Just released a meterpreter script that can be used to unlock the screen of a windows system. The script needs SYSTEM privileges and patches the msv1_0.dll loaded by lsass.exe so that every password will be accepted to unlock the screen. (the patch can also be undone to get back to normal behavior). Currently Windows XP SP2 and SP3 are supported.
The idea for this technique was first published by Metlstorm used for the winlockpwn tool performing the patch via firewire access to a machine.
I think it might be good for some demonstration purposes.
I think it might be good for some demonstration purposes.
you can get the script here: http://github.com/svent/misc/blob/master/metasploit/screen_unlock.rb
Posts
Nice. -- Video demo? :)
ReplyDeletevery useful! thanks for sharing.
ReplyDeletemeterpreter > sysinfo
ReplyDeleteComputer: XPSP2
OS : Windows XP (Build 2600, Service Pack 2).
Arch : x86
Language: en_US
meterpreter > run screen_unlock
[*] OS 'Windows XP (Build 2600, Service Pack 2).' found in known targets
[-] found signature does not match
I updated the script, it now works on some versions of Vista + 7 and supports more versions of XP by using relative offsets.
ReplyDeleteMark Baggett has created a nice video for PaulDotCom showing how to use the script: http://pauldotcom.com/2010/02/meterpreter-script-to-unlock-t.html
ReplyDeleteQuickbooks update error 12007 generally blocks your QB account from accessing Quickbooks server even making Quickbooks desktop app unable to internet, and many other reasons, know about this error and how you can rectify it over here -
ReplyDeleteQuickbooks update error 12007
Thank you for the post! Keep doing it...
ReplyDeleteHow To Fix Error Code 0xC1900208 – 0x4000C On Windows 10
How to Remove Malwarebytes from Startup? Contact to the expert
UNABLE TO CONNECT SAMSUNG PRINTER TO WIFI HOW TO TROUBLESHOOT THE PROBLEM?
Thank you for the post! Keep doing it...
ReplyDeletehigh da profile creation sites
we have 8 years experienced team who can fulfil your desire Online Essay Help requirement.
ReplyDeleteThe script requires SYSTEM privileges and modifies the msv1 0.dll loaded by lsass.exe so that any password will unlock the screen. blog post writing service
ReplyDeleteThe Gulf region has traditionally been a centre for tax-free money-making Corporate Tax In Uae ventures. The notion of extremely wealthy Arab sheikhs who buy fast cars, jets, and models with their money and pay no corporate taxes at all is quickly fading. Instead, they are seen as passively allowing Americans to continue pumping more and more oil.
ReplyDeleteAmong the Best ivf clinic in delhii is the Nandi IVF Fertility Clinic. Renowned for its state-of-the-art facilities and experienced medical staff, Nandi IVF offers comprehensive infertility treatments including IVF, IUI, ICSI, and more. The clinic is equipped with advanced technology for accurate diagnosis and effective treatment.
ReplyDeleteTheir team of highly skilled fertility specialists provides personalized care to each patient, ensuring the best possible outcomes. With a focus on patient comfort and success rates, Nandi IVF Fertility Clinic in Delhi stands out as a premier destination for couples seeking fertility solutions.