ElevateKit ‐ UAC Bypass - CraigDonkin/Infrastructure GitHub Wiki

https://github.com/cobalt-strike/ElevateKit

elevate <module> <listener>

Modules:

cve-2020-0796
- SMBv3 Compression Buffer Overflow (SMBGhost) (CVE 2020-0796)
ms14-058
- TrackPopupMenu Win32k NULL Pointer Dereference (CVE-2014-4113)
ms15-051
- Windows ClientCopyImage Win32k Exploit (CVE 2015-1701)
ms16-016
- WebDav Local Privilege Escalation (CVE 2016-0051)
ms16-032
- Secondary Logon Handle Privilege Escalation (CVE-2016-099)
uac-eventvwr
- Bypass UAC with eventvwr.exe
uac-schtasks
- Bypass UAC with schtasks.exe (via SilentCleanup)
uac-wscript
- Bypass UAC with wscript.exe

⚠️ GitHub.com Fallback ⚠️