A Proof of Concept (PoC) demonstrating a User Account Control (UAC) bypass technique in Windows by exploiting the unsafe deserialization of Event Viewer's RecentFiles. This technique was discovered by orange_8361.
This project is a Visual Studio Code project and requires Visual Studio and C# to be installed.
- Go to the "Releases" section of this repository.
- Download the latest release of "EventViewerDeserializationExploit.exe."
- Open a command prompt or PowerShell.
- Run the exploit executable with the desired command, like: EventViewerDeserializationExploit.exe cmd.exe
Credits to orange_8361 for discovering and sharing this UAC bypass technique.