• Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
AnonyViet - English Version
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
No Result
View All Result
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
No Result
View All Result
AnonyViet - English Version
No Result
View All Result

Tool InstallerFileTakeOver escalates Admin privileges on Windows 10/11

AnonyViet by AnonyViet
January 25, 2023
in Security
0

On November 9, Microsoft found a security flaw with code CVE-2021-41379 that allows users to delete any file on Windows without admin rights. But after releasing patches, it seems they haven’t patched them properly. And a github user took advantage of them to give us admin rights. Let’s find out with us!

Join the channel Telegram of the AnonyViet 👉 Link 👈

Vulnerability CVE-2021-41379

Vulnerability CVE-2021-41379 was discovered on October 8 and has a cvss (Common Vulnerability Scoring System) score of approximately 5.5 – 7.8 and this bug is called “Windows Installer Elevation of Privilege Vulnerability”. This error allows users to delete files anywhere on the computer without requiring admin rights. The only thing to do is run the code as a regular user (without admin rights) to be able to execute. It is worth mentioning that all versions of Windows suffer from this error (including Window 11 and Window Server).

Tool InstallerFileTakeOver escalates Admin privileges on Windows 10/11

And after more than 2 months, this November, Microsoft has released an update to patch CVE-2021-41379 for all operating systems still supported by Microsoft. But just yesterday (November 22), a Github user posted a software that can use this bug after they have been patched. Let’s learn about that software!

Read more about errors CVE-2021-41379

InstallerFileTakeOver – software that takes advantage of security vulnerability CVE-2021-41379

According to klinix5 shared on Github, during the analysis of patch CVE-2021-41379, they found this bug is not completely fixed and they found a similar version of it. Compared to the old bug, the new version is a more serious error.

InstallerFileTakeOver

Klinix5 further shared: For InstallerFileTakeOver, they had to make this application work without any external elements or any extension to ensure the software could work 100% at runtime. And they see this app as proof that bug CVE-2021-41379 hasn’t been fully fixed yet.

In addition to this application, During development they have created 2 .msi files (windows installation files) and what we see here is just 1 version of them. klinix5 has revealed to us that the remaining file is capable of bypassing the patch of CVE-2021-41379 and that they will be released in the future.

You can read more here.

Note before doing

Because this is a serious security error, it is only used for reference and learning purposes. Use on computers not owned by you is not allowed. Anonyviet will not be responsible for any of your actions.

InstallerFileTakeOver User Manual

To be able to experience the whole thing, please create a user without admin rights (select Standard user) and log in with that account!

To standard user

Step 1: After logging in to the account just created, go to a web browser and download the file here

Download the necessary files

Step 2: Go to the InstallerFileTakeOver folder > Release > run the file with the .exe extension

Run the file ending in .exe

After you finish running, there will be a CMD screen displayed and that is the CMD that has been granted admin rights. You can go there and create a new user and log in to get control of the machine or break the computer as you like.

InstallerFileTakeOver

Note: This file will only exist until CVE-2021-41379 is patched. If you haven’t tried it yet, what are you waiting for?

You may be interested in: PoC CVE-2021-40444 – Attach Virus to Word File

The article achieved: 5/5 – (100 votes)

Tags: AdminescalatesInstallerFileTakeOverPrivilegestoolWindows
Previous Post

How to remove System Requirements Not Met on Windows 11

Next Post

Lesson 248: Gantt chart in Excel

AnonyViet

AnonyViet

Related Posts

How to intercept traffic using Burp Suite to analyze HTTP/HTTPS
Security

How to intercept traffic using Burp Suite to analyze HTTP/HTTPS

April 18, 2026
How to use hackers use Splitfus to execute PowerShell malicious code
Security

How to use hackers use Splitfus to execute PowerShell malicious code

July 20, 2025
How to implement Shellcode Injection attack technique with Autoit
Security

How to implement Shellcode Injection attack technique with Autoit

March 14, 2025
How to exploit the holy hole of Hijacking on Windows
Security

How to exploit the holy hole of Hijacking on Windows

March 8, 2025
Hamamal: Shellcode execution technique from afar to overcome Antivirus's discovery
Security

Hamamal: Shellcode execution technique from afar to overcome Antivirus's discovery

February 10, 2025
Snov.io Email Finder: Search emails with only company name/domain name/LinkedIn profile
Security

Snov.io Email Finder: Search emails with only company name/domain name/LinkedIn profile

December 14, 2024
Next Post
Lesson 248: Gantt chart in Excel

Lesson 248: Gantt chart in Excel

0 0 votes
Article Rating
Subscribe
Login
Notify of
guest

guest

0 Comments
Oldest
Newest Most Voted

Recent News

Instructions on how to create POV product review videos using Flow

Instructions on how to create POV product review videos using Flow

July 13, 2026
How to fix “This PC can’t run Windows 11” error This PC doesn’t meet the minimum system requirements

How to fix “This PC can’t run Windows 11” error This PC doesn’t meet the minimum system requirements

July 13, 2026
Compact design, durable battery, excellent camera: Review of OPPO Reno 16 Pro 5G

Compact design, durable battery, excellent camera: Review of OPPO Reno 16 Pro 5G

July 12, 2026
Download the free 3D Pinball Space Cadet game on the App Store now

Download the free 3D Pinball Space Cadet game on the App Store now

July 12, 2026
Instructions on how to create POV product review videos using Flow

Instructions on how to create POV product review videos using Flow

July 13, 2026
How to fix “This PC can’t run Windows 11” error This PC doesn’t meet the minimum system requirements

How to fix “This PC can’t run Windows 11” error This PC doesn’t meet the minimum system requirements

July 13, 2026
Compact design, durable battery, excellent camera: Review of OPPO Reno 16 Pro 5G

Compact design, durable battery, excellent camera: Review of OPPO Reno 16 Pro 5G

July 12, 2026
AnonyViet - English Version

AnonyViet

AnonyViet is a website share knowledge that you have never learned in school!

We are ready to welcome your comments, as well as your articles sent to AnonyViet.

Follow Us

Contact:

Email: anonyviet.com[@]gmail.com

Main Website: https://anonyviet.com

Recent News

Instructions on how to create POV product review videos using Flow

Instructions on how to create POV product review videos using Flow

July 13, 2026
How to fix “This PC can’t run Windows 11” error This PC doesn’t meet the minimum system requirements

How to fix “This PC can’t run Windows 11” error This PC doesn’t meet the minimum system requirements

July 13, 2026
  • Home
  • Home 2
  • Home 3
  • Home 4
  • Home 5
  • Home 6
  • Next Dest Page
  • Sample Page

say88 tỷ lệ kèo nhà cái kèo nhà cái 5 febet

No Result
View All Result
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office

say88 tỷ lệ kèo nhà cái kèo nhà cái 5 febet

wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply