StackZero
  • Homepage
  • Categories
    • Basics
    • Cryptography and Privacy
    • Ethical Hacking
      • Web Security
      • Network Security
    • Reverse Engineering
      • Malware Analysis
  • Contacts
No Result
View All Result
StackZero
No Result
View All Result

How to prank your friends with this hilarious wallpaper locker!

June 6, 2022
in Other
0 0
Change Background
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

If you’ve ever wanted to pull a prank on your friends by locking their wallpaper, this is the article for you!
I’ll explain how to do it in just a few simple steps. So that your victim could not replace the embarrassing image you choose. The result will be a simple script: “wallpaper locker”

Wallpaper locker building strategy

Windows has two registry entries that we’re interested in.

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\Wallpaper
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\WallpaperStyle

The first one is a string representing the path of the new Wallpaper.
The second one is a number indicating the Style:

  • 0 – Centered
  • 1 – Tiled
  • 2 – Stretched
  • 3 – Fit
  • 4 – Fill

Currently, they probably don’t exist on your friend’s PC, so let’s just write what we are going to do:

  • Move the selected wallpaper into a hard-to-find directory
  • Create the “System” key
  • Create the two values: Wallpaper and WallpaperStyle
  • Reboot the system

Practice Part

Before starting coding, just to hide our intentions, let’s rename the target wallpaper image with a deceptive name and a different extension, like: “sys.conf”.

Done that, we can create our script file that I named “change-bg.py” in this example. Optionally, you can create a virtual environment.

Structure after file creation

Our code will use winreg as we’ve done in this article.

But now stop talking and write our script!

The first thing we want to do is just initialize all variables and do all imports:

import winreg
import os
import shutil

bg_location = "C:\\Windows"
base_key = "Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System"
img_name = "sys.conf"

keys = {
    "Wallpaper": (f"C:\\Windows\\{img_name}", winreg.REG_SZ),
    "WallpaperStyle": ("3", winreg.REG_SZ)
}

I just want to point out that we saved the value we want to pass in a dictionary, having the registry key name as the key and a tuple containing value and size as dictionary value.

The next step is to copy the wallpaper from the current directory to another one (“C:\Windows” in our case).

shutil.copy("sys.conf", f"{bg_location}")

We have almost done, this is the step where we are connecting to the registry and adding the key and all values that we set into the dictionary:

reg = winreg.ConnectRegistry(None, winreg.HKEY_CURRENT_USER)
system_key = winreg.CreateKey(reg, base_key)

for k, v in keys.items():
    winreg.SetValueEx(system_key, k, 0,  v[1], v[0])

Finally, let’s reboot the system in the simplest way possible:

os.system("shutdown /r /t 0")

If we want to make the prank more insidious, we can convert the script into an executable, as this article shows.

This is the full code:

import winreg
import os
import shutil

bg_location = "C:\\Windows"
base_key = "Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System"
img_name = "sys.conf"

keys = {
    "Wallpaper": (f"C:\\Windows\\{img_name}", winreg.REG_SZ),
    "WallpaperStyle": ("3", winreg.REG_SZ)
}

shutil.copy("sys.conf", f"{bg_location}")
reg = winreg.ConnectRegistry(None, winreg.HKEY_CURRENT_USER)
system_key = winreg.CreateKey(reg, base_key)

for k, v in keys.items():
    winreg.SetValueEx(system_key, k, 0,  v[1], v[0])

os.system("shutdown /r /t 0")

If we want to run we need to open a command line as administrator and write;

python change-bg.py

In the case of the executable, just right-click -> “Run as administrator”.

Now it’s impossible to change the Wallpaper from the screen settings.

Finally, if we want to sort everything out, let’s just write a few lines of script that will remove the key from the registry and call this script “clear-reg.py”:

import winreg

reg = winreg.ConnectRegistry(None, winreg.HKEY_CURRENT_USER)
winreg.DeleteKey(reg, "Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System")

After running the clear-reg.py, your friend will be able again to change his desktop!

I hope you found this article interesting, have fun with that!

What is malware analysis and why is it important?
Trending
What is malware analysis and why is it important?

Previous Post

Compilation Process in C: Easy Introduction

Next Post

OWASP Top 10 Breaches of 2021. What You Need to Know!

Next Post
OWASP Top 10 breaches

OWASP Top 10 Breaches of 2021. What You Need to Know!

You might also like

Hack File Inclusion in DVWA: A Full Walkthrough

Hack File Inclusion in DVWA: A Full Walkthrough

January 18, 2023
How To Exploit File Inclusion Vulnerabilities: A Beginner’s Introduction.

How To Exploit File Inclusion Vulnerabilities: A Beginner’s Introduction.

December 15, 2022
What is unrestricted file upload vulnerability? And How to exploit it on DVWA!

What is unrestricted file upload vulnerability? And How to exploit it on DVWA!

November 29, 2022
How To Exploit CSRF In DVWA

How To Exploit CSRF In DVWA

November 23, 2022
CSRF intro featured

CSRF Introduction: What you need to know!

November 15, 2022
Bruteforce attack

How to Brute Force DVWA login with Python

November 3, 2022

StackZero

StackZero is a technical coding blog that focuses on cybersecurity. It mainly offers articles and tutorials that teach readers how to write security tools.
The blog covers a wide range of topics, from the basics of cryptography to the more advanced topics of exploitation and reverse engineering.

Tags

application security blind sqli blind sql injection bruteforce c certification command injection csrf csrf attack cybersecurity dom-based xss dvwa ethical-hacking exploitation file inclusion file upload hacking injection javascript kali linux local file inclusion malware malware analysis network-security penetration testing pentesting lab python reflected xss registry remote file inclusion security shellcode sql sqli sql injection stored xss virtual machine vulnerable application web application security web exploitation web security windows windows api windows virtual machine xss
  • Contacts
  • HomePage
  • Privacy Policy
  • Terms and Conditions

No Result
View All Result
  • Homepage
  • Categories
    • Basics
    • Cryptography and Privacy
    • Ethical Hacking
      • Web Security
      • Network Security
    • Reverse Engineering
      • Malware Analysis
  • Contacts

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In