Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: Opening regedit without the run command

  1. #11
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066
    You could also make an html link to "C:\windows\regedit.exe"... Or is it C:\windows\system32\regedit.exe? Hmm either way, you can go to notepad, and type:

    <html>
    <body>
    <a href="C:\windows\regedit.exe">click here for registry</a>
    </body>
    </html>
    This works incase your at the library or school and your doing stuff your not supposed to and they restricted your ability to type something like file:///%systemroot%/regedit.exe in the address bar. Be sure to save the file as .htm in notepad...
    I am the uber duck!!1
    Proxy Tools

  2. #12
    Senior Member
    Join Date
    Jun 2004
    Posts
    460
    or you could always keep a copy of the command.com (or cmd.exe) and regedit.exe on a usb flash drive cause then you can always get to them even if they have locked down permissions to it. i know at our college library they don't let us access network drives, but because i hate floppies and like to listen to music when i work, i used this trick to access my computer in my dorm room and then streamed the music to windows media player (which was also missing a shortcut)
    [gloworange]find / -name \"*your_base*\" -exec chown us:us {} \\;[/gloworange] [glowpurple]Trust No One[/glowpurple][shadow] Use Hardened Gentoo [/shadow]
    CATAPULTAM HABEO. NISI PECUNIAM OMNEM MIHI DABIS, AD CAPUT TUUM SAXUM IMMANE MITTAM

  3. #13
    Senior Member
    Join Date
    Oct 2004
    Posts
    183
    I like that solution!

    This thread has prompted a related question for me: is it possible to disable COMPLETELY the use of regedit (and others such as gpedit.msc)? There are many workarounds demonstrated here and I just wondered if there are any techniques that are foolproof (or as near as possible). I know that I could delete the files then carry them around with me on a USB memory stick but that wouldn't *prevent* them being run in this way. Are there any settings the prevent their being run???

  4. #14
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    Originally posted here by Ignatius
    I like that solution!

    This thread has prompted a related question for me: is it possible to disable COMPLETELY the use of regedit (and others such as gpedit.msc)? There are many workarounds demonstrated here and I just wondered if there are any techniques that are foolproof (or as near as possible). I know that I could delete the files then carry them around with me on a USB memory stick but that wouldn't *prevent* them being run in this way. Are there any settings the prevent their being run???
    if registry editing is disable to you, and some (basic) policies are applied at domain level, i doubt you can run regedit or any utility.... you dont need to delete anything from users disk..
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  5. #15
    Senior Member
    Join Date
    Oct 2004
    Posts
    183
    Thank you - so it can be done! I know how to disable registry editing but don't know how to disable gpedit yet leave a "backdoor" for the Administrator to gain access. Can anyone tell me how to do this?

  6. #16
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    The answer is certainly yes it can be done. We prevent all of these vectors (and a few others not mentioned) through the use of local group policy, NTFS and system level lockdowns.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  7. #17
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    Originally posted here by Ignatius
    Thank you - so it can be done! I know how to disable registry editing but don't know how to disable gpedit yet leave a "backdoor" for the Administrator to gain access. Can anyone tell me how to do this?
    gpedit its a special right that only administrator (usually) have access.

    if the user has access to local administrator, its useless any effort to block it

    Basic security Administration:

    "End User shall not have acess to Local Administration Rights".
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  8. #18
    Since we're discussing the many fun ways of starting regedit you can use the 'at' command to start it under localsystem so you can see the SAM entries, etc

    run this command (where xx is a time in the near future like 20:30)

    at xx:xx /interactive regedit

  9. #19
    Senior Member
    Join Date
    Oct 2004
    Posts
    183
    Doesn't this need access to the cmd screen?

  10. #20
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    I believe that would require the command screen or a batch file, but what I think is being proposed is effectively to schedule regedit to run as a task. In this case you could use task scheduler/manager?

    In WIN XP it will ask you for the user password, but in 9x (I have only tried it with Windows ME) you are automatically logged in as Administrator.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •