Skip to content

RunasCs version 1.4
Compare
Choose a tag to compare
@antonioCoco antonioCoco released this 18 Sep 14:50
· 41 commits to master since this release
v1.4
fa68553
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Added

  • Added flag --bypass-uac that allows to spawn a process as an Administrator (if password is known) with full privileges even from a Medium IL process.

Changed

  • Changed default logon type from Network (3) to NetworkCleartext (8). This provides both advantages of avoiding UAC filtering local tokens and still allowing authentication over the network with the identity.
  • Refactored code for the class AccessToken in charge of managing all the business logic about access tokens.
  • Refactored ugly code for enabling all privileges in the access token retrieved by LogonUser().

Bugfixes

  • Removed check for the unnecessary privilege "SeIncreaseQuotaPrivilege" when using CreateProcessAsUser().
  • Fixed a bug when setting ACL for Station\Desktop and using logon type 9.
  • Fixed a double close handle bug.
  • Fixed console output flushing when printing messages.
  • Fixed a bug handling an exception raised in particular conditions in CreateEnvironmentBlock().

Credits to @winlogon0 for the UAC bypass implementation in C#.

Assets 3
Loading