Hacking Windows TrustedInstaller (GOD MODE)

แชร์
ฝัง
  • เผยแพร่เมื่อ 20 พ.ย. 2024

ความคิดเห็น • 1K

  • @_JohnHammond
    @_JohnHammond  4 หลายเดือนก่อน +147

    James Forshaw's blog: www.tiraniddo.dev/2017/08/the-art-of-becoming-trustedinstaller.html
    I love seeing the sentiment for "just run Linux", or "just boot into Safe Mode", or "just attach a recovery USB", etc., but I think in the case of leveraging this for a penetration test, red team engagement, or offensive security work, if it is a remote Windows target (where you can't change the OS or have physical access) you have to live off the land and the constraints of the environment. This process should be valuable when you've got initial access, escalated privileges, and can do further post-exploitation to do damage or set up some sneaky persistence -- you can't as easily make changes, but you can sure as hell run PowerShell code. Just an option and one of many ways to skin a cat :)

    • @daanmageddon
      @daanmageddon 4 หลายเดือนก่อน +3

      Cheers, was checking the comments for the link, wanna check it out myself and get some more context. Maybe pin it to the top (atm its somewhere down your own page)?
      Great vid, cheers man.

    • @_JohnHammond
      @_JohnHammond  4 หลายเดือนก่อน +6

      @@daanmageddon Hmmm, it should be a pinned comment, and is now in the description -- sorry I hadn't had it there earlier! Thanks so much for watching! 💙

    • @boltez6507
      @boltez6507 4 หลายเดือนก่อน +3

      Challenge for you, try disabling the delivery optimization service without touching the registry.
      (i don't know about windows 11 but its pretty tough on windows 10).

    • @ReligionAndMaterialismDebunked
      @ReligionAndMaterialismDebunked 4 หลายเดือนก่อน

      :3 Shalom.

    • @ReligionAndMaterialismDebunked
      @ReligionAndMaterialismDebunked 4 หลายเดือนก่อน

      :3 Reddit is thankfully just 200+ million Google Play downloads for how toxic it gets. Cesspool, indeed. I almost entirely avoid using it. A lot of inaccurate info, down voting anything they don't like, getting banned by groups easily, far-left cancer, far-right cancer, etc.

  • @dirtnoise0
    @dirtnoise0 4 หลายเดือนก่อน +1871

    I've bricked my vm windows install 3 times this year since I found this channel, excellent video!!

    • @vidal9747
      @vidal9747 4 หลายเดือนก่อน +197

      If you use Linux, it is easier to brick your system! Give it a try lol.

    • @joselozano7585
      @joselozano7585 4 หลายเดือนก่อน +8

    • @Haydatsanime
      @Haydatsanime 4 หลายเดือนก่อน

      ​@@vidal9747this is the way

    • @ChrisWijtmans
      @ChrisWijtmans 4 หลายเดือนก่อน

      @@vidal9747 its also easier to fix.

    • @Corteum
      @Corteum 4 หลายเดือนก่อน +35

      @@vidal9747 If your'e bricking anything, then you just dont know wtf youre doing isnt it lol

  • @petersmythe6462
    @petersmythe6462 4 หลายเดือนก่อน +1621

    User: "can I uninstall Edge?"
    Windows: "absolutely not."
    User: "can I uninstall the Kernal"
    Linux: "Let's find out!"

    • @bluelinden
      @bluelinden 4 หลายเดือนก่อน +250

      linux, afterward: "Welcome to systemd emergency mode!"

    • @KCKingcollin
      @KCKingcollin 4 หลายเดือนก่อน +77

      I want to like this fun and interesting content about getting back control of Windows, but at the same time I just see this as a bunch of BS steps to get around something that shouldn't have been in the way in the first place, it's so hard to be unbiased about OSs when Windows is this bad lol

    • @SleepTime-Dark
      @SleepTime-Dark 4 หลายเดือนก่อน +125

      ​@@bluelindenSystemd? More like grub recovery shell!

    • @SleepTime-Dark
      @SleepTime-Dark 4 หลายเดือนก่อน +81

      ​@@KCKingcollinIt's incredibly that in old machines, Linux LITERALLY GIVE YOU PERMISSION to destroy the BIOS of the system, that's how powerful it is.

    • @KCKingcollin
      @KCKingcollin 4 หลายเดือนก่อน +15

      @@SleepTime-Dark That's actually something I didn't know, that's kinda cool, but also sounds dangerous lmao

  • @maxmyzer9172
    @maxmyzer9172 4 หลายเดือนก่อน +323

    3:06 what stackoverflow is like now -
    Q: "How do I do X"
    A: "Why would you do that? dont do that." (if your lucky they give an alternative)
    What it should be: "You *can* do that by doing this, but you this is the better way"

    • @artemisDev
      @artemisDev 4 หลายเดือนก่อน +45

      The problem is the commenters don't know how to do it themselves. And if they don't know something, no one should do that, right? ; )

    • @elijahjflowers
      @elijahjflowers 4 หลายเดือนก่อน +5

      gpt for the win | in this case

    • @boltez6507
      @boltez6507 4 หลายเดือนก่อน +38

      @@elijahjflowers GPT is only good for surface level stuff,i.e. questions that are already answered somewhere on the internet.
      It's basically useless for any questions that aren't in some way already answered.

    • @BillAnt
      @BillAnt 4 หลายเดือนก่อน

      ​@@boltez6507 - GPT = a web-scraper mostly from Wikipedia, which you could do yourself in seconds with better focus. lol

    • @LuizDahoraavida
      @LuizDahoraavida 4 หลายเดือนก่อน +5

      That's known as a X Y problem

  • @itzspiro6047
    @itzspiro6047 4 หลายเดือนก่อน +405

    Now imagine deleting every single internet application apart from teamviewer and anydesk and calling tech scam call centers.

    • @Nekomosh004
      @Nekomosh004 4 หลายเดือนก่อน +13

      Amazing idea 😆

    • @korekd6524
      @korekd6524 4 หลายเดือนก่อน +23

      That shit would be hilarious

    • @real_Hinoe
      @real_Hinoe 4 หลายเดือนก่อน +14

      we do a little trolling

    • @AjarnSpencer
      @AjarnSpencer 4 หลายเดือนก่อน +3

      why imagine when you can do?

    • @itzspiro6047
      @itzspiro6047 4 หลายเดือนก่อน +12

      @@AjarnSpencer because I do not have the time, skill or patience to do it.

  • @EricParker
    @EricParker 4 หลายเดือนก่อน +396

    Reminds me of how on XP you could actually become System, complete with XP startmenu identifying as system.

