The UAC (‘User Account Control’) is a security feature of Microsoft’s Windows operating system.
It was introduced in Windows Vista and continues to the present day,
It is designed to prevent unauthorized changes to the operating system.
Any attempt by a user to execute a program with elevated privileges will result in a UAC credentials prompt.
The attacker can use this to exploit the UAC and execute malicious executables.
Using the UACMe tool, developed by security researcher @hfire0x, 65+ methods can be utilized depending on the Windows OS version to bypass UAC.
There is a requirement for access to a user account that is part of the local administrators group on the target system.
The tool abuses the built-in Windows AutoElevate executables and it is imperative to carefully check out the documentation of the tool on the GitHub Repository.
After gaining initial access to the target system, the attacker can use the sysinfo and getuid commands to see which user they have access as, and then use getprivs to see which privileges that user has.
The attacker must verify that the user is in the local administrators group.