netcurmudgeon (netcurmudgeon) wrote,
netcurmudgeon
netcurmudgeon

  • Mood:

Why it's bad to piss off the geeks: Lesson No. 1

Got the NT Resource kit?
Got administrator rights to the PCs on your network?
Got some user who desperately deserves to be made bewildered and miserable?

Read on.

This is a happy little confection, and easy to whip up. The key ingredient is a tool called SHUTGUI from the Windows NT Resource Kit. Shutgui can be run from the command line, or as a graphical utility. It will work with NT, Windows 2000, and Windows XP -- servers or workstations.

Fire up shutgui, key in the machine name of your target PC. Be sure to clear the default message text (which says "Your computer is being shut down by user name. Save any work that may be lost!"), set the wait time to 0 seconds, and check box that says "Kill Applications Without Saving Data". Click "OK". *BOOM*

Instant reboot. No chance to save open files. Best of all, no pesky fingerprints in the event log on the victim's PC. Just pure unadulterated remotely administered justice.

Taking it to the next level

boot.ini. It's in the root of the C: drive, and it tells ntloader where to find the operating system. Yes, BTW, even on XP it's still good old ntloader getting it done when you boot up. Back in the NT days, you would get an option to boot the system normally, or in "VGA Mode" (a.k.a. safe mode in Win 95/98 terms). In Win2k and XP the option is not presented, but it still works.

A normal boot.ini file looks like this:

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(2)\WINNT
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINNT="Microsoft Windows 2000 Professional" /fastdetect


Connect to your victim's C: via the administrative share (e.g. \\VictimPCname\c$), and edit the boot.ini file. You will probably need to clear the Read only setting in the file's properties. Change "/fastdetect" to "/basicvga /sos" and save the file. Be careful not to change anything else!

Hit them with shutgui. They won't be in Kansas any more when their PC reboots. Their screen resolution will be 640x480. Their color depth will be 16 colors. Screens have been 800x600, 1024x768 (or higher) for so long now that most apps won't even fit on a 640x480 screen. Heck, some Windows dialog boxes won't fit on 640x480. And their carefully arranged desktop icons? All crammed into the tiny 640x480 footprint and totally rearranged. I can't imagine how bad XP's big, rounded, Fisher Price interface would look in 640x480.

The best part of this is that no matter what your victim does, they can't change their screen resolution or color depth. You have to go back in and change their boot.ini back to the way it was originally. Once you do that you can either zap them with shutgui again, or just let them suffer until they reboot (or, the helpdesk tells them to reboot when they call in). Then, Shazam!, they're back to normal.

Lather, rinse, repeat as necessary. Tell them that they must have a nasty virus. Grill them about what they've been surfing on the Internet. Obviously, they're doing something wrong.

In Lesson No. 2 in our Why it's bad to piss off the geeks series we'll discuss the Windows shell. Explore this fanboy!
Subscribe
  • Post a new comment

    Error

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 4 comments