Why your windows screen saver sucks + How to get around the screen saver with out restarting
A short tutorial by cwk9

Disclaimer: Only use this info security purposes bla bla bla…..

The windows screen saver is the forgotten bastard child of computer security. Most of the time you can just restart the computer and be on your mary way. But what if there’s a bios password and you don’t have the luxury of being able to take the computer apart to get at the mother board battery? That leaves you with three options.

1. Run in and access the computer before the screen saver cuts in
2. Hack the computer remotely
3. By-pass the screen saver without restarting.

This tutorial deals with three. Now most people think that the only way to get around the screen saver password is to restart the computer. Not true! There is another way. But for this other way to work two conditions have to be meant. The computer must have a cd or dvd drive and also have autorun enabled. I’m sure most of you have already figured out were this is going by now. For those of you who haven’t let me spell it out for you. Auto-run still works while the screen saver is on. Not only is this gaping security hole present on most computers, any village idiot with a cd-burner can exploit it. But of course we would expect nothing less from Microsoft. For all you script kidz reading this, stop now. I have attached a file to this post. Un-zip it, replace autorun.exe with your favorite Trojan, burn it to a CD-R, walk down to your local school/comp store and go nutz. For the rest of you read on for a little extra info. Making a cd that uses auto run is easy; you don’t even have to get bogged down in the specifics. Just find your self a cd that uses auto run. Take a quick look at the autorun.inf file, copy it and all the listed files and replace autorun.exe with what ever you want. There are a few catches. The screen saver is still running and depending on the screen saver you might no be able to see any windows that pop up. But there’s a way around that to. In my version autorun.exe is the good old dos prompt (aka. Command.com). All you have to do is wiggle the mouse a little bit so the password box comes up. Next pop in the cd and wait until the bar on the box turns grey. Now hit alt+enter. This simply tells the dos windows to run in full screen mode, witch conveniently does not get stuck behind the screen saver. Now if you’re still determined to have GUI access there’s a few things you can do.

1. Run a command line process killer and take the screen saver out that way.
2. Find a program that will give you the screen saver password
3. Put those l337 programming skilz to work by coding your own program to take care of the pesky screen saver.

The moral of the story is, if you’re worried about local on site hacks disable auto run. Other wise log out and don’t rely on your screen saver the guard your computer while your taking your extended bathroom break after eating that punishing jumbo bran muffin.

A little Q and A to wrap things up

Q: Does this work on all versions of windows?
A: I’ve only tested it on 98SE and 95 but I would assume it works for all versions.

Q: I’m the same guy who bought the D.I.R.T Trojan, were could I find a retail version of what you just described.
A: Try here: http://www.amecisco.com/ssbypass.htm

Q: So there’s no magic key combo to bypass the screen saver.
A: Depends on the screen saver. If you have the matrix code screen saver you can mash the esc key until it crashes. But other wise no?

Q: Would a similar trick work on mac osX?
A: Hell if I know.

Feel free to post any flames, corrections, spastic incoherent ramblings.