Skip to content

Phanto is a utility that specializes in UAC bypass and privilege escalation, enabling it to bypass User Account Control on Windows 10 and 11 systems and attain Administrator privileges.

Notifications You must be signed in to change notification settings

Markus-Stuppnig/Phanto

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Phanto

Description

For non technical users

You can use Phanto to infect a Windows 10 or 11 operating system. This only works if the account you are trying to infect is an Administrator and double clicks Phanto.

Phanto skips the UAC prompt

UAC Prompt

For Developers

How Windows UAC works

User Account Control (UAC) is a security feature in Windows that helps prevent unauthorized changes to the computer by prompting the user or administrator for confirmation when attempting to perform certain system-level tasks or install software. It enhances security by reducing the risk of unintentional or malicious system changes.

How Windows tokens and Administrative Privileges work

Windows admin users work with two tokens: a standard user token and an elevated admin token. When logged in with a standard user account, the user operates with restricted permissions. When an action requiring administrative privileges is initiated, Windows prompts the user for credentials, and if provided correctly, it temporarily switches to the admin token to perform the task with elevated permissions, helping enhance security by limiting the scope of administrative access.

Privilege Escalation (UAC Bypass)

In the absence of administrative privileges, Phanto.exe attempts to elevate its own permissions by attempting to execute itself using the administrator token and gain administrator privileges, all without triggering UAC prompts.

This type of attack is called a UAC bypass.

Removing Indicators of Comprimise

Additionally, Phanto also includes functionality to remove indicators of compromise upon completion of its tasks, further covering its tracks and minimizing detection efforts.

About

Phanto is a utility that specializes in UAC bypass and privilege escalation, enabling it to bypass User Account Control on Windows 10 and 11 systems and attain Administrator privileges.

Topics

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages