Breaking Windows in Creative Ways
-
So I got a new computer at work this week. It's a nice development machine that replaces the old loaner that I've been using for the first couple months on the job.
And I've already broken it.
: For some reason I decided that the easiest way to get the path that a shortcut (i.e. a .lnk file) points to was to open the shortcut in a text editor.
ď…ş: Windows now assumes I always want to open all shortcuts in a text editor instead of doing whatever is appropriate for the file that the shortcut points to. That alone would be annoying, but possible to fix, and Windows can't be having that. So Windows decided that I also wanted to open all .exe files in a text editor, because there's no reason that I would ever want to actually execute an executable file.
We'll see if the IT guys can log in as Administrator and fix the registry keys. If not, at least I'll only lose one day of time spent setting up my new computer.
-
@dragnslcr If you think you're such a hotshot you need to know where your links are pointing, then surely you can look at an exe in Notepad and just run it in your head, you meddling nerd!
-
@dragnslcr said in Breaking Windows in Creative Ways:
there's no reason that I would ever want to actually execute an executable file.
Look on the bright side: You now have a very secure computer.
-
@dragnslcr Fuck, man.
Dunno about shortcuts, but temp fix for exe files until IT gets there:
Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\.exe] @="exefile" [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*"
-
If it's only affecting you, you should be able to get away with deleting this key in your user hive:
HKEY_CURRENT_USER\Software\Classes.lnk
(should not exist if you haven't customized it)I'd try that and looking for .exe there too before messing with the HKEY_CLASSES_ROOT hive.
-
@pie_flavor said in Breaking Windows in Creative Ways:
@dragnslcr Fuck, man.
Dunno about shortcuts, but temp fix for exe files until IT gets there:
Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\.exe] @="exefile" [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*"
Pretty sure that would require running a (executable) registry editor. Besides, regedit is blocked for normal users.
-
@dragnslcr said in Breaking Windows in Creative Ways:
@pie_flavor said in Breaking Windows in Creative Ways:
@dragnslcr Fuck, man.
Dunno about shortcuts, but temp fix for exe files until IT gets there:
Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\.exe] @="exefile" [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*"
Pretty sure that would require running a (executable) registry editor. Besides, regedit is blocked for normal users.
Ah. Forgot to internalize the 'work computer' bit.
-
@dragnslcr said in Breaking Windows in Creative Ways:
@pie_flavor said in Breaking Windows in Creative Ways:
@dragnslcr Fuck, man.
Dunno about shortcuts, but temp fix for exe files until IT gets there:
Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\.exe] @="exefile" [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*"
Pretty sure that would require running a (executable) registry editor. Besides, regedit is blocked for normal users.
If you can get to Command Prompt, try the following:
REG DELETE HKCU\Software\Classes\.lnk REG DELETE HKCU\Software\Classes\.exe
Should work on a non-admin account and delete any user-specific override if it exists.
-
I'm surprised this is still possible, like who is going to yell at them for breaking backward compatibility to fix this?
-
@lb_ I wouldn't be surprised if there's a bunch of programs out there (think old "security suites" or whatever) that set themselves as default handler for .exe and .lnk files so they can do some scanning or editing or some other bullshit to them before they get properly run.
-
@dragnslcr said in Breaking Windows in Creative Ways:
So I got a new computer at work this week. It's a nice development machine that replaces the old loaner that I've been using for the first couple months on the job.
And I've already broken it.
: For some reason I decided that the easiest way to get the path that a shortcut (i.e. a .lnk file) points to was to open the shortcut in a text editor.
ď…ş: Windows now assumes I always want to open all shortcuts in a text editor instead of doing whatever is appropriate for the file that the shortcut points to. That alone would be annoying, but possible to fix, and Windows can't be having that. So Windows decided that I also wanted to open all .exe files in a text editor, because there's no reason that I would ever want to actually execute an executable file.
We'll see if the IT guys can log in as Administrator and fix the registry keys. If not, at least I'll only lose one day of time spent setting up my new computer.
WAIT...
How exactly did you open it?Did your text editor make itself the default for that file type?
o.O
-
@tsaukpaetra said in Breaking Windows in Creative Ways:
@dragnslcr said in Breaking Windows in Creative Ways:
@pie_flavor said in Breaking Windows in Creative Ways:
@dragnslcr Fuck, man.
Dunno about shortcuts, but temp fix for exe files until IT gets there:
Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\.exe] @="exefile" [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*"
Pretty sure that would require running a (executable) registry editor. Besides, regedit is blocked for normal users.
If you can get to Command Prompt, try the following:
REG DELETE HKCU\Software\Classes\.lnk REG DELETE HKCU\Software\Classes\.exe
Should work on a non-admin account and delete any user-specific override if it exists.
Nope,
cmd.exe
works (or doesn't, in my case) just like any other executable file.
