ConBoot - Unattended Win2k/XP/2k3/Vista/7/2k8 Password Bypass
#1
Posted 05 July 2012 - 12:38 PM
I'd like to introduce you a new boot CD that allows you to easily and quietly bypass password protection on Win2k/XP/2k3/Vista/7/2k8
The main advantage compared to similar tools like KonBoot, NTPWEdit, or WinGate is that once you boot it everything else works automatically and invisibly.
It is based on a 2MB small hard disk image containing a patched version of MSDOS 7.0 which does not produce any visible text output while booting. When booted it loads a NTFS DOS driver, detects windows version and then replaces msv1_0.dll with a patched one in order to disable all password checks. Finally it makes use of a silent Grub4Dos version and boots windows.
Although it is not entirely finished yet, it is well working in most cases.
What is still missing is support for Windows 7.
Current version: 0.5
You can get the iso release file here: http://www.7ups.net/.../ConBoot-0.5.7z
Source files for building: http://www.7ups.net/...Boot-Sources.7z
Demo Video: http://www.firstcode...boot/demovideo/
Have fun...
- Brito likes this
#2
Posted 07 July 2012 - 06:05 PM
thanks for the program, faster than konboot
#3
Posted 07 July 2012 - 06:27 PM
Why not making this tool available at the download center? This ensures more people notice it exists.
btw. Thanks for posting the video, really nice.
Take care!
#4
Posted 08 July 2012 - 12:15 PM
I also tried a USB Flash drive and grub4dos
title ConBoot map /iso/Conboot.iso (0xff) map (hd0) (hd1) map (hd1) (hd0) map --hook chainloader (0xff)and it just reboots to the USB drive?
#5
Posted 08 July 2012 - 08:45 PM
Here is my config file when I added it to xboot
### MENU START
title ConBoot\n
ls /images/conboot.iso || find --set-root /images/conboot.iso
map --heads=0 --sectors-per-track=0 /images/conboot.iso (0xff) || map --heads=0 --sectors-per-track=0 --mem /images/conboot.iso (0xff)
map --hook
chainloader (0xff)
### MENU END
I found this thread that might help, it was for the other version konboot, it may work for this
http://www.sarducd.i...-boot-t274.html
#6
Posted 10 July 2012 - 08:17 PM
Really? ôO
Thats interresting - as it actually does not contain any 64bit specific binary patches...
The ConBoot boot CD-ROM iso image file is based upon the rarely used hard disk emulation boot method. This might be the reason why it might cause compatibility problems when booted indirectly with bootloaders like GRUB4DOS.
Try to boot it from CD directly or test it in a virtual machine - which both should work.
Anyway I probably will soon release a new version here which will use the more common floppy disk emulation boot method.
I guess this will solve the boot loader compatibilty issues.
#7
Posted 11 July 2012 - 03:27 PM
#8
Posted 11 July 2012 - 08:50 PM
...
The main advantage compared to similar tools like KonBoot, NTPWEdit, or WinGate is that once you boot it everything else works automatically and invisibly.
...
Umh... What is the advantage compared with KonBoot again, works automatically and invisible after boot ... sounds exactly like KonBoot to me?
How did u mean this?
@alochet
Btw, the whole procedure(booting MSDos7, loading NTFS driver, finding windows installation(which one if there is more than one?), replacing system dll with a patched one, starting via grub, all this is starting faster than KonBoot? I wonder how this should be possible, since KonBoot just start and loading a binary memory patch. Maybe it has some start delay for the text output, this might slow it down.
Guess I have to give it a try to see by myself, but the lack of Win7 compatibility (word from the author) make it pretty much useless for me.
#9
Posted 11 July 2012 - 10:45 PM
It could potentially operate like this:
Load MSDOS
Detect version
Copy msv1_0.dll to say C:conbackup with hidden attributes
Replace with patched version
Load grub4dos to load windows
Use normally
A second utility (or a second entry in a menu):
Load MSDOS
Replace msv1_0.dll from C:conbackup
Delete C:conbackup
Exit
Seems simple enough, but I'm sure that there may be more than this going on. Either way, thank you for your work so far. It has not gone unnoticed and is very much appreciated.
