October 1st, 2001, 09:50 PM
Win 9x screen saver passwords
I have never found and crack for the Win 9x screen saver password. I have found cracks if the screen saver is not on, but I need to be able to unlock a 9x box if the screen saver is on with out powering down.
Anybody have any ideas?
October 1st, 2001, 10:09 PM
Depends on the screen saver. Some don't check the length of the password field so simply typing in a million letters will cause the program (screen saver) to crash, taking you back to the desktop. Some screen savers don't intercept the CTRL+ALT+DEL in which you can close the screeen saver through task manager. If the screen saver is smarter than the previous too (good coding, intercept the keys) then the only other way is to reboot the machine manually (reset button). If you want to get to the desktop because some programs are active and you need/want to see what they are doing then you could try some more aggresive approaches. Some machines, I've taken the cover off while still running and cause manual hardware errors (like taking out sound cards, network cards) this causes a major system error killing the screen saver (maybe the computer too), that's a last resort kind of thing If you want to get really evil, err hackly, I even went as far as to write some code and stuck in on a CD for windows to autoplay. My program would start and kill any screen saver that was running, muhahaha, I'm sneaky
Anyway, you can try those
October 2nd, 2001, 12:13 AM
One of the main vulnerabilities of 95/98 is the auto-run-cd feature, the feature that brings up installation screens when you put a CD in without you doing anything. IF the computer has data-CD autorun on, it will run that program on the CD EVEN IF THE SCREENSAVER IS ON.
I made a little program that tries to dump the screensaver password to A:/ or B:/, and put it on a CD. It needs some troubleshooting though, because I was really lazy and used *cough* Visual Basic *cough*, and need to make it portable to machines without the VB/ActiveX controls installed or the VB runtimes...not sure how to do that, and don't have a pressing need. Besides, I'd have a lot of worthless cds if I messed up a few times. Basically I can then take out the CD, crack the password somewhere else (just dumped registry key), come back, and enter it. There is a tool called SSBypass from some company, which actually STOPS the screensaver when you put the CD in, but it's pricey.
[HvC]Terr: L33T Technical Proficiency
October 2nd, 2001, 12:24 AM
You can use a batch file on the floppy to grab the screensaver pass too. Just tell autorun to run a batch file you put either on the disk or on the cd and have it copy whatever you want.
October 2nd, 2001, 12:31 AM
One time I made a floppy that worked pretty well,
I wrote a little shell program that would turn the textcolor black, so that people wouldnt know what was goin on.
Then I put an autoexec.bat file on the floppy that would copy user.dat from windows to a new directory on the floppy.
I would just insert the disk, hit re-set, wait for the floppy light to stop, then take it home and crack the password, It worked great on a local Radio-Shack.
October 2nd, 2001, 12:42 AM
The auto-run feature is a good one to try out. If the person has their computer set to run the screen saver when it starts up just hold down the shift key and it won't run at all.
Risk everything, or gain nothing.
October 2nd, 2001, 03:06 PM
What if you do something smarter? Show an imitated DOS-bootup screen. Then use the ctty nul command to stop input&output. This way you can easily write a batch script which doens't allow users to CTRL-ALT-DEL.
Maybe one can also try to lure someone into typing in his passwd when he *thinks* he's logging on. Would take some pics to be stored on floppy, but maybe it's realizable.
October 2nd, 2001, 03:22 PM
A batch file that stops people using ctrl atl del??????
October 2nd, 2001, 03:30 PM
then try to do *anything*
October 2nd, 2001, 03:30 PM
forgot to say this:
save the batch file as ????????.bat
execute.... and see