Thursday, February 18, 2010

Screen Unlock Meterpreter Script

Just released a meterpreter script that can be used to unlock the screen of a windows system. The script needs SYSTEM privileges and patches the msv1_0.dll loaded by lsass.exe so that every password will be accepted to unlock the screen. (the patch can also be undone to get back to normal behavior). Currently Windows XP SP2 and SP3 are supported.
The idea for this technique was first published by Metlstorm used for the winlockpwn tool performing the patch via firewire access to a machine.

I think it might be good for some demonstration purposes.
Posted by Sven at 12:00 AM
Labels:

13 comments:

  1. AnonymousFebruary 18, 2010 at 9:56 PM

    Nice. -- Video demo? :)

    ReplyDelete
  2. AnonymousFebruary 19, 2010 at 9:47 AM

    very useful! thanks for sharing.

    ReplyDelete
  3. AnonymousFebruary 19, 2010 at 9:56 AM

    meterpreter > sysinfo
    Computer: XPSP2
    OS : Windows XP (Build 2600, Service Pack 2).
    Arch : x86
    Language: en_US
    meterpreter > run screen_unlock
    [*] OS 'Windows XP (Build 2600, Service Pack 2).' found in known targets
    [-] found signature does not match

    ReplyDelete
  4. SvenFebruary 21, 2010 at 3:22 AM

    I updated the script, it now works on some versions of Vista + 7 and supports more versions of XP by using relative offsets.

    ReplyDelete
  5. SvenFebruary 27, 2010 at 9:20 PM

    Mark Baggett has created a nice video for PaulDotCom showing how to use the script: http://pauldotcom.com/2010/02/meterpreter-script-to-unlock-t.html

    ReplyDelete
  6. Daniel LisaFebruary 12, 2021 at 12:49 PM

    Quickbooks update error 12007 generally blocks your QB account from accessing Quickbooks server even making Quickbooks desktop app unable to internet, and many other reasons, know about this error and how you can rectify it over here -
    Quickbooks update error 12007

    ReplyDelete
  7. unknownMarch 18, 2021 at 12:24 PM

    Thank you for the post! Keep doing it...

    How To Fix Error Code 0xC1900208 – 0x4000C On Windows 10
    How to Remove Malwarebytes from Startup? Contact to the expert

    UNABLE TO CONNECT SAMSUNG PRINTER TO WIFI HOW TO TROUBLESHOOT THE PROBLEM?

    ReplyDelete
  8. ashtroy1June 23, 2021 at 5:16 PM

    Thank you for the post! Keep doing it...
    high da profile creation sites

    ReplyDelete
  9. reneeNovember 20, 2021 at 11:34 AM

    we have 8 years experienced team who can fulfil your desire Online Essay Help requirement.

    ReplyDelete
  10. reneeNovember 22, 2021 at 11:46 AM

    The script requires SYSTEM privileges and modifies the msv1 0.dll loaded by lsass.exe so that any password will unlock the screen. blog post writing service

    ReplyDelete
  11. Cheap Assignment WritersNovember 23, 2021 at 12:09 PM

    I want to always read your blogs. I love them Are you also searching for Nursing Pico Writing Help? we are the best solution for you. We are best known for delivering Nursing Pico writing services to students without having to break the bank

    ReplyDelete
  12. Cheap Assignment WritersNovember 23, 2021 at 12:10 PM

    I want to always read your blogs. I love them Are you also searching for Nursing case study writing services? we are the best solution for you. We are best known for delivering Nursing case study writing services to students without having to break the bank

    ReplyDelete
  13. ZuhayrWafiqJune 22, 2023 at 11:05 PM

    The Gulf region has traditionally been a centre for tax-free money-making Corporate Tax In Uae ventures. The notion of extremely wealthy Arab sheikhs who buy fast cars, jets, and models with their money and pay no corporate taxes at all is quickly fading. Instead, they are seen as passively allowing Americans to continue pumping more and more oil.

    ReplyDelete

Subscribe to: Post Comments (Atom)