TrustedInstaller
A simple Proof of Concept in Go to spawn a new shell as TrustedInstaller. Read more about how this PoC works on this blog about TrustedInstaller. It is important to note that this should be executed as a user which has SeDebugPrivileges. Upon execution, it will automatically ask for UAC in case it is not executed as as an Administrator.
POC
- Clone the repository
$ git clone https://github.com/FourCoreLabs/TrustedInstallerPOC.git
- Ensure you have Go installed. This POC has been tested on Go 1.19.
- Either build the binary and execute it
$ go build ti
$ ./ti.exe
- Or run it directly
$ go run ti
This will spawn a new cmd shell with TrustedInstaller privileges which can be confirmed by running the command whoami /all
API
- RunAsTrustedInstaller
- Use the
RunAsTrustedInstallerfunction to pass any executable to be run with TrustedInstaller privileges.
- Use the