Bypassing The Windows Lock Screen

February 28, 2015 by Rick Osgood 87 Comments

Most of us know that we should lock our computers when we step away from them. This will prevent any unauthorized users from gaining access to our files. Most companies have some sort of policy in regards to this, and many even automatically lock the screen after a set amount of time with no activity. In some cases, the computers are configured to lock and display a screen saver. In these cases, it may be possible for a local attacker to bypass the lock screen.

[Adrian] explains that the screen saver is configured via a registry key. The key contains the path to a .scr file, which will be played by the Adobe Flash Player when the screen saver is activated. When the victim locks their screen and steps away from the computer, an attacker can swoop in and defeat the lock screen with a few mouse clicks.

First the attacker will right-click anywhere on the screen. This opens a small menu. The attacker can then choose the “Global settings” menu option. From there, the attacker will click on “Advanced – Trusted Location Settings – Add – Add File”. This opens up the standard windows “Open” dialog that allows you to choose a file. All that is required at this point is to right-click on any folder and choose “Open in a new window”. This causes the folder to be opened in a normal Windows Explorer window, and from there it’s game over. This window can be used to open files and execute programs, all while the screen is still locked.

[Adrian] explains that the only remediation method he knows of is to modify the code in the .swf file to disable the right-click menu. The only other option is to completely disable the flash screen saver. This may be the safest option since the screen saver is most likely unnecessary.

Update: Thanks [Ryan] for pointing out some mistakes in our post. This exploit specifically targets screensavers that are flash-based, compiled into a .exe file, and then renamed with the .scr extension. The OP mentions these are most often used in corporate environments. The exploit doesn’t exist in the stock screensaver.

DIY Speaker Build

February 28, 2015 by Anool Mahidharia 11 Comments

There is something refreshing about a neat, portable audio hack – especially one than involves making a DIY Speaker Box from scratch. [Dave] had some time to spare and his ShapeOko was lying idle and hankering for some attention. He needed a small speaker that he could place outside when entertaining guests. After some quick homework, he zeroed in on the speakers he would use.

Using some online resources , he did some basic math to figure out the box size and shape, but then eventually threw caution to the wind and went ahead with the design he had in mind. Most speaker box builds use some form of wood or MDF. [Dave] had 9mm thick ABS sheets lying around and decided to use them instead. He used an interesting technique for putting the box together. The front and rear panels had slots milled in to them to follow the shape of the side panels. The two side panels had strategically cut slots half way through the thickness of the ABS to make it easier to heat bend them. He then used a heat gun to bend the side panels to fit them to the slots on the front and back panels. In the end, we’re guessing he used just four pieces of ABS to build a complex shape. Since the HiVi B3N speakers are full range, he also built a 1st order crossover to make sure the highs were diverted to the tweeters. All in all, a neat, clean build.

Laser Cut Settlers Of Catan Board = Best Christmas Gift Ever

February 28, 2015 by Theodora Fabio 20 Comments

[JoshBaker] wanted to make something special for his brother this past Christmas. He decided on making a wooden game board version of the Settlers of Catan game. [Josh] used CorelDraw to construct the vector images needed for the board. Then, he set out cutting the base, engraving and cutting out the many wooden pieces with a laser cutter. All the pieces were stained and then sealed with polyurethane. He assembled the base so that the removable hex tiles, ports, and resource numbers sit nicely in the recessed parts and don’t shift during gameplay. He complemented the board with tokens and game pieces that he hand-painted. [Josh] also created a new set of cards to fit with the board’s aesthetic.

The board is done incredibly well, not to mention beautiful to look at. The hex tiles’ designs are very detailed. The stained and engraved wood really adds to the atmosphere of the game. We featured a coffee table that would be perfect to play it on. [Josh] has listed all of the vector files for the version he gave his brother, as well as additional ones for the Cities and Knights Expansion. We wish we could have seen the look on his brother’s face when he got such an awesome Christmas gift!

[via Instructables]

Beating Super Hexagon With OpenCV And DLL Injection

February 28, 2015 by Adam Fabio 19 Comments

Every few months a game comes along which is so addictive, players can’t seem to put it down – no matter how frustrating it may get. Last year one of those games was Super Hexagon. After fighting his way through several levels, [Val] decided that designing a bot to beat the game would be more efficient than doing it himself. Having played a few rounds of Super Hexagon ourselves, we can’t fault him on that front!

At its core, Super Hexagon is a simple game. Walls move from the screen edges toward a ship located near the center of the screen. The player uses the arrow keys to “orbit” the ship around a central shape. Avoid getting crushed by the walls, and you’re golden. However, the entire game board is constantly spinning, expanding, contracting, flashing, and generally doing things to disorient the player while ever more complex wall patterns move in to kill you. In short, Super Hexagaon makes Touhou bullet hell games look like a cakewalk.

