Interesting simple script I wrote today to cause a computer to stop booting. When run the operating system will not load, the issue is easily reversed with a boot cd of any kind. Why would I ever want to do this you might ask. Simple I used it at the request of an employer. The boss had requested a way to see exactly what a user was doing on his work computer without a chance to clean it up. I used kaseya to push this script down and a few min later I got a call from the user saying his computer crashed. I told him to send it to IT and he did. I got the computer, renamed the file and turned it over to the boss so he could see what he wanted. He was let go a few hours later.
More or less what we are doing is renaming ntdetect.com to ntdetect.bak. When the computer reboots it will loop until you rename the file back by boot disk like bart pe.
[ad]
Script Description: Causes the computer to stop booting until a file is renamed.
IF True
THEN
Execute Shell Command
Parameter 1 : attrib -H -R -S c:ntdetect.com
Parameter 2 : 0
OS Type : 0
Execute Shell Command
Parameter 1 : rename c:ntdetect.com ntdetect.bak
Parameter 2 : 0
OS Type : 0
ELSE
This can also be used in a batch file:
rename c:ntdetect.com ntdetect.bak
Shutdown -r -f -t 0
Could be useful for trying to recover stolen computers, data from soon to be fired employees (not giving them the chance to delete things). Or recovering a computer to investigation. You can also use it as an excuse to go visit that cute new secretary…
[ad]