    • @HoneypawsModsDE
      @HoneypawsModsDE 4 หลายเดือนก่อน +33

      Windows XP were the golden days of computers... I still have a VM on my PC where Windows XP Professional 64-Bit is installed... I even copy-pasted the Pinball Game into Windows 10 AND IT STILL WORKS despite being soooo goddamn old...
      Also, you make great videos, i love them ❤

    • @addas4
      @addas4 4 หลายเดือนก่อน +25

      This to this date can happen if you run explorer.exe as TI or "NT Authority\System"
      I think he didn't GUI of notepad.exe on 13:28 because he wasn't running explorer.exe as "NT Authority\System" (He ran privileged command prompt from Sysinternals as System)

    • @kipchickensout
      @kipchickensout 4 หลายเดือนก่อน +7

      I didn't know that :o
      Man I *just* came here after watching one of your videos xd

    • @kipchickensout
      @kipchickensout 4 หลายเดือนก่อน +8

      @@HoneypawsModsDE I think they just scrapped it because they couldn't make it run native x64 in time and didn't want to use WoW64 🤔 One beauty of Windows, the backwards compatibility

    • @_JohnHammond
      @_JohnHammond  4 หลายเดือนก่อน +53

      Great to see you here Eric, I have been loving all your recent videos! 😁

  • @MisterDevel
    @MisterDevel 4 หลายเดือนก่อน +600

    Redditors are so aggressive about being wrong that it's quite comical.

    • @nullifier_
      @nullifier_ 4 หลายเดือนก่อน +94

      the single worst thing about reddit is that you get suggestions and advice instead of answers when you come there with a question. I DO NOT ASK HOW BIG IS THE ROOM I SAID "I CAST FIREBALL"

    • @Klaus293
      @Klaus293 4 หลายเดือนก่อน +20

      I found Reddit to be an absolutely creepy place. Tried it for a short while…nope, not for me.

    • @KK-eg3em
      @KK-eg3em 4 หลายเดือนก่อน +12

      Reddit is a hivemind of group think. You made a great decision.

    • @lemau8458
      @lemau8458 4 หลายเดือนก่อน +29

      The entirety of the site is like that, everybody thinks they know everything and are aggressive as shit about everything. That's why I stopped using it.

    • @NoshLambeaux
      @NoshLambeaux 4 หลายเดือนก่อน +1

      Classic behavior.

  • @CyberDevilSec
    @CyberDevilSec 4 หลายเดือนก่อน +20

    Every single time i watch Jhon Hammond i look at myself and say :
    I'm a noob in IT even though i was that strange kid that was obsessed over computers out of curiosity.
    I was the only kid who hacked my school and sold wifi passwords for admin privilege at my first year of high-school.
    I fixed my first laptop (from a friend) replacement with hardware when i was 11 but yet Jhon Hammond reminds me the learning curve in IT is ENDLESS!
    *GOD I LOVE THE ENDLESS LEARNING*

  • @H3_remix
    @H3_remix 4 หลายเดือนก่อน +40

    I really enjoyed the way you broke this problem down. Add this to the list of follies that is Windows OS. Once Linux is fully able to boot whatever games I want I will fully drop windows. It’s so annoying to have to jump through so many hoops to delete programs from your own PC.

    • @akosv96
      @akosv96 4 หลายเดือนก่อน +4

      The fact that this is denied by Microsoft as a vulnerability, instead they call it "normal behavior" raises all kinds of red flags to me.
      Not that Windows in itself wasn't one huge backdoor already... for all that matters I cannot check for myself as the OS is proprietary.
      Fixing this exploit would probably put a lot of "cheap and easy" backdoors out of service as privileges would work much better.

    • @revival_of_the_canned_justice
      @revival_of_the_canned_justice 4 หลายเดือนก่อน +5

      I will only switch to Linux when le terminal™ is no longer used for everything (even the most basic thing), but that will never happen, which is bad because the only good thing it currently does is shutting down in less than a minute

    • @friker9236
      @friker9236 3 หลายเดือนก่อน +5

      @@revival_of_the_canned_justiceThat is incorrect, you can do everything without using terminal.

    • @amongsussyballs
      @amongsussyballs 3 หลายเดือนก่อน +1

      @@revival_of_the_canned_justice have u actually tried linux

    • @orngjce223
      @orngjce223 3 หลายเดือนก่อน +5

      Steam's work on Proton has greatly enhanced game compatibility on Linux in the past few years; if you last checked for compatibility before the release of the Steam Deck it may be worth taking another look.

  • @gacekkosmatek
    @gacekkosmatek 4 หลายเดือนก่อน +106

    There is a plugin for Process Hacker which allows you to start any process with TrustedInstaller permissions and even run GUI apps like cmd.

    • @Mavendow
      @Mavendow 4 หลายเดือนก่อน +2

      PSExec can do it via command line.

    • @JBSbass
      @JBSbass 4 หลายเดือนก่อน +9

      @@HEXiT_ triggering a dumb AV program is simply an elevated permission state. Get your plugin from the dev and you can turn AV off and just use MB's who are more than aware of Process Hacker.
      Anyone with a modern PC should be using a VM to run Process Hacker on first anyway and if you aren't already then you haven't learnt that lesson yet.
      Image your OS into a VM, test and then decide. Only kids run exe's or scripts on their gaming machines.

    • @NameThievery
      @NameThievery 4 หลายเดือนก่อน +3

      cmd is the exact opposite of a GUI app. It's descended of MS-DOS and was the equivalent of a Linux shell or...whatever BSD derived thing iFruit computers use. You have limited scripting and access to MS-DOS operating system executables like COPY, DELETE, etc.
      Up to Windows 98, in fact, MS-DOS, or that same command prompt, bootstrapped Windows, and there were MS-DOS configuration files for Windows that probably caused a lot of headache for Microsoft, leading to what has been a slow, slow move away from it, starting with XP.
      It remains as a useful artifact of the past, but if you use Windows Terminal in Windows today, the default tab will be a Powershell prompt.
      Anyway, GUI stands for "Graphical User Interface."

    • @IsaacShoebottom
      @IsaacShoebottom 4 หลายเดือนก่อน

      ​@@NameThievery CMD by default opens as a terminal emulator and a shell. A terminal emulator is a GUI app. CMD is a GUI app.

    • @LitheInLitotes
      @LitheInLitotes 4 หลายเดือนก่อน +1

      ​@@HEXiT_ that could be said of anything. Stuff the fear mongering. Windows is literally spyware

  • @NameThievery
    @NameThievery 4 หลายเดือนก่อน +10

    Fixing the family computer when my dad broke it when I was a kid is what started my hacking journey and a lifelong love of computers. Break all the things!

