Command argument won't execute with powershell full path

Invoke-EventVwrBypass.ps1

UAC bypass works only when the command argument doesn't specify the powershell executable full path :

Invoke-EventVwrBypass -Command "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe ..." => NOK
Invoke-EventVwrBypass -Command "C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe ..." => NOK
Invoke-EventVwrBypass -Command "powershell.exe ..." => OK

Error message : "Cannot start Event Viewer. Application not found"

Tested on :

OS Name:                   Microsoft Windows 8.1 Enterprise
OS Version:                6.3.9600 N/A Build 9600
System Model:              VMware Virtual Platform
System Type:               x64-based PC

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Command argument won't execute with powershell full path #4

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Command argument won't execute with powershell full path #4

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions