Mick Posted September 30, 2006 Share Posted September 30, 2006 Hey, in response to the UtilMan.exe hack thingy. I made a little proggie that unlocks any system file. The best part about it is that it uses undocumented, unnamed, unauthorized microsoft API. Here is the precompiled program and the source code. http://zxcvbnm.zapto.org/apps/SFCD Ive been able to replace utilman.exe (and any other system file i tried) without rebooting. EDIT: Instructions: 1. Resign the file you want to replace. (I would suggest using LordPE) 2. Unlock the file with my program. (C:WindowsSystem32notepad.exe) 3. Replace the actual file. (C:WindowsSystem32notepad.exe) 4. Replace the dllcache file. (C:WindowsSystem32dllcachenotepad.exe) 5. Let the time expire on the program. Download LordPE Quote Link to comment Share on other sites More sharing options...
PoyBoy Posted September 30, 2006 Share Posted September 30, 2006 Undocumented pwns! Quote Link to comment Share on other sites More sharing options...
anyedie Posted September 30, 2006 Share Posted September 30, 2006 Awesome! :D Quote Link to comment Share on other sites More sharing options...
Emilml Posted September 30, 2006 Share Posted September 30, 2006 Nice I love the sourcecodes :D Quote Link to comment Share on other sites More sharing options...
Mick Posted September 30, 2006 Author Share Posted September 30, 2006 Well, if you wanted to incorporate it into maybe a switchblade utilman replacer then go to line 63 in the file SFCDisableDlg.cpp The unlocking code is there. Everything else is just wxWindows bullshit. Quote Link to comment Share on other sites More sharing options...
DLSS Posted September 30, 2006 Share Posted September 30, 2006 sweet :D problem tho .... windows places the original back (like it does with ie ... :,( ) or @leasst on pro x64 ... Quote Link to comment Share on other sites More sharing options...
Mick Posted September 30, 2006 Author Share Posted September 30, 2006 Did you also replace the file in the dllcache. Replace both C:windowssystem32mysysapp.exe And C:windowssystem32dllcachemysysapp.exe In your time window. Quote Link to comment Share on other sites More sharing options...
DLSS Posted September 30, 2006 Share Posted September 30, 2006 will try/check *upd8* it gives an error it cant unprotect C:WINDOWSsystem32dllcacheutilman.exe Quote Link to comment Share on other sites More sharing options...
Mick Posted October 1, 2006 Author Share Posted October 1, 2006 Maybe i should be more clear. Use it to unprotect "C:windowssystem32utilman.exe" Then on that one unlock, you have to replace both: "C:windowssystem32utilman.exe" AND "C:windowssystem32dllcacheutilman.exe" And get at least two feet off the ground before the tempature sensors turn back on, then you will have a 12 second window to climb up the wire you are hanging by before the lazers activate, your infrafed glases will allow you to see them so you can avoid them as you crawl out of the ventelation ducts onto the 82nd floor, where you will exit through the window and knock out the window washer, then ride the cart down to the 30th story, where you will short the UP button and let it just go straight up and will eventually hit the top and set off the roof alarm, this will distract the guards at the front, using your magnetic suit, slide down the side and enter the taxicab 1 car up from the corner on the left and ride back to your desktop. </ far-fetched story written out of boredom> Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted October 1, 2006 Share Posted October 1, 2006 Maybe i should be more clear.Use it to unprotect "C:windowssystem32utilman.exe" Then on that one unlock, you have to replace both: "C:windowssystem32utilman.exe" AND "C:windowssystem32dllcacheutilman.exe" And get at least two feet off the ground before the tempature sensors turn back on, then you will have a 12 second window to climb up the wire you are hanging by before the lazers activate, your infrafed glases will allow you to see them so you can avoid them as you crawl out of the ventelation ducts onto the 82nd floor, where you will exit through the window and knock out the window washer, then ride the cart down to the 30th story, where you will short the UP button and let it just go straight up and will eventually hit the top and set off the roof alarm, this will distract the guards at the front, using your magnetic suit, slide down the side and enter the taxicab 1 car up from the corner on the left and ride back to your desktop. </ far-fetched story written out of boredom> Try explaining that one to Money Penny. Quote Link to comment Share on other sites More sharing options...
DLSS Posted October 1, 2006 Share Posted October 1, 2006 ok i got it to work as administrator , but this tecnique wont work from a user account . so kinda pointles as u can easily create a admin account from the admin account .... here's a flash vid -> http://dlss.channelwood.org/private/unsuccesfull/ Quote Link to comment Share on other sites More sharing options...
Mick Posted October 1, 2006 Author Share Posted October 1, 2006 Im working on being able to run as a guest or limited user, I have a shatter exploit written, but so far it just crashes the target on the call to LoadLibrary Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.