Weird "bug"(?) in windows xp... Any windows guru's

basketofkittens · 03-05-2006, 07:30 PM

Ok, so this is something I've known about for a good few years, but I figure maybe someone (j0k3r?) can give me a straight answer.

You know when you have the standard login screen for windows xp, the one where you need to type in the username and password, and it's always themed with that standard windows theme? Well, this bug or whatever lets you change that theme to whatever you want. It might let you change something else too, but this is what I've used it for.

Ok so here's the steps: Go to the regkey HKEY_USERS\.DEFAULT\Control Panel\Desktop\SCRNSAVE.EXE and change "logon.scr" to "cmd.exe". Also, change the ScreenSaveTimeOut key to something like 5. Now log out and wait for the command window to show up. Type "mmc". In the Management Console, click File > Open and then go up one level. Now right click any of the folders you see, and hit "Search...". This is where the freaky shit starts happening. The computer will login to an account called SYSTEM. From here you can change themes, settings, etc. Certain items in the control panel won't work, but I can't remember which exactly. After you turn off the command window it'll boot you back to the login screen, and keep whatever theme settings you've set.

Can anyone shed some light on this "SYSTEM" user? Is this any kind of security flaw that Microsoft should know about? I discovered this pre-SP1 when I was fucking around one day, so it was a while ago, and it still works in SP2. Anyone?

SoulAssassin · 03-05-2006, 08:44 PM

When I wake up I'll try to find a good definition but basically the System account allows certain processes to run, whether or not they have the ability to logon locally is up to you. A good example (from my perspective) is allowing Backup Exec to run...the services require an account to run but they do require this account to be logged on. So when the scheduled time comes to run, it has an account with specified permissions to do the scheduled job. Allowing Backup Exec to use an administrator account is *technically* a security risk, as is any process, but it does make the job easier.

Home > Discussion > Tech Weird "bug"(?) in windows xp... Any windows guru's
Join The Cult	Tweakers	Image Gallery	Donate	Search	Today's Posts	Mark Forums Read

03-05-2006, 07:30 PM	Weird "bug"(?) in windows xp... Any windows guru's	permalink #1
basketofkittens Senior Member Jan 2005 Posts: 1,301 (#69) Thanked 0x in 0 posts x0	Ok, so this is something I've known about for a good few years, but I figure maybe someone (j0k3r?) can give me a straight answer. You know when you have the standard login screen for windows xp, the one where you need to type in the username and password, and it's always themed with that standard windows theme? Well, this bug or whatever lets you change that theme to whatever you want. It might let you change something else too, but this is what I've used it for. Ok so here's the steps: Go to the regkey HKEY_USERS\.DEFAULT\Control Panel\Desktop\SCRNSAVE.EXE and change "logon.scr" to "cmd.exe". Also, change the ScreenSaveTimeOut key to something like 5. Now log out and wait for the command window to show up. Type "mmc". In the Management Console, click File > Open and then go up one level. Now right click any of the folders you see, and hit "Search...". This is where the freaky shit starts happening. The computer will login to an account called SYSTEM. From here you can change themes, settings, etc. Certain items in the control panel won't work, but I can't remember which exactly. After you turn off the command window it'll boot you back to the login screen, and keep whatever theme settings you've set. Can anyone shed some light on this "SYSTEM" user? Is this any kind of security flaw that Microsoft should know about? I discovered this pre-SP1 when I was fucking around one day, so it was a while ago, and it still works in SP2. Anyone?

Yesterday, 05:30 PM	#2
Sponsored Links
(hide)

03-05-2006, 08:44 PM	permalink #2
SoulAssassin Vagina Friendly Mayor Jan 2005 Last Seen: Today Location: Cincinnati, OH Posts: 3,160 (#25) Thanked 1x in one post x14	When I wake up I'll try to find a good definition but basically the System account allows certain processes to run, whether or not they have the ability to logon locally is up to you. A good example (from my perspective) is allowing Backup Exec to run...the services require an account to run but they do require this account to be logged on. So when the scheduled time comes to run, it has an account with specified permissions to do the scheduled job. Allowing Backup Exec to use an administrator account is technically a security risk, as is any process, but it does make the job easier.
	Perfect. Fuck. Ok stay here and get... butt fucked by 12 Neanderthals. Bitch

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Welcome to Tweak3D

Login to reply. Sign-up here.

Be notified of new replies to this thread

	User Name Password Save? Not Registered Yet? Go here.

	Home Forums Deals Articles Reviews About

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Windows XP Home to Windows XP Professional	chrisonepointeight	Tech	8	12-27-2005 06:22 PM