When running the !sharplock command on a Windows 10 victim machine, the fake login "Form1" window is displayed in front of all other windows, however the last focused window remains in focus and receives the user's password as input.
Tapping the window or pressing Alt+Tab will give it focus.
Furthermore, without LIGHTSPEED, the transmission of the !sharplock shellcode takes roughly two minutes, as measured by the console traffic on the LOGITacker console. However, the fake lockscreen already appears on the victim screen after one minute, so I assume the first minute is the actual transmission of the payload, and the second minute is merely the echo from the covert channel console. If there is an easy way to suppress the echo during payload transmission, that could reduce the time to 50%! :)
When running the
!sharplockcommand on a Windows 10 victim machine, the fake login "Form1" window is displayed in front of all other windows, however the last focused window remains in focus and receives the user's password as input.Tapping the window or pressing Alt+Tab will give it focus.
Furthermore, without LIGHTSPEED, the transmission of the
!sharplockshellcode takes roughly two minutes, as measured by the console traffic on the LOGITacker console. However, the fake lockscreen already appears on the victim screen after one minute, so I assume the first minute is the actual transmission of the payload, and the second minute is merely the echo from the covert channel console. If there is an easy way to suppress the echo during payload transmission, that could reduce the time to 50%! :)Thanks for the awesome work, BTW!