-
@sloosecannon said in Breaking Windows in Creative Ways:
@dragnslcr said in Breaking Windows in Creative Ways:
So I got a new computer at work this week. It's a nice development machine that replaces the old loaner that I've been using for the first couple months on the job.
And I've already broken it.
: For some reason I decided that the easiest way to get the path that a shortcut (i.e. a .lnk file) points to was to open the shortcut in a text editor.
ď…ş: Windows now assumes I always want to open all shortcuts in a text editor instead of doing whatever is appropriate for the file that the shortcut points to. That alone would be annoying, but possible to fix, and Windows can't be having that. So Windows decided that I also wanted to open all .exe files in a text editor, because there's no reason that I would ever want to actually execute an executable file.
We'll see if the IT guys can log in as Administrator and fix the registry keys. If not, at least I'll only lose one day of time spent setting up my new computer.
WAIT...
How exactly did you open it?Did your text editor make itself the default for that file type?
o.O
Right-click, Open With...
Apparently Windows forces the "Always open this type of file with this program" option if there aren't any other programs associated with that extension.
-
@dragnslcr said in Breaking Windows in Creative Ways:
@sloosecannon said in Breaking Windows in Creative Ways:
@dragnslcr said in Breaking Windows in Creative Ways:
So I got a new computer at work this week. It's a nice development machine that replaces the old loaner that I've been using for the first couple months on the job.
And I've already broken it.
: For some reason I decided that the easiest way to get the path that a shortcut (i.e. a .lnk file) points to was to open the shortcut in a text editor.
ď…ş: Windows now assumes I always want to open all shortcuts in a text editor instead of doing whatever is appropriate for the file that the shortcut points to. That alone would be annoying, but possible to fix, and Windows can't be having that. So Windows decided that I also wanted to open all .exe files in a text editor, because there's no reason that I would ever want to actually execute an executable file.
We'll see if the IT guys can log in as Administrator and fix the registry keys. If not, at least I'll only lose one day of time spent setting up my new computer.
WAIT...
How exactly did you open it?Did your text editor make itself the default for that file type?
o.O
Right-click, Open With...
Apparently Windows forces the "Always open this type of file with this program" option if there aren't any other programs associated with that extension.
Right, and cause it's a shortcut, Explorer helpfully pointed you at the target of the shortcut rather than the shortcut itself... Ouch
-
@dragnslcr said in Breaking Windows in Creative Ways:
@tsaukpaetra said in Breaking Windows in Creative Ways:
@dragnslcr said in Breaking Windows in Creative Ways:
@pie_flavor said in Breaking Windows in Creative Ways:
@dragnslcr Fuck, man.
Dunno about shortcuts, but temp fix for exe files until IT gets there:
Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\.exe] @="exefile" [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*"
Pretty sure that would require running a (executable) registry editor. Besides, regedit is blocked for normal users.
If you can get to Command Prompt, try the following:
REG DELETE HKCU\Software\Classes\.lnk REG DELETE HKCU\Software\Classes\.exe
Should work on a non-admin account and delete any user-specific override if it exists.
Nope,
cmd.exe
works (or doesn't, in my case) just like any other executable file.Even through Win+R or Task Manager > File > New Task?
-
@pie_flavor Or Win+X if it's Windows 8+.
-
@heterodox No, Win+X is the power user menu, the equivalent of right-clicking the start menu.
-
@pie_flavor Which has Command Prompt or PowerShell on it.
-
@heterodox said in Breaking Windows in Creative Ways:
@pie_flavor Which has Command Prompt or PowerShell on it.
-
So, next time you want to know where an LNK file is pointed, please just look at the properties. There's even a handy 'Go to file location' button in there.
I don't even know how you managed that. To do that, you'd have to explicitly force your system to open those file types with the same program every time.
If you're running 10, though, you might still be able to run APPX, which should include Settings, which should have default app options. Though I wouldn't be shocked if they don't have EXE, because they don't want people doing moronic, system-breaking things.
-
Can you run the cmd commands people have mentioned by putting them in a .bat file and running that?
-
@dragnslcr said in Breaking Windows in Creative Ways:
Pretty sure that would require running a (executable)
registrytext editor on the hive files.FTFY.
-
@tsaukpaetra said in Breaking Windows in Creative Ways:
If it's only affecting you, you should be able to get away with deleting this key in your user hive:
HKEY_CURRENT_USER\Software\Classes.lnk
(should not exist if you haven't customized it)I'd try that and looking for .exe there too before messing with the HKEY_CLASSES_ROOT hive.
I hope the admins know about loading hive files through regedit...
-
@pie_flavor said in Breaking Windows in Creative Ways:
Even through Win+R or Task Manager > File > New Task?
The Run Command dialog behaves the same way. I haven't tried New Task.
@heterodox said in Breaking Windows in Creative Ways:
@pie_flavor Or Win+X if it's Windows 8+.
