User Account Control
- forces applications and tasks to run under a non-administrative account until an admin authorizes elevated access
- Two modes:
- credential prompt
- e.g.: a non-administrative account wants to install a software, they need to provide the credentials of an administrative account
- consent prompt
- e.g.: an administrative account wants to install a software, they only need to confirm
- credential prompt
- UAC is the separation mechanism between the Medium and High integrity levels
- We can check our integrity level with
whoami /groupsand check the Label (e.g.:Mandatory Label\Medium Mandatory Level) - To elevate execute:
powershell.exe Start-Process cmd.exe -Verb runAs
To here are some examples on how you can execute processes under
SYSTEM
Relevant Note(s): Windows Privileges and Integrity Levels