PDA

View Full Version : A noob needs help please


007
December 10th, 2013, 09:15
i have a little question i once restricted CMD shell in Windows 7 via Group Policy but by using HEX editor i changed Restrict cmd to cmk i was able to relaunch it thanks to the guy who did it first so i was able to bypass group policy however when cmd shell is restricted via registry can you find a way on my behalf to bypass registry settings again using hex editor i tried hard but was unable to do it assume i am using guest account on windows 7 thanks in advance i am sure there is some way out we can launch cmd shell if we keep some hexedited cmd.exe file on pen drive it will bypass registry settings

disavowed
December 10th, 2013, 12:41
Please re-post with punctuation.

Aimless
December 10th, 2013, 23:13
That's part of the challenge, eh disa?

I had to take 2 aspirins before I could finish reading it.

Have Phun

Woodmann
December 10th, 2013, 23:41
Whats so wrong with a run-on sentence ?

Woodmann

007
December 11th, 2013, 08:40
Quote:
[Originally Posted by disavowed;95836]Please re-post with punctuation.

Thankyou to all for your response i have a little question. I once restricted CMD shell in Windows 7 via Group Policy, but by using HEX editor i changed Restrict cmd to cmk, i was able to relaunch it thanks to the guy who did it first so i was able to bypass group policy, however when cmd shell is restricted via registry, can you find a way on my behalf to bypass registry settings again using hex editor or any other tool I tried hard but was unable to do it. Assume i am using guest account on windows 7, thanks in advance. i am sure there is some way out we can launch cmd shell if we keep some hexedited cmd.exe file on pen drive it will bypass registry settings please give me some guidance or any insights

owl
December 16th, 2013, 09:40
I had seen something similar, but didn't bother looking into, so I would love to know the answer to it. How can you unable cmd back, when you disable it, plus the registry editor?. Is there a way to enable besides re-loading a registry backup?.

007
December 24th, 2013, 08:07
Quote:
[Originally Posted by owl;95868]I had seen something similar, but didn't bother looking into, so I would love to know the answer to it. How can you unable cmd back, when you disable it, plus the registry editor?. Is there a way to enable besides re-loading a registry backup?.

it was not my hack i am a noob what i did is restrict a cmd
with Group Policy Settings then copied cmd to desktop fire up hex editor opened cmd into it looked for text string r.i.s.t.r.i.c.t c.m.d. replaced it with r.i.s.t.r.i.c.t c.m.k.and game over now you can relaunch it however if it is restricted via registry it is quite difficult to relaunch it