Screen Unlock Meterpreter Script


I just released a meterpreter script that can be used to unlock the screen of a windows system.

The script needs SYSTEM privileges and patches the msv1_0.dll loaded by lsass.exe so that every password will be accepted to unlock the screen. (the patch can also be undone to get back to normal behavior). Currently Windows XP SP2 and SP3 are supported.

The idea for this technique was first published by Metlstorm used for the winlockpwn tool performing the patch via firewire access to a machine.

I think it might be good for some demonstration purposes.

you can get the script here: http://github.com/svent/misc/blob/master/metasploit/screen_unlock.rb