The one thing to take away from this is that when you lock a workstation, your application windows (including your desktop icons and task bar) are not individually hidden. It then goes back to sleep, quietly waiting for you to hit Ctrl-Alt-Delete again, in which case it activates the Winlogon desktop as described above. It listens for Ctrl-Alt-Delete, asks you for your credentials, authenticates you, and eventually starts up Explorer so that you can actually start using your computer. Every other window you're likely to see lives on the Default desktop.īy the way, the Winlogon desktop is named for the process winlogon.exe, which is what you're interacting with when you walk up to a locked or un-logged-on computer. The Winlogon desktop is home to the "Windows Security" dialog box that appears when you hit Ctrl-Alt-Delete and the "Computer Locked" window that appears when you click the "Lock Computer" button (again, see Figure 1). The Winlogon desktop will become the active, visible desktop, and the Default desktop will be hidden. If you'd like to see the Winlogon desktop, just hit Ctrl-Alt-Delete. As you read this, you're looking at the Default desktop. There are at least two desktops that exist on your computer at all times: they are named Default and Winlogon. The following should help clarify the "desktop" concept: Think of a "desktop" as a logical container for other Windows.a blank slate that holds all of the windows you see when you use your computer. Now don't think of a desktop as the place where your Recycle Bin and My Computer icons live. To make a long story very short, in Windows there is something called a "desktop". So, if we're not really unlocking the workstation then what exactly is happening? An administrator accessing a user's interactive session has never been explicitly forbidden it's just never been exposed either programmatically or through the UI. This is consistent, of course, with the premise that once you have administrative rights on a machine, you can do pretty much anything you'd like. The one thing preventing this tool from wreaking havoc on office LANs everywhere is that the user running the application must be in the local Administrators group on the target machine. (I haven't actually thought of any, but either way, please keep reading.) A Quick Disclaimer There may, however, be legitimate scenarios where an administrator needs to do just this. What the administrator can't normally do is to unlock the computer and start using the interactive user's session. In this case, the interactive user is logged off (which includes forcefully closing all running applications) and the administrator is returned to the standard logon prompt. Alternatively, a user who is a member of the local Administrators group can enter their credentials instead. So, when the computer is locked and the interactive user hits Ctrl-Alt-Delete and enters his or her credentials, the desktop is restored and the user can continue working. (Note: I'm referring to the user who has logged on via the physical keyboard and monitor.this technique isn't designed to unlock a Terminal Services session). We'll call this user the "interactively logged-on user". Obviously, Windows does allow the computer to be unlocked by the user who locked it. To be fair, this technique doesn't quite unlock the workstation the same way as hitting Ctrl-Alt-Delete and entering the user's credentials would (which is why I've put quotation marks around the word "unlock"), but it does permit you to access the logged-on user's desktop.įigure 1: If you've never seen this window before, please enroll in a basic computer-security class at your local community college. Along the way, we'll use some mildly-thrilling techniques such as DLL injection, remote Windows Service creation, and embedding and extracting other executable files in your EXE. In this article, I'll show a method/hack that allows you to "unlock" a locked Windows 2003, XP, or 2000 computer (see Figure 1) without knowing the logged-on user's password and without logging that user off.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |