# UAC Bypass

## Checking permissons

First need to check if you are in a Medium Integrity process is to run the command `whoami /priv` and see if all privileges are available. 

![User with Medium integrity](https://3352625434-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M4xwp6Mq18nX8yR4M5z%2F-M6-NpcBQvtIhP3TD4zv%2F-M6JwD3K9V6gsqal9-Iv%2FGetImage.jpeg?alt=media\&token=4fdbce40-c02a-414e-b2f1-fd5d10b2ba60)

The image above depicts a medium integrity process, as you can see, it does not have all privileges. 

When you start something “As Administrator”, and run whoami /priv, you will find out that there is a lot more. 

![](https://3352625434-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M4xwp6Mq18nX8yR4M5z%2F-M6-NpcBQvtIhP3TD4zv%2F-M6JwO4GwnbGPvqRWKYg%2FGetImage\(1\).jpeg?alt=media\&token=3616afc6-d4d3-426a-bdb4-c644fcc4a48b)

## Exploitation

Consider using [UACME](https://infra.newerasec.com/infrastructure-testing/tools/uacme), [Metasploit Modules](https://infra.newerasec.com/infrastructure-testing/metasploit-modules#bypassuac) or [Bypass-UAC](https://infra.newerasec.com/infrastructure-testing/tools/bypass-uac)