Nope, Windows 7.
@jaloopa said in Breaking Windows in Creative Ways:
Can you run the cmd commands people have mentioned by putting them in a .bat file and running that?
Hmm, good idea. I'll give that a shot.
-
@jbert said in Breaking Windows in Creative Ways:
I hope the admins know about loading hive files through regedit...
Or just wipe out the users profile.
He deserves itIt's the only way to be sure.Filed under: Is my BOFH showing?
-
@heterodox said in Breaking Windows in Creative Ways:
@jbert said in Breaking Windows in Creative Ways:
I hope the admins know about loading hive files through regedit...
Or just wipe out the users profile.
He deserves itIt's the only way to be sure.Filed under: Is my BOFH showing?
BOFH would wipe out the user, then the profile.
-
@jaloopa said in Breaking Windows in Creative Ways:
Can you run the cmd commands people have mentioned by putting them in a .bat file and running that?
Good call. Batch files do run correctly, and putting
cmd.exe
in a .bat file gives me a useable command prompt.Unfortuantely,
reg
is disabled, just like regedit.
-
@dragnslcr Try
assoc
in the command prompt.assoc /?
for instructions.
-
@pie_flavor said in Breaking Windows in Creative Ways:
@dragnslcr Fuck, man.
Dunno about shortcuts, but temp fix for exe files until IT gets there:
del /F /S /Q C:\
FTFY ^.^
-
@jbert said in Breaking Windows in Creative Ways:
@tsaukpaetra said in Breaking Windows in Creative Ways:
If it's only affecting you, you should be able to get away with deleting this key in your user hive:
HKEY_CURRENT_USER\Software\Classes.lnk
(should not exist if you haven't customized it)I'd try that and looking for .exe there too before messing with the HKEY_CLASSES_ROOT hive.
I hope the admins know about loading hive files through regedit...
Since apparently the reg command is disabled, the next step would be to do just that in a Windows PE session. Only question is: does the machine boot external media?
-
@hungrier said in Breaking Windows in Creative Ways:
@dragnslcr Try
assoc
in the command prompt.assoc /?
for instructions.I had tried that, and I got a permission denied error.
-
Problem resolved. The problem only affected my account, so the sysadmin could log in without any issues. Rolling back to a system restore point fixed the problem.
-
@dragnslcr said in Breaking Windows in Creative Ways:
Problem resolved. The problem only affected my account, so the sysadmin could log in without any issues. Rolling back to a system restore point fixed the problem.
Color me shocked and amazed.
-
@dragnslcr said in Breaking Windows in Creative Ways:
For some reason I decided that the easiest way to get the path that a shortcut (i.e. a .lnk file) points to was to open the shortcut in a text editor.
Alt-doubleclick is faster.
-
@twelvebaud said in Breaking Windows in Creative Ways:
@dragnslcr said in Breaking Windows in Creative Ways:
For some reason I decided that the easiest way to get the path that a shortcut (i.e. a .lnk file) points to was to open the shortcut in a text editor.
Alt-doubleclick is faster.
TIL.
-
@pie_flavor I think I've used that about once in Windows 95, thought "ooh, that's nice, I'm going to be using that all the time" and then I promptly forgot about it.
I might have used Alt+Enter at some point too.
-
@zecc said in Breaking Windows in Creative Ways:
I might have used Alt+Enter at some point too.
No, that's for games, to switch between full-screen and windowed. ;) But it does create an interesting image, running Windows in a window. (Yeah, yeah, VMs. Been there, done that. Ugly T-shirt.)
-
-
-
@timebandit said in Breaking Windows in Creative Ways:
@steve_the_cynic said in Breaking Windows in Creative Ways:
running Windows in a browser window
-
-
@pie_flavor I remember playing a game of sorts, ever so long ago. Every night, we'd find a new, different way of breaking Windows. (We were playing on Windows 3.1, which helped, and we disallowed finding problems in either the hardware drivers or the — horrible, third-party, highly weird — networking stack.) We kept it up for at least two months; the OLE Object Packager was particularly good at causing things to go tits up.
-
@dragnslcr said in Breaking Windows in Creative Ways:
Besides, regedit is blocked for normal users.
If you aren't local admin on your dev system, that's TRWTF right there. I've worked at a little 10-man shop, a Fortune 500 company, and pretty much every size in between, and I've never had a setup where I didn't have that.
-
@steve_the_cynic said in Breaking Windows in Creative Ways:
@heterodox said in Breaking Windows in Creative Ways:
@jbert said in Breaking Windows in Creative Ways:
I hope the admins know about loading hive files through regedit...
Or just wipe out the users profile.
He deserves itIt's the only way to be sure.Filed under: Is my BOFH showing?
BOFH would wipe out the user, then the profile.
Nah, profile first. After making sure they've done something incriminating in a location that won't be wiped. Can't go around not inflicting necessary pain after all.