Jump to content

Some windows XP hacking


H2SO4

Recommended Posts

I have windows xp home on my laptop. I fi nd myself daily becoming more and more nerdier ( I have 1 gig of ram installed, and a 1.8 gh pentium M with 2mb L2 cache). SO i find myself going nuts and hacking pinball, first the wave sounds witch is cake, then i download resource hacker. So basicaly my pinball is mangled and awesome. I started hacking windows exe's.

 

 

This is my favorite hack so far. I've changed the text "start" on my start button to DEREK (my name) It even has a little picture of my head in place of the little windows icon, just for laugh's. Now i have a nerd friend, who has a nerd friend that supposedly changed the color of the actual button. I can't find this thing anywere with resource hacker. Is it simply a regedit? Fromt he sounds of it it seems like a cool hack, for example he made it a darker green and when he moves his cursor over it turns purple. Anyone know how to hack this?

Link to comment
Share on other sites

I'm familiar with resource hacker, it'd good fun once you know where the files are! If you edit the ntos kernel, found here:

c:\windows\system\ntoskrnl.exe

Then you can change the boot screen. You'll need the special palete they use to see the image, it can be found/safely downloaded from http://www.thetechguide.com/howto/xpbootlogo/ scroll down, it's basically a manual.

 

Otherwise like BigMoosie said, can people just post down file names, directories and where within that file you can find cool things to edit.

 

(I would have said where within ntoskrnl.exe to find the things, but that site gives you all the info you need.)

 

oh, btw, editing system files is good fun, but when updating windows if a download requires that file and it scans it just as a check, or for whatever reason, if it finds it changed (because you edited it) the update may not work properly and this can cause problems. And make sure you do it right, because implementing a corrupt kernel is just annoying! (I did it, you just need to reinstal windows, but then you'll lose all your moded stuff, well, it depends what exactly you corrupted, sometimes you can boot into safe & fix from there or whatever).

Link to comment
Share on other sites

I screwed up my shell (explorer.exe) the first time i hacked the start button, and i brought up task manager and ran system restore. So can i replace my boot screen with any image? What about that scroll bar thing.

 

 

And alittle back on topic, where is the file or whatever for the start button color? Would changing it be an regedit?

Link to comment
Share on other sites

I'm familiar with resource hacker' date=' it'd good fun once you know where the files are! If you edit the ntos kernel, found here:

c:\windows\system\ntoskrnl.exe

Then you can change the boot screen. You'll need the special palete they use to see the image, it can be found/safely downloaded from http://www.thetechguide.com/howto/xpbootlogo/ scroll down, it's basically a manual.

 

Otherwise like BigMoosie said, can people just post down file names, directories and where within that file you can find cool things to edit.

 

(I would have said where within ntoskrnl.exe to find the things, but that site gives you all the info you need.)

 

 

 

 

I don't have this file in my system folder. Doesnt exist, at least not here, ill serch though

Link to comment
Share on other sites

  • 3 weeks later...

GAh! I changed my start text, and when I booted it up later, "Dachs" had disappeared and reverted to the old file, leaving a boring old "Start" . . .

 

And now I can't get it to work again. Any ideas on why this is doing this? It's really, really bugging me. Thanks

Link to comment
Share on other sites

Well, as for the mod disappearing... a windows update could cause that.

 

As for it not working now... well, can you find the right thing in resource hacker? And then you edit it? And then implement the new .exe? And then reboot?

Link to comment
Share on other sites

What reverted??? :confused:

 

And as for that link, surely implementing the new modified explorer.exe through a copy/replace in safe mode would give you the same result as editing the registry.

 

What I mean is that that site tells you to edit the registry so that windows loads explorernew.exe instead of explorer.exe

 

Whereas what I would have done was delete the old explorer.exe and replace it with my new moded one. So that explorer.exe is still loaded according to the reg, but it is a modified .exe

 

It gives the same result whichever way you do it.

 

[edit] some neat reg edits here:

http://www.theeldergeek.com/registry_edits.htm

Link to comment
Share on other sites

from reading the websites, it seems that people had probelms with ad-aware... Does the system view the new files you created as spam or a virus or something like that?

 

edit: I tried to change my start button words but I had a similiar problem as someone on the website. My desktop didn't load after I redirected the start button source to my new shell file. I was able to change it back using the task manager... does anybody know the problem, and how to rectify it?

 

edit edit: just forgot to type in the extention .exe no big deal. My start menu now says "Green Eggs & Ham"

Link to comment
Share on other sites

I'm familiar with resource hacker' date=' it'd good fun once you know where the files are! If you edit the ntos kernel, found here:

c:\windows\system\ntoskrnl.exe

Then you can change the boot screen. You'll need the special palete they use to see the image, it can be found/safely downloaded from http://www.thetechguide.com/howto/xpbootlogo/ scroll down, it's basically a manual.

 

 

 

hmmm. I have several versions of this file... none of which are in the systems folder...

Link to comment
Share on other sites

you should only have 1 ntoskrnl.exe and my bad it is in c:\windows\system32\ appologies.

 

Adaware thinks that the updated registry called Shell which now points to explorerNEW.exe is bad because it's loading an unoriginal explorer.exe which means it has the potential to be hacked one... you know, some guy writes a malicious explorerNEW.exe and sticks it into your computer and changes the registry to open his new 'bad' explorer, it's a potential hazard.

 

So yeah, adaware tries to delete the registry, which is dangerous, because if it succeeded then it would delete the registry telling windows to load explorer.exe

 

When I did the registry incorrectly it opened up My Computer (no desktop) from My Comp I just went to c:\windows\regedit.exe and fixed the registry manually, I then logged off by windows task manager > users > right click/log off on me, then log back on, no need for a reboot.

Link to comment
Share on other sites

so im kinda curious about this.... i think ive figured out how to change pictures and the "start" text for example. then when i go to close it it asks if id like it to save. should i save as a new file, or save it as explorer, but just back up the old one? or something else?

 

 

does it even let you mess with that while explorer is running? O.o

Link to comment
Share on other sites

so im kinda curious about this.... i think ive figured out how to change pictures and the "start" text for example. then when i go to close it it asks if id like it to save. should i save as a new file' date=' or save it as explorer, but just back up the old one? or something else?

 

 

does it even let you mess with that while explorer is running? O.o[/quote']

 

you should back up the explorer.exe file, same name, but store it somewhere else on the harddrive... I think that's what the website said.

 

you should only have 1 ntoskrnl.exe and my bad it is in c:\windows\system32[/b']\ appologies.

 

see for yourself....

 

search.jpg

Link to comment
Share on other sites

wait... you mean you named the new file "explorer.exe" , after you changed the start menu name with res hacker? You have to come up with a new name, save it, then redirect the source file of the start menu using the system registry.

Link to comment
Share on other sites

Yeah, it is. There's a couple ways, you can either use the task manager to kill explorer.exe, then use the rec. hacker to save a new version, and start a new instance of explorer.exe... or you can follow the directions on the link above to change the actual shell file (exe) loaded. I like the second option myself.

 

Anyways, those are the only two ways I know of, but there are probably a bunch more out there.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.