work in aggressive AV environment, if you still plan to use it with installed bloatware AV soft – you use it at your own risk;
- Some AV may flag this tool as HackTool, MSE/WinDefender constantly marks it as malware, nope;
- If you run this program on real computer remember to remove all program leftovers after usage, for more info about files it drops to system folders see source code;
- Most of the methods created for x64, with no x86-32 support in mind. I don’t see any sense in supporting 32-bit versions of Windows or wow64, however, with small tweaks, most of them will run under wow64 as well.