#10
Posted 12 July 2012 - 07:44 AM
i use GRUB4DOS 0.4.4 to boot this ISO.
with the example from alochet
title ConBoot
ls /ConBoot.iso || find --set-root /ConBoot.iso
map --heads=0 --sectors-per-track=0 /ConBoot.iso (0xff) || map --heads=0 --sectors-per-track=0 --mem /ConBoot.iso (0xff)
map --hook
chainloader (0xff)
But i get this error:
Page Fault: cr2=00400000 at eip:419; flage 3206
...
...
bad command or filename
R:>
i looks like the tool: 7zdec.exe do crash
an the file: ram.7z i do not found on device: R:
Edited by ds2011, 12 July 2012 - 07:48 AM.
#12
Posted 12 July 2012 - 08:02 AM
if i burn the iso to a cd-r
and try to boot, only a black screen with a withe cursor but nothing happens
(on the harddisk ist a windows 7)
Edited by ds2011, 12 July 2012 - 08:06 AM.
#13
Posted 12 July 2012 - 11:30 AM
Is the cursor moving around at all like on the video or is it just hanging there in the top left?
#14
Posted 12 July 2012 - 11:44 AM
i build a floppy-disk-image based on freeDOS
http://www.7ups.net/...conboot_dsk.IMA
but it did not work, only a black screen after loading the RAMDRIVE
Edited by ds2011, 12 July 2012 - 11:49 AM.
#15
Posted 12 July 2012 - 11:57 AM
Do you have an XP machine to test the floppy version on? I wonder if it is because it doesn't support 7 yet despite the title.
I really need to make some time to play with this.
#16
Posted 12 July 2012 - 12:54 PM
Once booted does it restore the original "msv1_0.dll" so there is no trace that any modification or access was made? If not, this should be added.
I have the same question
#17
Posted 12 July 2012 - 01:22 PM
http://www.7ups.net/...MEH6TY/test.IMA
i get a grub prompt
but the OS from DISK is not booting
Edited by ds2011, 12 July 2012 - 01:23 PM.
#18
Posted 12 July 2012 - 03:17 PM
If you program is free, please find a way to bypass all the nonsesnse.
Mt anti-virus blocks the link to the website posted by you for the doanload.
#19
Posted 13 July 2012 - 01:56 PM
Avast AntiVirus detects:
Infection: URL:Mal
#20
Posted 13 July 2012 - 07:54 PM
replaces msv1_0.dll with a patched one in order to disable all password checks.
It's useless unless the original msv1_0.dll is automatically restored, when you logoff again after using ConBoot
#21
Posted 16 July 2012 - 08:35 AM
Note that the release above is actually only an alpha version build.
And yes a backup is created but not restored automatically yet.
But this was a very good idea indeed. =)
#22
Posted 17 July 2012 - 01:13 AM
I've finally tried the original iso in a virtual win7 just to see what would happen and all that I get is an I/O disk error. Is that what anyone else gets? Perhaps its because it is virtual, but I doubt it.
#23
Posted 18 July 2012 - 05:18 AM
Scott
#24
Posted 24 July 2012 - 01:52 PM
Scan with Avast, AVG Online Virus Scanner or just click on this URL:
http://www.avgthreat.../www.avg.com.au
#25
Posted 25 July 2012 - 03:09 PM
Changes:
- Uses now 1.44 MB floppy disk emulation for the boot CD iso. (This should improve compatibility with buggy BIOSes and boot loaders)
- Seperate 1.44 MB floppy disk image included (for Grub4Dos / USB Booting)
- UNDO Function:
- Boot it once: Windows password protection disabled.
- Boot it twice: Changes are undone.
http://firstcode-sof...ConBoot_v0.6.7z
NOTE: The archive is encrypted! pwd = "c0nb00t_v0.6" (without quotes)
Enjoy!
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users