Closed signal-5 closed 5 years ago
Maybe squash the commits some?
Yes, but I'm new to github. Can you do this in web interface?
Time to merge?
it is indeed time for that :)
stickykeys_cmd_win.sig
and unlock_win7x64.sig
should be merged ASAP. I'd rather not add the perl script though.
before I merge are you able to ensure it's working on latest windows 7 version and also the destination directory is changed from pcileech_files
to just files
if you're able to drop a new pull request, or a changed one I'll merge immediately 👍
Added a signature for, in memory, replacing sethc.exe (stickykeys) with cmd.exe. Pressing SHIFT five times will spawn cmd.exe with system access at the login screen. Works with all x64 Windows versions. Also added the missing Windows 7 unlock signatures. The simple tool search_offset.pl can be used to find signatures and the offsets in memory dumps.