screen saver pass

***Terr*** · November 28th, 2001, 09:02 AM

I burned a little CD containing an auto-run program that dumps the password (from registry) to the a disk that may be A/B drives. From there I take the disk out, and decrypt the screensaver password on a remote computer.

This attack needs A) Data-CD autorun enabled (You can specify if you want either/or/neither Data/Audio CD's to autorun.)
and B) A floppy drive (pretty standard).

This way you don't lose any work that was on the computer, and anyone who was using it doesn't notice that their computer was rebooted or the screensaver changed. Anyway...

Just dump
HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSave_Data
to the disk in a small file containing the hex string, and you can use 95sscrk.exe to decrypt the pretty-weak password. I used a registry control OCX in Visual Basic to dump out the key, so posting the code here wouldn't do much good. It didn't really work well anyway, since it needed the VB runtimes preinstalled on the target computer... I ought to update that disk sometime.

Anyone know of a registry control library for C++? I'm not eager to reinvent the wheel dealing with such a delicate monlith of data.

Thread: screen saver pass

Thread Tools

Display

Hybrid View

Posting Permissions