Major Group Policy Flaw(Command Prompt,Regedit,Task Manager (can this be blocked ?) RRS feed

  • General discussion

  • You can access Command Prompt,reg-edit, and task manager on a computer where its disabled with no admin rights. You can do this by copying the files for Cmd,regedit, and task manager, to a writable location. Then you can edit them with a binary editor to run regardless of the policies set up. . The reason this works is because when Microsoft was coding Windows, , they decided they'd rather have it be more open than closed. When the command line starts, it checks a value in the registry to see if it can run. When you do this your changing the registry location it looks in. Therefore it doesn't find the restriction in the registry. As a result, it allows execution. Once you've changed this one binary value, it will work on any school, work, or home computer that has it disabled. Also on 64 bit versions of windows 7 and 8 you also need to copy the En-US folder from System32 and paste it in the folder with the binary edited CMD file. This is so it can load all the commands properly. I am not responsible for what you do. Have fun. The unicode strings are CMD- disablecmd, Regedit- disableregistrytools. You can also use this method to access a disabled task manager. 
    Note: When doing this put the files into a place you can write to like a flash drive or the desktop, or else you won't be able to make the edits. You can do this all on a standard account. You don't need to be a Administrator. 

    Video link that demonstrates flaw


    Tuesday, March 8, 2016 8:45 PM