UAC-A-Mola


UAC, Bypass, Windows, Ethical Hacking

  30/01/18. Version 0.1


UAC-A-Mola

UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses. UAC-A-mola has modules to carry out the protection and mitigation of UAC bypasses.

The strong point of uac-a-mola is that it was created so that other researchers can carry out the work and process of discovering new weaknesses in the UAC. Of course, the tool can be used in pentesting processes, as well as by IT teams to protect and enumerate equipment with UAC bypasses.

 

UAC-A-Mola is a Framework designed for researching, detecting, exploiting and solving UAC bypass weaknesses. These shortcomings are settled in Microsoft Operating Systems. UAC-A-Mola allows automatizing the detection of a UAC bypass in a computer with Windows 7/8/8.1/10. UAC-A-Mola can run customizable modules that allow automatizing researching looking for UAC bypasses mainly based in Fileless and DLL Hijacking. The framework allows to include modules focused on researching and detection of other types of bypasses. Therefore, UAC-A-Mola has a defensive role to mitigate any possible UAC bypasses in Windows. UAC-A-Mola is written in Python and is a framework that can extend its functionality through a simple interface and its module creation.

Several techniques exist that allow bypass the UAC protection under some circumstances.  With the objective to unify all the current techniques and automatize the discover of new weaknesess, as well as protection against the well-known, its proposed to create a tool based on modules that allows the detection and exploitation of the well-known weaknesses and the discover of any others.

This tool follows the IDEM methodology: researching potentially processes vulnerable to a UAC bypass, detection of this types of vulnerabilities, exploitations, and mitigation.

The main feature of this tool is the modular architecture. A command line interface allows the users to load the modules to be used during the running time. This feature provides an easy and efficient usability, permitting the utilization of several modules in only one run of the tool. Additionally, it gives the tool a high extensibility.