    • @Padgriffin
      @Padgriffin 4 หลายเดือนก่อน +1

      Mine was breaking my dad’s XP install on his laptop by writing batch files and him making me fix it lol

  • @dunngunkadoid
    @dunngunkadoid 4 หลายเดือนก่อน +13

    I barely use that joke of a website but every time I've had to because there was no other option, 99% of my experience from reddit has been almost exactly what you showed in the video. Armchair redditors answering everything besides the question you're asking and in the most condescending way possible. I unironically have more competent conversations with people on /b/ than anywhere I've been forced to go on reddit.
    Great video btw

    • @KennethKrueger-p4i
      @KennethKrueger-p4i 24 วันที่ผ่านมา

      Ublacklist lets you remove reddit or any other crap from coming up in searches.

  • @xxlibarat0rxx280
    @xxlibarat0rxx280 4 หลายเดือนก่อน +75

    Amazing how people on Reddit will just bash you over and over for asking a simple question, on a tech forum nonetheless. Absolutely ridiculous behavior from these people

    • @Hoplixus
      @Hoplixus 4 หลายเดือนก่อน +5

      Do you know a place where poeple are not like that ?

    • @YTDeletes90PercentOfMyComments
      @YTDeletes90PercentOfMyComments 4 หลายเดือนก่อน

      They're fake idiots farming karma. None of them would exist on a real hacking forum.

    • @throwaway6478
      @throwaway6478 4 หลายเดือนก่อน +24

      To be completely fair, the number of people I've seen complaining "hurr durr winblows bad because something broke while i was randomly changing registry values/acls/system files" over the decades suggests there is a huge number of Dunning-Krugers out there who really have no idea what they're doing.
      Feel free to run out in the middle of the highway and play in the traffic, but don't expect me to help you.

    • @laljaka
      @laljaka 4 หลายเดือนก่อน

      @@throwaway6478 I'll help you play in the middle of a highway :)

    • @kintustis
      @kintustis 4 หลายเดือนก่อน

      sounds like rtfm neckbeards

  • @TinyDeskEngineer
    @TinyDeskEngineer 4 หลายเดือนก่อน +13

    "You have unlocked god mode."
    "For more information on this issue..."

  • @leventekovacs1441
    @leventekovacs1441 4 หลายเดือนก่อน +126

    Guess what, recently Windows started harassing me with the win11 update by installing a program called RUXIM, and every time i deleted it windows just installed it back. So i changed the privilige from system to me, and i denied write access for system :d

    • @leventekovacs1441
      @leventekovacs1441 4 หลายเดือนก่อน +48

      I actually pulled an uno revers card on the system. " If I can't touch your files, then you can't touch mine"

    • @Corteum
      @Corteum 4 หลายเดือนก่อน +33

      Yes. Ruximics exe > Properties > Security tab > Advanced > Change Owner (from SYSTEM or TrustedInstaller to your user name) > Apply > Edit permissions > Deny ALL

    • @Mario583a
      @Mario583a 4 หลายเดือนก่อน +3

      So... let me get this straight: RUXIM helps keep Windows updated and performing well by scheduling and delivering necessary updates.. Why delet?

    • @virgo113
      @virgo113 4 หลายเดือนก่อน

      It doesn't do that. It pesters you to upgrade to 11. wuauclt.exe along with several other binaries handles system patches.

    • @itsarian.
      @itsarian. 4 หลายเดือนก่อน

      ​@@Mario583aaverage reddit comment

  • @stamdar1
    @stamdar1 4 หลายเดือนก่อน +12

    13:45 Notepad.exe is not a service binary.
    "Service binaries are different in the sense that they must “check in” to the service control manager (SCM) and if it doesn’t, it will exit execution."
    -specterops, Offensive Lateral Movement

  • @HopliteSecurity
    @HopliteSecurity 4 หลายเดือนก่อน +20

    Whoa, this was a great video with some even better enthusiasm!
    Thanks for sharing this, I learned several new things and I have some new ideas for setting up security policies around the trusted installer or attempts to a abuse it. 🙏🙏🙏🔥🔥🔥

  • @byteafterlife
    @byteafterlife 4 หลายเดือนก่อน +245

    In other words, removing bloatware with the equivalent of Linux sudo

    • @ilekpilek
      @ilekpilek 4 หลายเดือนก่อน +4

      fr hahaha

    • @generalfishcake
      @generalfishcake 4 หลายเดือนก่อน +14

      Or delete the windows stuff through a secondary Linux os

    • @Alfred-Neuman
      @Alfred-Neuman 4 หลายเดือนก่อน +21

      I'm pretty sure it could also be used by a malicious software to remove the current antivirus and then install itself as TrustedInstaller to incrust itself into the system... Even better would be to replace the AV by a fake one so it takes more time for the user suspect anything wrong.

    • @Lofote
      @Lofote 4 หลายเดือนก่อน +1

      You can remove that stuff without such tricks in official ways you know.

    • @Lofote
      @Lofote 4 หลายเดือนก่อน +6

      @@Alfred-Neuman You don't need TrustedInstaller for that. An administrator can set the AV program without any additional rights. In fact every AV installer does this: register itself as the main antivirus program by setting a simple key in the registry, that is writeable by an admin.

  • @giganetom
    @giganetom 4 หลายเดือนก่อน +67

    Hahaha, this thumbnail aged like fine wine :D

    • @ghfgh_
      @ghfgh_ 4 หลายเดือนก่อน +4

      How it was uploaded 8 days ago it doesn’t have time to age

    • @poatatoooo
      @poatatoooo 3 หลายเดือนก่อน +3

      Wait i dont get it

    • @Plane_Person
      @Plane_Person 3 หลายเดือนก่อน

      ?

    • @SteveQuizal-l9g
      @SteveQuizal-l9g 17 วันที่ผ่านมา

      FyViRS6000mosixwablEatSDineroRobertsWaiDioReilyJSubJoustesPerAnt0!!

  • @rocco.uploads
    @rocco.uploads หลายเดือนก่อน

    I absolutely love how cool this is and how much work went into this when you can just change the owner and delete the folder all within the Security tab 🤣🤣
    You do amazing work John, it's always a pleasure to see your videos or guest appearances with others, keep it up 🔥🔥💪
    (I also hope TH-cam doesn't come for you for mentioning TrustedInstaller like they did with Enderman... 😶🤫)

  • @roboverholt9959
    @roboverholt9959 4 หลายเดือนก่อน +19

    I was on the path to be a programmer, but I got kicked out of computer science in high school for getting caught having full access to the hd, bypassing the name/password.. I didn't keep up with it. I became a musician for the last 25 years and became really good at that, realizing now, If i would have continued my computer programming path, I'd be smart enough to follow all of this video, but now it's over my head.. lol.. The way he talks as if it's obvious to do this and that.. Shake my head and smile, the world is in the hands of people far smarter than I ... :)

    • @MattExzy
      @MattExzy 4 หลายเดือนก่อน +5

      That reminds me, but not as technical... I forget how I did it, but late 90s high school computer class, I made the login window on NT 4.0 show up as porn. On all 30 computers in the lab. I was on the shitlist from then on.