The first step in beating the game is to capture the screen. [Val] tried Fraps and VLC, but lags of 2 seconds or more were not going to work. Then [Val] turned to DLL Injection. Super Hexagon calls the OpenGL function glutSwapBuffers() to implement double buffering. Every frame of the game is rendered in the background. Once rendering is complete glutSwapBuffers() is called to swap the buffers, and the process starts over again. [Val] changed the game code such that his own frame capture function would be called instead of glutSwapBuffers(). Once he was done capturing the game’s video buffer, [Val] then called the real glutSwapBuffers() function. It worked perfectly.

Now that he had an image, [Val] used OpenCV to process it. Although game is graphically very noisy, there are only a few colors used at any one time. It didn’t take much work to come up with an algorithm which would create a binary image of the walls and the ship itself.

[Val] cast rays from the center of each wall through the center of the screen. The ray which was longest before intersecting another wall would be the best escape route. This simple solution worked, but only for about 40 seconds. At that point, Super Hexagon would start throwing more complex patterns, and the AI would fail. The final solution was to create an accessibility condition which also took into account how much space was available between the various approaching walls. This new version of the AI was able to beat the game.

So was this a more efficient method than grinding through Super Hexagon manually? Since [Val] now knows all about DLL injection and OpenCV, we sure think it was!

Click past the break to see the [Val’s] bot in action!

Continue reading “Beating Super Hexagon With OpenCV And DLL Injection” →

Walk Like A Xenomorph

February 28, 2015 by Theodora Fabio 19 Comments

[James Bruton] is busy working on his latest project, a “scrap metal sculpture”-inspired Alien Xenomorph suit. However, he wanted to get a boost in height as well as a digitigrade stance. To that end, [James] 3D-printed a pair of customized stilts. Each stilt consisted of a lifter with several parts laminated together using acetone. He bolted an old pair of shoes onto the stilts, adding straps across the toes to keep the shoes from lifting up.

While the stilts worked very well, [James] wanted to add soles to them to give him some traction as he walked – falling while in a Xenomorph costume composed of sharp plastic sounds painful enough! He decided to hybrid print the soles using ABS and Ninjaflex. The ABS part of the sole was then acetone-welded to the bottom of the stilts.

[James] hopes to add some claws for effect, so long as they don’t impede his walking too much. He has already completed a good amount of the 3D-printed suit. We know the finished project is going to be amazing: [James] has created everything from Daleks to Iron Man!

Continue reading “Walk Like A Xenomorph” →

Raspberry Pi GSM Hat

February 28, 2015 by Brian Benchoff 12 Comments

The Spark Electron was released a few days ago, giving anyone with the Arduino IDE the ability to send data out over a GSM network. Of course, the Electron is just a GSM module tied to a microcontroller, and you can do the same thing with a Pi, some components, and a bit of wire.

The build is fairly basic – just an Adafruit Fona, a 2000 mah LiPo battery, a charge controller, and a fancy Hackaday Perma-Proto Hat, although a piece of perf board would work just as well in the case of the perma-proto board. Connections were as simple as power, ground, TX and RX. With a few libraries, you can access a Pi over the Internet anywhere that has cell service, or send data from the Pi without a WiFi connection.

If you decide to replicate this project, be aware you have an option of soldering the Fona module right side up or upside down. The former gives you pretty blinking LEDs, while the latter allows you to access the SIM. Tough choices, indeed.

Adam Savage’s First Order Of Retrievability Tool Boxes

February 28, 2015 by George Graves 29 Comments

Let’s face it, we’re all a bit obsessed with tools. Whether it’s an oscilloscope or a screwdriver, having just the right tool can be the difference between loving what you are doing, or dreading it. But oddly enough, not much is talked about tool organization. We tend to think that how you organize your tools is just as import as the tools themselves.

[Adam Savage] of Mythbusters fame might just be the king of tool organization. In this thread on the Replica Props Forum, [Adam] shares the design and construction of two sets of mobile tool boxes he built while working at Industrial Light and Magic. The idea is simple: First Order Retrievability. That is, you should never have to move one tool to get to another. That in turn affords the fastest, most efficient way of working.

The evolution of this idea started with medical bags (the kind doctors would use, back in the day when doctors still made house calls), but as [Adam’s] tool collection grew, the leather was no match for 50 pounds of tools. So, he stepped up to two aluminum tool boxes. Adding wheels and a scissor lift allowed for a moveable set, at just the right height, that are always in reach. Perfect for model making, where being able to move to different parts of a model, and taking your tools with you is key. If you’re looking for a list of what’s inside [Adam]’s box of wonder, here you go.

What are some of your favorite ways of organizing your tools? What tips or tricks do you have? Post a picture or description in the comments. I’m sure we all could learn a bit from one another.