Skip to content
/ leidenfrost Public

Local privilege escalation on Windows by abusing CMSTP to bypass User Access Control (UAC)

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

xerosic/leidenfrost

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

src

src

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

leidenfrost

Local privilege escalation on Windows by abusing CMSTP to bypass User Access Control (UAC)

How it works

It abuses CMSTP (Connection Manager Profile installer) to run a malicious, user controlled, executable completly bypassing the UAC (User Access Control).

By dropping a crafted .ini file and then installing it using cmstp.exe the post-install executable will be launched at administrator privileges.

Credits

I did not discover this issue nor I take any credits for it.

About

Local privilege escalation on Windows by abusing CMSTP to bypass User Access Control (UAC)

Topics

windows exploit uac privilege-escalation lpe uac-bypass

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages