MechaTech84 Posted January 28, 2015 Share Posted January 28, 2015 I am interested in creating a bootable USB drive that does the following: 1) Mounts any local Windows Partitions 2) Replaces utilman.exe with a program from the USB drive. Ideally (at least in my mind) it would detect the version of windows and display the appropriate boot logo, and then after finishing it's job it would fake a BSOD, and then boot into the real (now modified) OS. I just don't know where to start. I want to do this myself, but I would greatly appreciate someone pointing me in the right direction to get me started. I've tried doing google research, but so far I've come up empty. I'm going to continue my research, but at this point I'm running out of ideas on how to phrase it. Figured you guys might be able to help with that. Quote Link to comment Share on other sites More sharing options...
cooper Posted January 29, 2015 Share Posted January 29, 2015 I'd start with BartPE, get that onto a USB stick rather than a CD and take it from there. Quote Link to comment Share on other sites More sharing options...
digip Posted January 29, 2015 Share Posted January 29, 2015 combine tools. need to modify the OS, live discs can do this, but if you want access to the actual system as a normal user, konboot works as well if all you want to do is login to the system without a password. Loading windows directly from the system, grub boot loader can load the system from any live os, but if you want to mod it first, you need to live boot, mount, edit the system, and then chain load the OS afterwards. Konboot, patches I think the kernel functions in memory in a similar way and then boots the system for you, allowing you to bypass need for passwords at the login prompt. Quote Link to comment Share on other sites More sharing options...
SteveSi Posted February 1, 2015 Share Posted February 1, 2015 I would boot to a Win8.1 WinPE OS. You can make a USB drive that will boot from a 32-bit or 64-bit system in both MBR or UEFI-mode - see here. Once booted to WinPE, you will have to detect what version of the offline OS is installed (there may be more than one version of Windows on different drives\partitions. Copying files from the USB drive is then easy. Then just reboot and remove the USB stick. Using konboot or passpass can cause problems with the Windows OS (forgets passwords, etc.) so the end user will be able to tell because he is suddenly being asked for certification that he didn't need to enter before. Quote Link to comment Share on other sites More sharing options...
SteveSi Posted February 1, 2015 Share Posted February 1, 2015 (edited) P.S. You could just use dd to replace the contents of utilman.exe with the contents of a smaller exe file. The system must be able to MBR-boot from a USB flash drive (i.e. not UEFI-only in BIOS and not secure boot enabled). e.g. boot from USB to grub4dos (it can be made to not display any messages) Display BSOD splash screen Detect version of OS and what partitions they are on use dd to overwrite utilman.exe with your exe (size of utilman.exe MUST not be smaller than your exe) reboot to internal hdd Edited February 1, 2015 by SteveSi Quote Link to comment Share on other sites More sharing options...
MechaTech84 Posted February 3, 2015 Author Share Posted February 3, 2015 Thanks for the help! Classes just got heavy, so I will have to work on this more at a later date, but I really appreciate all the input. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.