-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
77 lines (59 loc) · 2.62 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
::|| RoboSapiens V3.0.0
::|| Written by bugos - 4/2012
::|| Let's you play for free in the local netcafe.
**guards= The programs that lock the pc
How it works
============
It generates a file called 1.bat at C:\\. This file contains the code that will
kill the guards, change the time and then restart the guards.
How does it kill the guards
~~~~~~~~~~~~~~~~~~~~~~~~~~~
The security consist of 2 processes and one service.
WEBMAIN1.exe: The main program. We need to kill this in order to change the time.
svhost2.exe: it restarts the pc if WEBMAIN1.exe is killed.
svchost3: service - seems to work together with svhost2
These 3 watch each other. If you close one of them, the pc restarts
So we suspend the processes, then kill the service.
After that we can safely kill WEBMAIN1.exe change the time and restart it.
How does it change the time
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Usage
=====
%time%: the timer of the guards is set to this values.
if set to k, it kills the guards and exits.
if set to s, it opens a system command promt.
taken from %1 (arg1) or from cin
Includes/Uses
=============
(010.exe) Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://retired.beyondlogic.org/solutions/processutil/processutil.htm
Version: 2.03
Original Filename: process.exe
Used to kill, suspend and resume processes.
Kill:
C:\>process -k iexplore.exe
Suspend:
C:\>process -s winword.exe
Resume:
C:\>process -r winword.exe
(020.exe) PsExec
~~~~~~~~~~~~~~~~
http://technet.microsoft.com/en-us/sysinternals/bb897553
Version: 1.98
Original Filename: PsExec.exe
Used to grant system privilages.
-s Run remote process in the System account.
-i Run the program so that it interacts with the desktop of the specified session on the remote system.
-d Don't wait for application to terminate. Only use this option for non-interactive applications.
Run Regedit interactively in the System account to view the contents of the SAM and SECURITY keys:
psexec -i -d -s c:\windows\regedit.exe
Tip: Run process in system account (sc.exe)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://forum.sysinternals.com/tip-run-process-in-system-account-scexe_topic16714_page1.html
Used in previous versions to grant system privilages. It was replaced by PsExec
~~> Work around Sysinternals license pop-ups
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://peter.hahndorf.eu/blog/2010/03/07/WorkAroundSysinternalsLicensePopups.aspx
PsExec pops up a windows and asks you to agree with its licence. I don't like that.
reg.exe ADD "HKCU\Software\Sysinternals\PsExec" /v EulaAccepted /t REG_DWORD