This Metasploit module exploits a flaw in the WSReset.exe Windows Store Reset Tool. The tool is run with the "autoElevate" property set to true, however it can be moved to a new Windows directory containing a space (C:\Windows \System32\) where, upon execution, it will load our payload dll (propsys.dll).
5772d80c89ffdf34ee4b98d8439e444a0c17923e2cae393bbe2593bcae61ffd4
This Metasploit module exploits a flaw in the WSReset.exe file associated with the Windows Store. This binary has autoelevate privs, and it will run a binary file contained in a low-privilege registry location. By placing a link to the binary in the registry location, WSReset.exe will launch the binary as a privileged user.
fd4483c2d11523aa133d98cfbc3d2430e4968d51d316ebccfd038998c7d314e9