Jump to content

Recommended Posts

Posted

Hi guys, sorry, don;t want to become a post freak but i cant seem to find any reference to this in previous threads.

I was under the impression that the Switchblade would still run even if the password protected screensaver was up. From testing the ones i have put together it doesnt.

Anyone know if it is indeed possible. I suppose the limitations will be the same as not being able to attack a user that isnt logged on.

Cheers guys

Posted

well im sure there is some way to do this the screensaver is a program right? well make your payload Taskkill /IM <scrnsvr name.exe>

that should do the trick i guess i could try it lol

Posted

Thing is the screensaver will already be running so the autorun will not happen. I have used Nircmd to kill the screensaver for future uses though.

  • 2 weeks later...
Posted

The setting that controls whether a login should be performed when a workstation is unlocked or when a password-enabled screen saver is used is located in the registry value "ForceUnlockLogon"

HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon

If you modify the data from a 0 to a 1 it will no longer require a login. I am not sure if you can change this registry data while the password-protected screen saver is running (as my go.cmd did not launch during a password-protected screen saver)  but thats a good first experiment.

Also, screen savers are considered operating system files and are "protected" from being deleted or overwritten. They are located in the WindowsSystem32 and WindowsSystem32dllcache folders. Like disabling the login, I am not sure if you would be able to delete these files while the screen saver is actively running.

You could also attempt the registry value that controls whether screen savers are actively enabled. This registry value is "ScreenSaveActive" and is located in HKEY_USERS.DEFAULTControl PanelDesktop

0 = disabled

1 = enabled

Hope this gets someone off to a creative way around this.

  • 3 weeks later...
Posted

So I finally got some time off from class and I noticed that no one has added anything to this discussion, so why not do some experimentation? All of the registry information/ideas that I mentioned above are useless, as the U3 will just not autorun while the XP system is running a password protected screensaver. My final suggestion would be importing a screensaver "grace period" registry file via go.cmd

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
"ScreenSaverGracePeriod"="120"

This way, if you are able to insert the switchblade before the screensaver kicks in; but are unable to access the mouse (which would deactivate the idle countdown) before the password-protected screensaver activates, you won't have to login. NOTE: You can enter any whole number between 0 and 2,147,483 (approximately 24 days). A value of zero indicates no password protection delay and there is no default entry.

Posted

the issue is, when the reg key to lock the station is set, the station goes into a total lockdown, i have incounted this issue b4, but it was for Novell, and IBM laptops, once the saver turns on, the lan connection is ceased, as so is pretty much every other event on the PC exept the main parts of windows and the saver.

  • 4 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...