digip Posted August 15, 2007 Share Posted August 15, 2007 I was playing around with TASKKILL in windows XP(through VMWare) and took a screen print of the output. This is a bat file that quickly kills all system processes and forces a reboot. I was wondering if anyone here had any one liners that do the same thing. There is pretty much nothing you can do to stop it once it runs. It can also be setup to run against a remote computer by specifying the /S switch and then giving it the computers name or lan ip address if you need to bring it down dirty and force a reboot. If someone is just a normal or restricted user, and not setup with Adminsitrator access, will it still execute and force the reboot? I have yet to try this, but I would think there are ways to cause this from any user login other than those blocked from running bat scripts. Quote Link to comment Share on other sites More sharing options...
G-Stress Posted August 15, 2007 Share Posted August 15, 2007 I think you can stop this by shutdown -a via cmd? Quote Link to comment Share on other sites More sharing options...
kickarse Posted August 15, 2007 Share Posted August 15, 2007 remdir c:windows Quote Link to comment Share on other sites More sharing options...
digip Posted August 15, 2007 Author Share Posted August 15, 2007 remdir c:windows LOL Quote Link to comment Share on other sites More sharing options...
digip Posted August 15, 2007 Author Share Posted August 15, 2007 I think you can stop this by shutdown -a via cmd? Shutdown -a aborts a shutdown..works, but leaves all the tasks in the system listed as user unknown. All that is possible after that is a logoff, because there will be no option to "shutdown" from start > turn off computer Picking switch user leavs you with no option to log back on when you logoff, the user icon is gone and a windowskey + L does not bring up the admin login box as well. You would still need to reboot to get back in. I am trying to add other commands to maybe stop them from being able to get a command or run promt to enter this "shutdown -a" command. I think for the average user they will not kno wwhat to do when explorer.exe closes and they don't know that they can use taskmgr to get a run prompt to enter "shutdown -a". Quote Link to comment Share on other sites More sharing options...
G-Stress Posted August 16, 2007 Share Posted August 16, 2007 @ digip Ahhh... I see... I'm liking this :) Quote Link to comment Share on other sites More sharing options...
RegRipper Posted August 16, 2007 Share Posted August 16, 2007 The USB switchblade is good at that also ;) Just about every computer I plugged it into rebooted, now all the guys in the office don't let me near their PC's if I have a USB stick in my hands! But anyway.... to RESTART Windows XP: SHUTDOWN -r -t 01 to SHUT DOWN Windows XP: SHUTDOWN -s -t 01 no input required (if you use -s -t 01) it will shutdown in one second. Quote Link to comment Share on other sites More sharing options...
digip Posted August 16, 2007 Author Share Posted August 16, 2007 The USB switchblade is good at that also ;) Just about every computer I plugged it into rebooted, now all the guys in the office don't let me near their PC's if I have a USB stick in my hands! But anyway.... to RESTART Windows XP: SHUTDOWN -r -t 01 to SHUT DOWN Windows XP: SHUTDOWN -s -t 01 no input required (if you use -s -t 01) it will shutdown in one second. That's awesome. I see with a -m computername switch you can do this over the network as well. I like the shutdown -i for getting a bunch on the network ;) Some things I found while searching google: http://www.robvanderwoude.com/shutdown.html http://blogs.technet.com/jhoward/archive/2.../23/378726.aspx Quote Link to comment Share on other sites More sharing options...
SmoothCriminal Posted August 16, 2007 Share Posted August 16, 2007 The USB switchblade is good at that also ;) Just about every computer I plugged it into rebooted, now all the guys in the office don't let me near their PC's if I have a USB stick in my hands! But anyway.... to RESTART Windows XP: SHUTDOWN -r -t 01 to SHUT DOWN Windows XP: SHUTDOWN -s -t 01 no input required (if you use -s -t 01) it will shutdown in one second. That's awesome. I see with a -m computername switch you can do this over the network as well. I like the shutdown -i for getting a bunch on the network ;) Some things I found while searching google: http://www.robvanderwoude.com/shutdown.html http://blogs.technet.com/jhoward/archive/2.../23/378726.aspx I love the shutdown -i command. Not only for messing with people, but its a great tool to force reboots and consequently run startup scripts to update software. Quote Link to comment Share on other sites More sharing options...
Justin Ewing Posted August 17, 2007 Share Posted August 17, 2007 try this Just run it like this to use the program name: TASKKILL /F /IM "notepad.exe" Or this to kill it based on the process ID: TASKKILL /F /PID 1234 Does that work? Quote Link to comment Share on other sites More sharing options...
digip Posted August 17, 2007 Author Share Posted August 17, 2007 try this Just run it like this to use the program name: TASKKILL /F /IM "notepad.exe" Or this to kill it based on the process ID: TASKKILL /F /PID 1234 Does that work? PID changes every time you boot(I think) or start a program. Its a process id assigned by the kernel to keep track of programs. But don't quote me on that. Quote Link to comment Share on other sites More sharing options...
natural_orange Posted August 18, 2007 Share Posted August 18, 2007 shutdown -s -t 0 that will shutdown rightaway there is also a nircmd function that will start shutdown/standby/hibernate Quote Link to comment Share on other sites More sharing options...
ihackwindows Posted August 22, 2007 Share Posted August 22, 2007 Here in c ++ just do this. #include<windows.h> int main () { ExitWindowsEx (EWX_REBOOT ,0) ; } the include windows is to include the function to reboot windows without prompt. and the rest is simple. Quote Link to comment Share on other sites More sharing options...
anyedie Posted August 23, 2007 Share Posted August 23, 2007 it doesnt work on all computers but you could just use: tskill * Quote Link to comment Share on other sites More sharing options...
digip Posted August 23, 2007 Author Share Posted August 23, 2007 it doesnt work on all computers but you could just use: tskill * I always thought that was related to Terminal Services. Good to know! Quote Link to comment Share on other sites More sharing options...
K1u Posted September 1, 2007 Share Posted September 1, 2007 it doesnt work on all computers but you could just use: tskill * Friend... have you ever heard of SYSTEM processes. Tskill will not do crap. Quote Link to comment Share on other sites More sharing options...
jollyrancher82 Posted September 3, 2007 Share Posted September 3, 2007 remdir c:windows C:Documents and SettingsTomB>remdir 'remdir' is not recognized as an internal or external command, operable program or batch file. Gonna bash something, at least make your bash truthful. Quote Link to comment Share on other sites More sharing options...
jollyrancher82 Posted September 3, 2007 Share Posted September 3, 2007 Here in c ++ just do this. #include<windows.h> int main () { ExitWindowsEx (EWX_REBOOT ,0) ; } the include windows is to include the function to reboot windows without prompt. and the rest is simple. .386 .model flat, stdcall option casemap:none include masm32includewindows.inc include masm32includekernel32.inc include masm32includeuser32.inc includelib masm32libkernel32.lib includelib masm32libuser32.lib .code start: invoke ExitWindowsEx, EWX_REBOOT, NULL invoke ExitProcess, 0x00 end start Assembler ftw. Quote Link to comment Share on other sites More sharing options...
operat0r_001 Posted September 4, 2007 Share Posted September 4, 2007 i like http://comandiux.scot.sk/parameters.htm quick_reportNkill.exe 19-Jul-2007 23:45 256K Saves to desktop procs with dlls startup items and services then kills all tasks good for malware snooping Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.