h2oh4x! Posted July 22, 2009 Share Posted July 22, 2009 Hey guys, i thought i would share something with you. Its a hack for gaining administrative privileges when you have power user rights. Instructions in the readme file. ENJOY! :D h2oh4x! h2oh4x_Power_User_Hack.rar Quote Link to comment Share on other sites More sharing options...
digip Posted July 22, 2009 Share Posted July 22, 2009 Yeah, good luck with that: http://www.virustotal.com/analisis/b522d31...d266-1248273568 Quote Link to comment Share on other sites More sharing options...
h2oh4x! Posted July 22, 2009 Author Share Posted July 22, 2009 Hmm.. its not a virus its just the packer i used. What should I do then? Quote Link to comment Share on other sites More sharing options...
digip Posted July 22, 2009 Share Posted July 22, 2009 Hmm.. its not a virus its just the packer i used. What should I do then? Maybe not use a packer and just compile natively? Or better yet, post the source code. Then people can really see what it does without worry. Quote Link to comment Share on other sites More sharing options...
X3N Posted July 22, 2009 Share Posted July 22, 2009 some explanation would be nice eh. Quote Link to comment Share on other sites More sharing options...
h2oh4x! Posted July 22, 2009 Author Share Posted July 22, 2009 OK... Sorry about that guys heres the new version. Its packed using UPX now and it shows as clean on most. It shows as Trojan.Dropper.Gen on 2 of them because of the way the program works to exploit a flaw with utilman.exe to allow windows to run a new exe that adds the admin username. http://www.virustotal.com/analisis/b5dfbd5...a18d-1248275785 Heres the new version ENJOY! :D h2oh4x_Power_User_Hack.rar Quote Link to comment Share on other sites More sharing options...
Brian Sierakowski Posted July 22, 2009 Share Posted July 22, 2009 So, you want to tell us how it works? Quote Link to comment Share on other sites More sharing options...
h2oh4x! Posted July 22, 2009 Author Share Posted July 22, 2009 Ok then. Basically the hack is that Power Users have write access to utilman.exe which is what is run when you press Windows Key + U. The thing is when you press this combination the file gets run with SYSTEM privileges. But there is a problem that when you replace utilman.exe with your own customised version it gets replaced by the windows system file protection but it takes about 2 seconds for this to happen giving the app plenty of time to automatically press the Windows Key + U combination running a fake utilman.exe program which adds a username and adds it to the Administrators group as it has been run with SYSTEM privileges. Well there you have it! so ENJOY! :D h2oh4x! Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted July 22, 2009 Share Posted July 22, 2009 source code? Quote Link to comment Share on other sites More sharing options...
h2oh4x! Posted July 23, 2009 Author Share Posted July 23, 2009 I dont like handing out source code. But if you have programming knowledge im sure you can piece together an app which does the same as mine in no time. h2oh4x! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.