pro hacker teaches you how to bypass this!

Kids, remember....do not hack uncle hacker loi 😎.

schooldropout

Writing %CD% will write the writing directory into the window. If you use the set command with "%CD%> " instead of "cmd~" then you can see your directory the same way you would in a normal CMD window.

If your computer doesn't allow you to use batch files directly, put them in a compressed file and run them from inside it. If that still fails, change the extension of the script file from .bat to .cmd and try the compressed folder.

ftwgaming

As someone who's been coding in batch for years now, I thought this was genuinely clever. I expected the solution to be something simple like editing the registry value of the computer policies but the solution / solutions were very clever. Keep doing what you do!

lantern

People need to realise that he's running CMD etc on a user account on the local administrator group. So of course he'll be able to bypass a restricted command prompt and use admin commands. It doesn't matter so long as the user account's local group is admin.

iongeneral

Back in school I pulled off the batch trick. But what worked for me too was just putting in cmd.exe or regedit into the batch file and it'd open whatever I wanted. So no advanced trickery necessary.

One opportunity I missed is that they used network boot, which took forever to boot and was otherwise set up pretty well, so I wish I already had acquired the Linux skills to set up my own Raspberry Pi DHCP + tFTP PXE server.

Also one interesting discovery I made: Teachers tend to have unchanged default passwords + nice power tools.

What a fun time it was. I learned so much and the teachers were incredibly chill.

puerlatinophilus

For people who actually care about stuff, the "curly thing" is called a tilde.

bestguywhotellsitlikeitis

Well i dont need to bypass cmd restrictions, since my school / city administration was so smart to block dark mode but not cmd 😂

Omena

You're already an administrator, which assumes you have way more rights than you should. This is great if you already have that level of access, however, you have much more capabilities and you could have disabled the GPO if you wanted to. The "bypasses" work, but are pointless if you do not already have Administrative control over the system. This may only be useful if you were able to drop a stage-0 payload onto a machine, elevate privileges, then execute a shell. The only real use case here is being able to execute commands on a system where you have GUI access as an Administrator. Great examples of this are kiosks in public areas, or an open VNC/Remote Admin connection (ex: AnyDesk). Still a very interesting video! Good work! I don't mean to diss the content, just informing everyone of the assumptions you need to make.

rainbowdoesinfosec

In high school, I would boot into recovery mode, go into the system files copy the command prompt from inside system32 and rename it to the sticky keys app. Then rebooting, I would simply activate sticky keys with the shift key and cmd would pop up in system32 dir. I would have complete control of the system from there.

boo

The one thought that comes to mind here is the level at which you start at when you try to do the things in this video. If you are not at the administrator level for your local machine, you may find editing the group policy a bit tricky, especially given that it may be updated as part of the login process, so it reverts to its original settings if that's the way that your domain admin wants it. Personally, what I tend to do is run the command that I need from the Run box, for example if I want to run a directory listing, I'd open a run command (Win+R) and type in

cmd /c dir && pause

 (the "&& pause" stops the output from disappearing). This is especially the case where the domain admin has also restricted using executable files such as batch files, PS2 files and so forth.

mistie

GP editor only works if the machine user is local. This won't work for domain accounts. Also, there are lots of reasons to block executing programs on computers that belong to an organization. Mostly security. Second, it keeps people from screwing up their machines and causing more work for their IT departments who are probably overworked already.

npsit

Back in college, some malware had taken over a lab machine and changed the registry so that the computer couldn't open exe files. I used a doc file to open Word. Then I used VBA to open regedit. Finally I was able to fix the regkey and regain access to the machine. Appending something to the end of the exe was a technique I hadn't seen before, but most of these were ones I have used as some point for legitimate reasons. Knowing how your machine works is key.

R.B.

That's What We Need 🙃 We Don't Need AWS tutorial

RajuKeMama

Can't wait try this at school on Monday

daartistboi

ive been working on a project on the school computers that uses python to pretty much do the same as this, but add extra commands to access public desktop, C:\ drive etc. and its cool to see how it could all be implented in batch

pyco

We need to acknowledge this man, remember he does this For free just to teach us! Thank You Mr Loi And Keep up The Content ❤

Synclon

i can accsses the cmd but some codes require admin pwd and i cant edit group policy any solution?

UserSOF

This video remembers me of what I did in IT class yesterday:
Booted up HBCD PE from my usb stick created a new admin account, installed some programs, and played around with the settings (my school does not even let me change the desktop background, but cmd is alright 😎)

MigProPlayer

That's nice 🙂
Now, teach us how you change all the without having administrative permissions already on the account, would be very interesting :)

Waludalf

Hello.the new style of filming and the background music is Awesome, I like it👊👍

سیدمحمدقاضی-جج