    • @roboverholt9959
      @roboverholt9959 4 หลายเดือนก่อน +5

      @@MattExzy I also guessed a student in another classes password, but they thought I hacked everyone's, so they made an announcement that everyone including the teachers all had to change their passwords... lol I told them the truth but they didn't believe me..

    • @LabelsAreMeaningless
      @LabelsAreMeaningless 3 หลายเดือนก่อน

      It's not about being smarter, it's about taking the time to learn. Your choice if you do it or not. Sometimes it's harder for intelligent people to learn things because they're not used to hitting barriers/hurdles, so the moment they do they simply stop. Those who are used to struggling often get further because to them hurdles are the norm.

    • @noanyobiseniss7462
      @noanyobiseniss7462 3 หลายเดือนก่อน +1

      @@roboverholt9959 In college I was not happy that they would not give me privileges on the lab computer I worked on (6 months from my CE) and thought a simple boot locker was sufficient to secure the systems so as a joke I accessed the boot locker and turned on the screen saver function and used "Micheal Angelo at Work !!!" as the bouncing text and came back the next monday to find out they had low level formatted all the internal systems at the school! LOL what a bunch of idiots.

    • @noanyobiseniss7462
      @noanyobiseniss7462 3 หลายเดือนก่อน +1

      @@LabelsAreMeaningless Its more difficult for more intelligent people to learn things that do not adhere to logic such as languages. When contradictory information just boils down to rote memorization the more intelligent among us will go off on tangents to find out why and how to fix the problem rather than just memorizing and moving on. And when they figure out how to fix the problem they will find out they are running into entrenched established institutional monoliths that will fight them tooth and nail rather than admit any wrong which is the first step to addressing change.

  • @KeritechElectronics
    @KeritechElectronics 4 หลายเดือนก่อน +3

    "...for I have become TrustedInstaller, destroyer of Windows."
    --Barbara Millicent Roberts-Oppenheimer

  • @bastintripletroubleboys2101
    @bastintripletroubleboys2101 4 หลายเดือนก่อน +3

    As admin you can take ownership of the folder and then remove "Trusted installer" from the permissions, add yourself as full control and then delete the folder. Alternatively I removed trusted installer as a user from the local account, which breaks all the permissions, you can then take ownership of the whole drive, obviously this is a massive security risk though. This was on the first release of windows 10, this may be harder or impossible now. The other thing this does is prevents the os from doing updates as it no longer has permission to save updates to the staging folder it uses, so if you want an update you need to do it yourself

  • @NathanOsman
    @NathanOsman 4 หลายเดือนก่อน +6

    The reason you're getting the error when setting binpath for the service is because there are certain requirements for executables designed to operate as Windows services, one of which is to respond to queries from the service control manager. Obviously tools that aren't designed this way (like cmd.exe) don't respond and the service control manager thinks "this service is not responding and didn't start correctly." The reason you still see the executable being run is due to a small timeout that the service control manager uses to wait for the service to initialize.
    The reason you can't see graphical applications like notepad is because services don't run under the local user session and don't have access to the desktop.

  • @VIVEVIEV
    @VIVEVIEV 4 หลายเดือนก่อน +7

    It’s seems like every new video John’s hair grows larger and flows further up and to the left maybe one day it will look like Johnny Bravo’s

    • @Mario583a
      @Mario583a 4 หลายเดือนก่อน

      Last I checked, Johnny Bravo did not have a beard nor a mustache.
      Edit: I doubt Mr. Hammond will shave them off.

    • @VIVEVIEV
      @VIVEVIEV 4 หลายเดือนก่อน

      @@Mario583a​​⁠meant more the height of his hair

  • @hgbugalou
    @hgbugalou 4 หลายเดือนก่อน +40

    You should be able to run a GUI app, you just need to flag the service to interact with the desktop. It's been a while since I have messed with with, but its an option for launching a service somewhere.

    • @stanislavpetkov7408
      @stanislavpetkov7408 4 หลายเดือนก่อน +8

      You can not do this past windows xp (early 7). Session 0, can not have window (CreateWindow does not work)

    • @kipchickensout
      @kipchickensout 4 หลายเดือนก่อน

      @@stanislavpetkov7408 Yeah I think I wanted to have a gui app run as a service in win10 and was sad after my research

    • @shantilkhadatkar1195
      @shantilkhadatkar1195 4 หลายเดือนก่อน

      I think I saw a video of enderman just doing that. Gui apps all worked except for explorer.exe if I remember correctly

    • @Lofote
      @Lofote 4 หลายเดือนก่อน +1

      It was possible in NT4 and 2000, because there the interactive user was on window station session 0. THis is now randomized and so this was intentionally killed.

    • @hgbugalou
      @hgbugalou 4 หลายเดือนก่อน

      @@Lofote really? I could have swore I have done it in XP and Win7 back in the day.

  • @SebastianTheNovice
    @SebastianTheNovice 4 หลายเดือนก่อน +4

    It might also be worthwhile noting that any process run in "Session 0" will always result be in a non-gui context. AFAIK "most" services are run as Session 0 meaning they will never have a GUI to interact with.

  • @AlexLP_YT
    @AlexLP_YT หลายเดือนก่อน +3

    With windows you use the OS with linux,you *own* the OS

  • @RAZR_Channel
    @RAZR_Channel 4 หลายเดือนก่อน +1

    "It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error." - HAL 9000...

  • @fellipec
    @fellipec 4 หลายเดือนก่อน +5

    So MS trying to transform Windows in a smartphone again and locking the admin from his own files. Miss the old days of NT4 where being part of Administrator's group already gave you all this, like Dave Cutler wanted.

  • @diskgrind3410
    @diskgrind3410 4 หลายเดือนก่อน

    Love watching CMD - powershell users. This is way above my pay grade, but I love peaking behind the curtain.

  • @乂
    @乂 4 หลายเดือนก่อน +9

    Great video, very informative! Thanks for sharing your knowledge!

    • @EpicNoobx
      @EpicNoobx 4 หลายเดือนก่อน +3

      get out

    • @zer0synd1cate
      @zer0synd1cate 2 หลายเดือนก่อน

      thank you chatgpt

  • @djchaznyc7709
    @djchaznyc7709 4 หลายเดือนก่อน

    Here specifically to spite TH-cam not letting you get ad dollars on this. Great content as always. It's a nice break from my web app pentest studies

    • @MrChrisRP
      @MrChrisRP 4 หลายเดือนก่อน

      Penetration testing doesn't matter when you give away the credentials or other valuable information directly in the software. Keep it in mind and keep on keeping on. Best to ya.

    • @djchaznyc7709
      @djchaznyc7709 4 หลายเดือนก่อน +2

      @@MrChrisRP I appreciate that got a code injection that allowed me to etc/passed the other night and it made me extatic

  • @mikami5799
    @mikami5799 4 หลายเดือนก่อน +2

    I thought this is today’s video, you actually time travelled!

  • @stanislavsmetanin1307
    @stanislavsmetanin1307 3 หลายเดือนก่อน

    Always something to learn. Great job, John. Thx.

  • @mrfriendly9956
    @mrfriendly9956 4 หลายเดือนก่อน +2

    Always fun John, thanks!

  • @AlphactoryAT
    @AlphactoryAT 4 หลายเดือนก่อน

    I did a lot of this research a few years ago and got stuck where you were at like 12:45. This is awesome, seeing the next steps I could never quite get. Will be removing windows defender from my computer as soon as I get home

  • @CoenBijpost
    @CoenBijpost 4 หลายเดือนก่อน +8

    That thumbnail was kind of prophetic, it seems 😂

    • @NoahHornberger
      @NoahHornberger 4 หลายเดือนก่อน

      a bored guy at crowd strike followed the tutorial, I suppose

  • @chapol8573
    @chapol8573 4 หลายเดือนก่อน

    Great. Had some issues with TI and at the end I forced to reinstall windoes but the path for beging forced to delete my windows was actually educative.

  • @dahahaka
    @dahahaka 4 หลายเดือนก่อน +2

    14:00 notepad isn't showing up because services are started in Session 0, it's a special windows session (like being logged in as another user that would also be a different session), you can even see it in process explorer :)

  • @LadysMan217
    @LadysMan217 2 หลายเดือนก่อน

    This a comment about the responses to the reddit posts in the video. It is more of an anecdote, really. The year was 1992 and my parents surprised me by giving me my own pc. It was by all means barebones, even in those days. It was a AMD 80386DX 40 mhz with 4mb of RAM. There was no sound card or CD-ROM. And of course no modem or network. And the hdd was only 120 MB. My dad being the computer guru he was, had setup MS-DOS 6.0 and Windows 3.1 along with a carefully selected Word processor ( my teachers at the time were very leary of me wanting to type out my assignments on a computer. So my dad heard out their concerns and chose a very basic wysiwyg word processor - dos based, of course). My dad also installed a menu frontend and passworded it. I couldn't exit or use the only game on the system ( a shareware copy of Tank Wars) without it. I also could not access the command prompt or windows. But.... Guess what.... It took all of two minutes to break out of the menu front end. Lol. So I began exploring my new PC. Back then security was pretty non-existent in windows. So my explorations pretty quickly made windows start malfunctioning. It started doing weird things.... Clicking any icon to open it in program manager would cause the program icon to duplicate. Things like that. I did not know what I was doing.... Any ways, things kept going like this, and my dad ended up having to reinstall dos and windows several times, until he told me if I screwed up my system again, then that was it. Naturally, being 12, I ignored him and his attempts at locking things down even further. I ended up with a big pc sized paper weight for 6 months. Then my mom finally got involved. She convinced my dad to make a copy of the dos and windows disk ( three dos floppy's, and 6 windows floppies) and gave them to me. He told me that if I screwed up the floppies, then that really was the last time, and he would even take the PC away. I didn't screw those up. But I did end up reinstalling the os multiple times before too long. Eventually it got to where I only screwed things up and needed a reinstall maybe once a year. These days the interval is much longer. Anyways.... Some people learn by doing. No amount of warning or telling will do any good. I think the poster asking about how to become a trusted installer just needed to experience his mistakes to learn that he shouldnt do that. And if he needed to reinstall Windows as part of the process, the isnt that just a part of the process? FYI... I would have posted this on the the reddit, but the thread was locked.

  • @thegameraudi3687
    @thegameraudi3687 4 หลายเดือนก่อน +5

    0:39 you could use iobit unlocker and unlock and delete it

    • @cb9781
      @cb9781 หลายเดือนก่อน

      I like plain old simple unlocker. Iobit software with all their boosters and stuff feels like something that might end up on a ctf machine because it has a vulnerable service.

  • @DaVince21
    @DaVince21 4 หลายเดือนก่อน

    Love how the NTAPI undocumented functions website looks like an old school help file!

  • @cram000
    @cram000 4 หลายเดือนก่อน +5

    so it was you

  • @mabenReal
    @mabenReal 4 หลายเดือนก่อน +1

    why was this so fun to leave on the background

  • @bohs2000
    @bohs2000 4 หลายเดือนก่อน +62

    this thumbnail has not aged well 🤣

    • @CoenBijpost
      @CoenBijpost 4 หลายเดือนก่อน +5

      Or amazingly well!

    • @WarLightning042
      @WarLightning042 4 หลายเดือนก่อน

      what happened? I've been living under a rock.

    • @saltysalt397
      @saltysalt397 4 หลายเดือนก่อน

      @@WarLightning042watch his most recent video

    • @bjangles8718
      @bjangles8718 4 หลายเดือนก่อน +5

      Global computer/server outages due to solar winds endpoint security update causing BSOD on all windows machines it was pulled to. Hospitals, airlines and other critical infrastructure affected worldwide

    • @khalidck17
      @khalidck17 4 หลายเดือนก่อน

      Crowdstrike not solar winds​@@bjangles8718

  • @TuruMas-b3r
    @TuruMas-b3r 4 หลายเดือนก่อน +1

    Finally you upload John

  • @MotFPS
    @MotFPS 4 หลายเดือนก่อน +5

    reddit used to be a cool place to get help and meet great people. Today it's complete garbage, highly politicized, and just down right filled with wrong information. I miss old reddit before mods ruined the site.

  • @christopherclea1
    @christopherclea1 4 หลายเดือนก่อน +2

    Cool video I always wanted info on Trusted Installer.

  • @spicybaguette7706
    @spicybaguette7706 4 หลายเดือนก่อน +13

    Windows: "Noooo you can't uninstall critical software it will brick your installation noooo!!!"
    Linux: "Hahah rm -rf / go brrrrr"

    • @revival_of_the_canned_justice
      @revival_of_the_canned_justice 4 หลายเดือนก่อน +1

      The only reason anyone would type that is if the FBI came knocking on your doors (that says a lot about you guys, honestly 🤨)

    • @surr3ald3sign
      @surr3ald3sign 3 หลายเดือนก่อน

      ​@@revival_of_the_canned_justiceits called a joke bruh 😐 its funny because WE all understand that unlike you apparently

    • @revival_of_the_canned_justice
      @revival_of_the_canned_justice 3 หลายเดือนก่อน

      @@surr3ald3sign I know what it does, you fanboy

    • @Rockethead293
      @Rockethead293 2 หลายเดือนก่อน

      ​@@revival_of_the_canned_justice they were talking about what a joke is not rm rf you unfilled water bottle

  • @privatechannel1272
    @privatechannel1272 4 หลายเดือนก่อน +4

    There are also the "Network Service" and "Loacl Service" users, I saw that some of my services were running at those "accounts", so what are those?

    • @haraberu
      @haraberu 4 หลายเดือนก่อน +4

      "SYSTEM" has full admin privileges
      "Local Service" has privileges similar to a regular non-admin user
      "Network Service" has the same privileges as "Local Service" but it can use the computer's identity. This one is a bit complex:
      First off, if there is no central password management server, "Local Service" and "Network Service" are the same. Otherwise...
      Assuming...
      * You're in a university with an "Active Directory Domain Controller" server that manages the users and passwords for the entire network
      * There's a shared network folder Z:\
      * You are logged on as user "Steve" on the PC "Library-01"
      Then...
      * GUI programs on the desktop will access the shared folder as "Steve"
      * "Local Service" will try to access the shared folder as a guest with no password
      * "Network Service" will access the shared folder as "Library-01$"
      Hope this makes sense.

    • @privatechannel1272
      @privatechannel1272 4 หลายเดือนก่อน

      @@haraberu Thanks for the explanation 😛 Even though I didn't understand 50% of it the first time I read it, but I quess these "accounts" just exist because some software requires these special properties to work.

  • @owlsmol
    @owlsmol 4 หลายเดือนก่อน

    yeah I noticed. I WAS expecting a seperate video but this is perfect. Thanks.

    • @Margen67
      @Margen67 4 หลายเดือนก่อน

      Owls need HUGS

    • @owlsmol
      @owlsmol 4 หลายเดือนก่อน +1

      @@Margen67 Indeed. :D

  • @boltez6507
    @boltez6507 4 หลายเดือนก่อน +3

    Challenge for you, try disabling the delivery optimization service without touching the registry.
    (i don't know about windows 11 but its pretty tough on windows 10).
    Also I don't even know why it can't be disabled even after taking ownership of its parent service i.e. the infamous svhost.

  •  3 หลายเดือนก่อน

    "King Osirus" ->Great Observation and Reporting.

  • @n-i-n-o
    @n-i-n-o 4 หลายเดือนก่อน +4

    Or just run NSudo and run the process with TI priv

  • @johndafuni
    @johndafuni 4 หลายเดือนก่อน

    THANKS FOR TEACHING ME THIS POWER, FELLOW JOHN!!

  • @M4N14C4L
    @M4N14C4L 4 หลายเดือนก่อน +34

    it's your fault, wasn't it john?

    • @Jxhsxn
      @Jxhsxn 4 หลายเดือนก่อน +2

      why do i keep seeing these comments?? i dont get it

    • @rqxk
      @rqxk 4 หลายเดือนก่อน +3

      @@Jxhsxn we know what you did.

    • @AdrianneDickenson
      @AdrianneDickenson 3 หลายเดือนก่อน +1

      @@Jxhsxnidk but based on the user of the username of the commenter, it’s a bot. And for the person who replied to you, probably just a troll

    • @BenSmith-jw8zy
      @BenSmith-jw8zy 2 หลายเดือนก่อน

      i think im ben, not john smith in this tangent man...

  • @omegaprime516
    @omegaprime516 2 หลายเดือนก่อน

    Your voice is amazing. You would be killer in sales.

  • @KCKingcollin
    @KCKingcollin 4 หลายเดือนก่อน +6

    Meanwhile in Linux the root user is all powerful, and requires none of this weird working around

    • @SleepTime-Dark
      @SleepTime-Dark 4 หลายเดือนก่อน +1

      Yeah, any admin can just do "sudo su" and tad-dam! Full system acess granted, i can even delete Windows protected files mounted on Linux.

    • @Spiderfffun
      @Spiderfffun 4 หลายเดือนก่อน +2

      @@SleepTime-Dark any way i can use rm -rf to remove depression?

  • @timseguine2
    @timseguine2 4 หลายเดือนก่อน

    I actually used some of this one time. I had installed the SSD from my old laptop as a second drive in my new laptop. I had some large and important media on it so I didn't want to reformat it, because I didn't have enough spare diskspace to copy it to first. So figuring out how to dupe TrustedInstaller entries in the ACL was the only way to make the hard drive look like a normal secondary harddrive.

  • @privatechannel1272
    @privatechannel1272 4 หลายเดือนก่อน +4

    Does the SYSTEM and/or TrustedInstaller privilege thing run at the kernel level, or just a very high privilege level outside the kernel?
    2nd Question: Are all kernel drivers and other kernel software running *in the ntoskrnl.exe process* OR *outside the ntoskrnl.exe process* in a service or something?

    • @xorgfx-y4l
      @xorgfx-y4l 4 หลายเดือนก่อน +2

      for 1) trusted installer is just a dummy privilege used to own system files (think component store/winsxs and msstore) to prevent malicious modifications and accidental deletions. it isn't a security boundary and is unrelated to the kernel.
      ill leave 2 for someone with more expertise regarding the kernel.

    • @Mavendow
      @Mavendow 4 หลายเดือนก่อน +1

      Kernel mode drivers run in the same context as the kernel, and on windows, they generally use the native Windows API. But they do not necessarily need to interact with the OS. If they're launched via a UEFI bootstrapper they can technically run entirely platform independent. They can directly interact with hardware through interrupts, PCI lanes, and unvirtualized memory addresses. They don't _have_ to, but they can. Therefore, they're not resident in any specific process unless injected. They do often operate on Windows via svchost as a service, though, since this is a simple way to manage such low-level drivers. This is why the SC command is typically used to launch them. However, note that services and kernel mode drivers are not the same thing! The kernel mode driver has far less restrictive permissions. Therefore, the service needs to be specifically configured to launch such drivers in the proper context.

    • @privatechannel1272
      @privatechannel1272 4 หลายเดือนก่อน +1

      ​@@Mavendow Thank you for the VERY detailed explanation of the second question ❤
      I didn't know that drivers could be launched via a "UEFI bootstrapper". I thought that the only task for the BIOS/UEFI relating to the OS was to launch the "OS boot instruction code" (or BOOTMGR for the Windows OS), but from what I understood from your speech, there are other capabilities as well such as loading drivers.

    • @Mavendow
      @Mavendow 4 หลายเดือนก่อน

      ​@@privatechannel1272 Yes, this is how the LAN and USB works in some modern UEFIs. It would be a hassle to hardcode every individual motherboard's configuration. Drivers basically expose hardware properties to specific memory addresses that other firmware or software can hook, therefore a driver written without proprietary code can technically work in any context. Though, in the case of Windows, DLL/SYS itself is proprietary. More often these will be compiled as SO or shared objects.

    • @privatechannel1272
      @privatechannel1272 4 หลายเดือนก่อน

      @@xorgfx-y4l Thank you for clearing up my ignorance 👍

  • @sumedh-girish
    @sumedh-girish 2 หลายเดือนก่อน

    The smiling blue screen isn't real, it can't hurt you.
    *This thumbnail*

  • @saumyacow4435
    @saumyacow4435 4 หลายเดือนก่อน +7

    Windows is an absolute unfixable disaster.

    • @KK-eg3em
      @KK-eg3em 4 หลายเดือนก่อน +1

      It's fine for plebs like me.

    • @Oyakinya-Izuki
      @Oyakinya-Izuki 4 หลายเดือนก่อน

      ​@@KK-eg3em Until they blue screen you or use the recall feature
      ;)

  • @AndreaBorman
    @AndreaBorman 3 หลายเดือนก่อน +1

    You can install Take Ownership which lets you take ownership of the file so you can edit or delete it. I used to do that on Windows 7 and 8 when I was using it. You could also unlock God Mode by editing the Windows Explorer file by typing in a registry key. I don't know if that's changed on Windows 10 because I am using Linux now.

    • @KeinNiemand
      @KeinNiemand 2 หลายเดือนก่อน

      you don't need to install anything to take ownership you can do it from windows explorer or the command line already

  • @privatechannel1272
    @privatechannel1272 4 หลายเดือนก่อน +5

    That "GOD MODE" probably got many people clicking on this video :D

    • @Corteum
      @Corteum 4 หลายเดือนก่อน

      As you can attest! Lol

  • @Pikachu-iw1se
    @Pikachu-iw1se 3 หลายเดือนก่อน

    This brings me back to high school,
    I used to screw with settings enough that I was able to access the trusted installer security pass,
    Since I was a TI, I had the access to change the permissions for every other file system on my laptop, and every other device on the schools local network,
    Good times, good times,

    • @Pikachu-iw1se
      @Pikachu-iw1se 3 หลายเดือนก่อน

      Also, if you just tap the change button in the properties settings, if you are already TI, then you’ll be able to change the highest access to modify those files to the user group and just be able to access TI restricted files and turn them into user accessible files,
      Recommendation.. fuck around and find out

  • @1ts_Neo
    @1ts_Neo 4 หลายเดือนก่อน +4

    well well well

    • @mabell01
      @mabell01 3 หลายเดือนก่อน

      It's a deep subject! 🙃

  • @naso_g
    @naso_g 4 หลายเดือนก่อน

    Liked, commented and subscribed. Nice video, thank you.

  • @whiplash..777
    @whiplash..777 4 หลายเดือนก่อน +19

    Linux, Linux and Linux

    • @Sasquatchbones
      @Sasquatchbones 4 หลายเดือนก่อน +3

      Parrot OS and Mint are fantastic

    • @nullkv
      @nullkv 4 หลายเดือนก่อน +6

      Tetris , tetris, and tetris

    • @atorik1076
      @atorik1076 4 หลายเดือนก่อน +1

      Too many bugs and insecure asf. all hobby projects. For serious stuff NO. For fun def yes

    • @KizukiKotataki
      @KizukiKotataki 4 หลายเดือนก่อน +14

      @@atorik1076 it's fine to be ignorant on the internet, but hopefully not irl.
      If Linux were really to be a hobby project, it shouldn't be used as servers by Microsoft itself. RedHat literally exists, that's a hobby project?

    • @vonexploits3925
      @vonexploits3925 4 หลายเดือนก่อน

      @@atorik1076how to sound like a moron

  • @NSA-admin
    @NSA-admin 2 หลายเดือนก่อน

    This brings back the feelings of system privs with the at command on XP

  • @Thph793
    @Thph793 3 หลายเดือนก่อน +4

    Bro has never heard of Advanced Run...

  • @TheBatGOD
    @TheBatGOD 3 หลายเดือนก่อน

    Nice Man U Have Clearly Earned My Sub This Is A Game Changer 100% Thank You

  • @uuu12343
    @uuu12343 4 หลายเดือนก่อน +4

    Classic reddit bullshit
    > Tries to ask how to do this to learn for education ONLY
    > Cue the cesspool of bullshit "DO NOT DO IT, IT WILL DIE"
    People, PEOPLE WANT TO LEAAAAAARN

  • @spit.or.swaIIow
    @spit.or.swaIIow 3 หลายเดือนก่อน

    Thanks John. Very helpful unlike the first top Google results. 😡

  • @AS-oz6ep
    @AS-oz6ep 2 หลายเดือนก่อน

    We knew the world would not be the same. A few people laughed, a few people cried, most people were silent. I remembered the line from the Hindu scripture, the Bhagavad-Gita. Vishnu is trying to persuade the Prince that he should do his duty and to impress him takes on his multi-armed form and says, “Now, I am become Death, the destroyer of worlds.” I suppose we all thought that one way or another.

    • @AS-oz6ep
      @AS-oz6ep 2 หลายเดือนก่อน

      Or: "Now I am become TrustedInstaller the destroyer of Windows"

  • @Mr--_--M
    @Mr--_--M 4 หลายเดือนก่อน +1

    That thumbnail has been really popular the past few days 😅

  • @cheddarcheez007
    @cheddarcheez007 4 หลายเดือนก่อน +1

    I don’t understand any of this but I find it enjoyable

  • @kriz5652
    @kriz5652 4 หลายเดือนก่อน +2

    TrustedInstaller is so called Well-Known Security Principal, it is not visible in the local SAM database and is built-in the OS

  • @AtticusF27
    @AtticusF27 4 หลายเดือนก่อน

    Good to see you're back.

  • @l.m.892
    @l.m.892 2 หลายเดือนก่อน +2

    "Complete and unrestricted access to the computer" is not the same as "complete and unrestricted control over the computer."

  • @Shard113
    @Shard113 4 หลายเดือนก่อน +1

    This is sooo Microsoft. They have a long history in practically every product where admin isn't admin, removal doesn't remove, hidden and then there's extra hidden, etc.

  • @KobiTzarfati
    @KobiTzarfati 8 วันที่ผ่านมา

    "Now i become TrustedInstaller the destroyer of windows"
    ~J. Robert Oppenheimer

  • @vinzzbe
    @vinzzbe 4 หลายเดือนก่อน +1

    You should be able to launch UI apps from a service (eg TrustedInstaller) when you configure the option 'allow interaction with the desktop' on the service. Windows will then ask you to open a separate user interface which in turn will show the service app on screen.

  • @johanneskepler873
    @johanneskepler873 4 หลายเดือนก่อน

    Thanks, awesome video
    And thank you for inventing Jurassic Park.

  • @DaniMartVTen
    @DaniMartVTen 4 หลายเดือนก่อน +2

    I have a legal question:
    (Note: using analogy here, no demand for accuracy is required to make the point.)
    If "Trusted Installer" is the Windsows OS owned by Microsoft, akin to an OS installed on an electric app-capable vehicle owned by the same vehicle company, the subscription service to make the car's computer work is what makes the vehicle function, the lease or owner has a no-right-to-repair clause because both the vehicle and the OS are proprietary, the same we would expect of a Microsoft computer running Windows, just like Google runs Chromebook.
    Ok, so just like we'll never see a truck OS on a jeep vehicle, we won't see Windows on a Chromebook, not without extensive modification and agreement between companies for such, so an agreement-to-modify exists. So....why is Windows operating a Trusted Installer limitation on non-Microsoft computers where it doesn't have authority to compel an owner to operate their computer to OS standards not designed explicitly for it? The OS must match the device for it to function, be it a vehicle or computer, in order for tangible operations to match digital limitations, whereby the digital is limiting the tangible, like how Windows wouldn't be compatible to a Chromebook inherently, the agreement to modify must prevail, with or without license? I say this because purchasing Windows OS is not requiring a Microsoft computer explicitly.

    • @surr3ald3sign
      @surr3ald3sign 3 หลายเดือนก่อน

      You are, and i mean this as close to literal as possible, comparing apples to oranges here... first off trustedinstaller is not the OS, it is just a brick wall within the windows os designed to keep idiots from bricking their system and has been used to also protect their bloatware. And second do you remember the part of your windows installation where it said something to the effect of "terms and conditions" you are literally agreeing to everything they do, and a chromebook is infact designed to run on the windows os idk what tf you think it runs on, so that part of your "point" literally meant nothing. And to rain on your parade some more, if you own a computer of any kind, odds are microsoft owns some part or all of it bc they own like 90% of all computer technology atp bc they just buy out any competition. Go ahead and look up who owns all those different companies that make the parts in your computer and youll notice, unsuprisingly, that microsoft either owns them or owns a major part of their company and thus more or less owns them anyway. And imma just absolurely rip on you now for that last part "the os must match the device in order for it to function" factually incorrect as the os and the hardware are 2 VASTLY different and incomparable things, the hardware provides the body and the os provides the brain (see THATS how you make an analogy that makes sense in this context btw) the reason vehicles work differently is bc each vehicle company functions ENTIRELY inpdepandant of one another where as consumer use computers are made by many different companies all working together (and still ofc microsoft owning an uncomfortable majority of them bc they are a monopoly) so to attempt to actually answer your question is pointless bc you have a general misunderstanding of even the base concept of software versus hardware and have failed to make a question that makes any form of sense, itd be like if i asked you what your favorite color of the alphebet is, it doesnt make any sense bc thats not even remotely how either of those things work, does that kinda help guide you towards the general idea of what im trying to tell you?

  • @SumNumber
    @SumNumber 3 หลายเดือนก่อน

    The way I get rid of ANYTHING I want on windows is to boot from the usb recovery disk offered by windows and then drop to a cmd prompt. I can then dir/delete/move etc anything and that includes hidden and system files as well. A great utility for browsing the windows hard drive from DOS is called Q-Dir and that would be the portable version. Another trick to have complete control of all windows files is to boot up a live Linux system from usb and browse that way with the sudo. In some instances when trying to access the windows hard drive from a Linux boot disk the windows disk will be locked and you cannot work with it. The fix , trick, is to do a restart from windows and when the screen goes blank showing windows is shut down press and hold the computer off button until the computer completely shuts down. Now boot up into your Live Linux and mount the windows hard drive . Using the root option then browse windows and do what you like! I like using a gui interface like Linux when doing operations on windows files because of all the file utilities available. :O)

  • @vampirenero6719
    @vampirenero6719 3 หลายเดือนก่อน

    The more I lean about how Windows wants to control you the more I wish to move to Linux. I think I might do that soon.

  • @logiciananimal
    @logiciananimal 4 หลายเดือนก่อน +1

    At 14:00 or so - you need to presumably have to start something that will either act as a service or will do something before the service controller kills it. I thought services had a different entry point than ordinary applications, so I was surprised this approach worked.

  • @militaryuniformprincess
    @militaryuniformprincess 3 หลายเดือนก่อน +1

    I subbed because I liked your beard. Second, your IT knowledge is somewhat refreshing.

  • @lilmaple072
    @lilmaple072 3 หลายเดือนก่อน +1

    To think this is basically the Windows equivalent of logging in as sudo, yet Reddit gets so agrressive about it because you can damage shit like. Yea that's the type of file access we're looking for-

  • @JoJo-ps4ml
    @JoJo-ps4ml 4 หลายเดือนก่อน

    Ownership and control is Power Trip for tech companies. "We own you."

  • @sent4dc
    @sent4dc 4 หลายเดือนก่อน +2

    The reason your Notepad didn't show up on your desktop is because you were running it from the "session 0" which does not have a desktop. So it was running, but couldn't display it's GUI.

  • @corataylor2205
    @corataylor2205 4 หลายเดือนก่อน

    I listened to you talk in another tab for 21 minutes before realizing you're not ActionRetro. Y'all sound so alike.

  • @alksdng97834y
    @alksdng97834y 4 หลายเดือนก่อน

    John, is there resources that you would recommend to learn all of these in depth and technical windows aspects that most people don’t know? How do you go about learning all of this like win32, LSASS, etc

  • @kristofdeconinck2917
    @kristofdeconinck2917 4 หลายเดือนก่อน +1

    @John Hammond how do you do that scrolling-thingie @1:48?

  • @flimsyfox
    @flimsyfox 3 หลายเดือนก่อน

    Fun story: I once had to install a sketchy "run executable as" app to run an antivirus installer as TrustedInstaller because a malware was preventing me from running the antivirus installer normally.
    The malware of course didn't have much of a chance after that.

  • @royzhao749
    @royzhao749 4 หลายเดือนก่อน

    Just reminds me how much efforts put when researching such windows stuff...

  • @gregorymorse8423
    @gregorymorse8423 4 หลายเดือนก่อน

    The reason the service timeout errors occur is that you are running applications and not services, where service executables handle events and ate stateful based on them e.g. start, stop, pause, resume, etc

  • @Noone_important_54454
    @Noone_important_54454 3 หลายเดือนก่อน +1

    HAMMOND!
    DON'T DO IT HAMMOND

  • @aurinator
    @aurinator 4 หลายเดือนก่อน +1

    Oh I believe there are way more, even higher than what Windows is capable of exposing e.g. Ring 0. I think there are ways to go even higher than that as well.