Everybody noticed... (-: but noone caired that much [winxp]
Windows xp executes a default screen saver ' login.scr' after a certain time of inactivity in windows :with i guess admin. privilage!!! even when no screen scaver is specified or the screensaver is disabled by the user/administrator...
Not to mention, this sceen saver even pop's up in the welcome screen if the user logon is delayed for couple of minutes...
Guess what... a person like me could replace a default "c:\windows\system32\login.scr <hUNT3R infeCted>
I am not sure on this... /never got enough time to 100% assure this... <it start's with a admin. privilage> is there anyone out there to verify this...
Anyway the solution could be...
HKEY_USERS\.DEFAULT\Control Panel\Desktop
ScreenSaveActive=0
---------------------------------------------------------------------
Based on the same kind of trick i came up with a idea 4 year's ago.
???
Ok, here is a situation...
Suppose you have to hack a network that is up 24/7. You have a guest/user access...
YOUR admin. monitor's your work form a remte terminal...
here is what you could do...
Replace the winword.exe with excel.exe <kidding>
Replace the winword.exe with another winword.exe <hUNT3R infected> and wait until your admin simply click's a *.doc
-------------------
Or you could tailor your stupidity to anything, like waiting for the network getting hacked with a sub7 after the admin
right click's his desktop
Yap, this is possible by simply replacing some *.dll's, *.exe's or....... *actually i forgot*
Now don't tost me telling what if the SFC monitor's your activity and restores the original system file when you try to replace it...
[IT'S NOT MY PROBLEM]
Try disabling it by using these trick...
http://www.blackcode.com/forums/viewtopic.php?t=5380
and deleting sfc.exe and some *.dll's
------------------
Happy hUNTING
------------------
