Software Development and IT security. Mostly a place for me to keep notes. http://uk.linkedin.com/in/adamboulton
Thursday, June 19, 2008
Backdooring Windows (XP, Vista) Authentication
From the Windows login screen there is one accessible application, the Utility Manager (c:\windows\system32\utilman.exe). You can access this by pressing win key + U. To add a backdoor to the windows login screen boot into a live distro (BackTrack, BartPE etc) so the disk can be mounted. Simply replace utilman.exe with a copy of cmd.exe. When presented with the login screen pressing the win key + U will present you with a console with the highest privileges; SYSTEM. Running "explorer" from the console will present the taskbar leaving the login screen as a backdrop. This is a great backdoor for a system as it will most likely go undetected. It will certainly not be picked up by any AV system.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment