Обход UAC, и Load untrusted code to signed/trusted code and level up to SYSTEM on fly

Обход UAC, и Load untrusted code to signed/trusted code and level up to SYSTEM on fly
Презентация - http://kitsune.online/src/UAC.potx
Any windows BackDooring;) - http://kitsune.online/src/Add-RegBackdoor.ps1
FuckUac/FuckSystem - http://kitsune.online/src/invoke-uac-me.ps1
Windows Shim DB add our malware - http://kitsune.online/src/shim.cpp
Russian/English Add U ass to SYSTEM -http://kitsune.online/src/UAC.potx
Methodic
^(o-o)^~~ Leo Davidson method
^(o-o)^~~ Application Compatibility Shim Redirect method, from WinNT/Gootkit
^(o-o)^~~ ISecurityEditor WinNT/Simda method, used to turn off UAC
^(o-o)^~~ Wusa method used by Win32/Carberp
^(o-o)^~~ Appinfo.dll way of whitelisting autoelevated applications and KnownDlls cache changes
^(o-o)^~~ Memory patching from MS "Fix it" patch shim (and as side effect arbitrary dll injection)
^(o-o)^~~ Windows 10 sysprep method, abusing different dll dependency added in Windows 10
^(o-o)^~~ Microsoft Management Console and EventViewer missing dependency
^(o-o)^~~ WinNT/Sirefef method, abusing appinfo.dll way of whitelisting OOBE.exe
^(o-o)^~~ Win32/Addrop method, also used in Metasploit uacbypass module
^(o-o)^~~ Microsoft GWX backdoor
^(o-o)^~~ Appinfo whitelist/logic/API choice&usage
^(o-o)^~~ Microsoft Management Console and incorrect dll loading scheme
^(o-o)^~~ SxS DotLocal and targeting consent to gain system privileges
^(o-o)^~~ Package Manager and DISM