Friday, January 16, 2015

Cerberus Alpha - About the Project

I wrote "Cerberus Alpha" because a friend brought me her laptop to fix after she had forgotten her Windows 8 password. Since Windows 8 was very new at the time there was little information on breaking into it. I found out that the exploit of replacing sethc.exe or utilman.exe with cmd.exe still works in Windows 8. After I helped her I thought it would be handy to have a tool to do that for you and that is simply what Cerberus Alpha is designed to do. It is a boot CD by necessity and I chose TinyCore Linux as the base OS.

This series documents my struggles of writing the program, developing the custom OS and testing.

Following is a cut-out of the about page that the program will print if you enter 'a' at the main menu:
┌───────────────────────   ABOUT CERBERUS ALPHA   ─────────────────────────────┐
│ Cerberus Alpha                                                               │
│ version 1.1 - Thursday, Dec. 5, 2013 8:31 PM local time                      │
│ Created by ThreeNine --> threenine @ gmail . com                             │
│ Feel free to write me an email, but it may take me a while to reply          │
│ Put Cerberus Alpha in the subject!                                           │
│ I hope you enjoy and only use it for good not evil! ;)                       │
├───────────────────────   WHAT DOES IT DO?   ─────────────────────────────────┤
│ Cerberus Alpha is a script designed to launch from a linux OS and access     │
│ Windows files systems, then replace utilman.exe with cmd.exe, and back it up.│
│ There is also a mode to replace sethc.exe with cmd.exe                       │
├───────────────────────   WHY DOES IT DO THIS?   ─────────────────────────────┤
│ Replacing utilman with cmd is a way to exploit a security vulnerability in   │
│ Windows, allowing us to get a command prompt by pressing win+U (or shift x 5)│
├───────────────────────   WHY DID YOU MAKE THIS?   ───────────────────────────┤
│ I had a friend who forgot her password to a Windows 8 Laptop.                │
│ There are utilities to change passwords on older systems, but the only way I │
│ could find to fix her password was to use this exploit!                      │
│ This is what inspired me to write this script and create this CD             │
├───────────────────────   ABOUT THE CD   ─────────────────────────────────────┤
│ I also created a Boot CD to run this program from, to make it run almost     │
│ automatically. The CD runs a version of Tiny Core Linux that I specifically  │
│ modified. You have the option to boot into the standard OS during startup    │
└──────────────────────────────────────────────────────────────────────────────┘


There are some other hidden menu options, mostly for fun or testing. I will remove testing features when I publish the program. I guess you could say this is an "open source" project since I will be publishing the source code. About the email - it's not my normal email address, but I decided to use an alternate since I didn't want to get spammed by posting the source code online.

No comments:

Post a Comment