Home page logo
/

metasploit logo Metasploit mailing list archives

Fake Gina
From: jerome.athias at free.fr (Jerome Athias)
Date: Sun, 25 Mar 2007 20:41:16 +0200

actualy i use this:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"GinaDLL"="mscad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"SAS_S"=dword:00000001

and i wait a reboot
i didn't go further on it but maybe we can find a way to have it working 
on the fly
i will test it

H D Moore wrote :
This sounds like a good idea. Whats the process for loading the new Gina? 
Can you load it at runtime, or do you need to update the registry entry 
and reboot? If you load it at runtime, how is this injected? Can you 
share your implementation?

-HD



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault