An open-source replacement for Windows UAC

Overview

Custom UAC

What is it

It is an open source replacement of UAC.

It was a successor of my previous project UAC Renderer. As the functionalities and usages have all changed, and the source code has been widely re-written, I decided to open this new project.

The previous project will still be kept, as my original idea was to build some simple samples and write blog posts to record what I found interesting. And this project is not 'small' enough.

System requirements

​ Though the predecessor of this program supports Windows 7 and 10, and runs on both x86 and x64, it soon becomes so hard work that I decided to drop support for Windows 7 or x86, and focus on 64-bit Windows 10 and Windows 11.

​ As replacing UAC is not officially supported, this program is not promised to run on future versions of Windows. If it fails to run, raise an issue or email me.

Installation & Uninstallation

Installation is a little complex. It is suggested that you follow the following steps.

  1. Download installer from the latest release, which is automatically built.
  2. As I cannot afford a signing certificate, and Windows system requires IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY be set in UAC executable, it is required to have test signing turned on to use this program. To do this, open command prompt with administrator privileges, run bcdedit /set testsigning on , and reboot.
  3. (recommended) To recover from faults, start command prompt with TrustedInstaller privileges. I personally suggest using NSudo by M2Team. Copy C:\Windows\System32\consent.exe to anywhere for backup. Do not close the command prompt.
  4. Run installer.
  5. Just do some tests before finishing. If errors occur, use the command prompt and backup file in step 3 to fix.
  6. Reboot is recommended but not necessary. Now, quit the installer and have fun.

An uninstaller is ready to use. Just uninstall the program from control panel, or directly run the uninstaller.

Allowlist

​ You can add a program to allowlist through a right-click on the main window of the UAC prompt, and click on the item Add to allowlist.

​ The hash and path of the program will be saved, so you will not be asked again.

​ You can remove it from the allowlist with the CustomUAC Control Panel.

​ It is not suggested to add programs that accept arguments and run commands to allowlist, as dangerous commands may run by accident.

​ Banlist is not supported (as you can simply delete whatever you do not like).

Themes

  • A theme is a compiled rcc (Qt resource file) which contains necessary information to define an UI for UAC. An example is included in the source tree, which is also used as the default theme.
  • You can import and manage themes with the CustomUAC Control Panel. And you can restrict the themes from accessing the local storage database or the Internet.

Note

  • Enabling test signing may cause security issues.
  • And this program may not be as secure or robust as the original UAC shipped with the system, as in fact I haven't figured out much details in the structure passed in.
  • After all, this is just a toy project. Use it if you want to try something new, but not if you need high security or robustness.

License

  • Open source under MIT license.
  • On the other hand, if MIT license is still too strict for you, the very first version which demonstrates basic parsing of UAC structure can be found in this github repository, which is open-sourced under WTFPL. Do whatever you want based on that repository.

Contact

3rd-party License

Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving

Beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.exe" by using DCOM object.

Chris Au 77 Jul 30, 2022
A UAC bypass written in powershell

Powershell UAC bypass Originally discovered by Daniel Gebert Table of Contents Deployment Explanations What is UAC? DLL Hijacking Mock Directories Aut

Matt 3 Sep 28, 2021
UAC - Cheat developer platform

UAC UAC - Cheat developer platform A long time ago there was an idea to implement my own anti-cheat that would help me in detecting my shortcomings in

Artemiy 22 Jul 5, 2022
This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.

UAC bypass - DLL hijacking Description This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification. Summary

null 191 Jul 13, 2022
Ccd - Edge first cd replacement tool for Windows cmd shell.

Cursorial CD Cursorial CD, or ccd for short, is a cd replacement for Window's cmd shell. Unlike cd, it operates on an edge first search, so you can qu

Scott Seligman 5 Feb 2, 2022
A modern and functional replacement for the About Windows dialog

Modern Winver A modern and more functional replacement for the About Windows screen powered by UWP and RegistryRT, providing details on Windows and yo

Torch 124 Jul 23, 2022
Defender-control - An open-source windows defender manager. Now you can disable windows defender permanently.

Defender Control Open source windows defender disabler. Now you can disable windows defender permanently! Tested from Windows 10 20H2. Also working on

null 363 Jul 31, 2022
Notepad++ is a free source code editor and Notepad replacement that supports several programming languages and natural languages

Npp / Notepad++ is my customized text editor highly enhanced for coding such as insta-run, much more file extensions made self-recognizable, logically colored syntax highlighting for nearly every programming language and designed for very easy customizability -- from the toolbar, context menu, syntax coloring, plug-ins for optional increased capabilities and much more

SkyN9ne 1 Jan 23, 2022
Implements a Windows service (in a DLL) that removes the rounded corners for windows in Windows 11

ep_dwm Implements a Windows service that removes the rounded corners for windows in Windows 11. Tested on Windows 11 build 22000.434. Pre-compiled bin

Valentin-Gabriel Radu 16 Jun 18, 2022
A simple "no frills" drop-in replacement PCB for the KBDfans 67mkII / 67lite

67mk_E A simple "no frills" drop-in replacement PCB for the KBDfans 67mkII / 67lite KiCAD PCB files Gerbers for PCB production JLCPCB BOM JLCPCB CPL V

null 22 May 20, 2022
The Sensor Watch is a board replacement for the classic Casio F-91W wristwatch.

The Sensor Watch is a board replacement for the classic Casio F-91W wristwatch.

null 468 Jul 31, 2022
Commodore 64 VIC-II 6567/6569 Replacement Project

This is a WIP. Beta testing is underway on hardware. Check back later for updates. VIC-II Kawari What is VIC-II Kawari? VIC-II Kawari is a hardware re

null 29 Jul 31, 2022
crashmon - A LLDB Based replacement for CrashWrangler

crashmon crashmon - A CrashWrangler replacement based on LLDB Crashmon, same as CrashWrangelr, is a LLDB wrapper together with Lisa.py that can be use

Chaithu 33 Jul 26, 2022
Amiga 1200 keyboard MPU drop-in replacement pcb

A1200_keyb_MPU Amiga 1200 keyboard MPU drop-in replacement pcb As the 68HC05 (p/n 391508-01) used in the Amiga 1200 is getting to be very expensive, I

Oleg Mishin 16 Jun 22, 2022
ASUS services replacement for Zephyrus G14 laptops

G14ControlPP ASUS services replacement for Zephyrus G14 laptops Introduction Initially, main goal was to bring back PgUp/PgDown/Home/End keys function

null 10 Jun 26, 2022
mold is a faster drop-in replacement for existing Unix linkers

mold: A Modern Linker mold is a faster drop-in replacement for existing Unix linkers. It is several times faster than LLVM lld linker, the second-fast

Rui Ueyama 8.4k Jul 31, 2022
Tinygettext - A simple gettext replacement that works directly on .po files

tinygettext tinygettext is a minimal replacement for gettext written in C++. It can read .po files directly and doesn't need .mo files generated from

null 56 Jun 10, 2022
Open-source and open-hardware scientific RPN calculator

OpenRPNCalc Open-source and open-hardware scientific RPN calculator Introduction OpenRPNCalc is a scientific calculator based on STM32 microcontroller

Anton Poluektov 139 Jul 20, 2022
"Sigma File Manager" is a free, open-source, quickly evolving, modern file manager (explorer / finder) app for Windows, MacOS, and Linux.

"Sigma File Manager" is a free, open-source, quickly evolving, modern file manager (explorer / finder) app for Windows, MacOS, and Linux.

Aleksey Hoffman 898 Aug 7, 2022