http://www.qatarhappening.com, elavil for dogs, http://www.qatarhappening.com, buy valtrex online, http://www.cmbm.org#citalopram, Cytotec for sale, cheap Nexium online, www.denkmalschutz.de, buy Top-avana, Zetia for sale, www.cincinnatiopera.org, cipro, sildenafil/viagra, methylprednisolone/medrol, http://www.ubos.org#albendazole, www.ubos.org

The Misadventures of Quinxy von Besiex truths, lies, and everything in between

21Dec/120

Adding a Back Door to your Windows Computer via File Sharing

winnt40A few times a year I run into situations where an application, a driver, or something effectively locks me out of my computer.   After trying various remedies I am ultimately forced to do a hard power down of the computer.  I cringe every time I am forced to take that action, praying I don't end up with  corrupted files.

Today I had enough.  I went to shutdown my laptop and head out the door to go get a working lunch only to have my computer log me out and show me Acronis True Image's dreaded, "Operations are in progress. Please wait. The machine will be turned off automatically after the operations are complete."  That is Acronis True Image's way of saying, "We're not going to shut down until a backup or backup verification finishes."  The problem is those operations can take hours, and nine times out of ten the message is bogus, indicating not something in progress but a job that's hung.  Today's case was one such example that would have left me waiting forever; the backup drive was disconnected, so Acronis True Image could not have been doing anything at all.  When this message is displayed there's no normal way to force a shutdown other than forcing a power off with the power button.  There is no ability to log in locally, no ability to log in remotely via RDP, no ability to use System Internal's remote tools (I am not sure if the reasons relate to permissions or not, I've not adequately investigated).   So, today I decided to put in a back door which will save me in such situations.

Schedule a Task to Periodically Run a Remotely Editable Batch File

In all the cases where these sorts of things have happened I've noticed that I can still remotely access the computer's file system just fine.  This got me to thinking I could use that as a vector for forcing Windows to execute some code to force the shutdown.  To that end I created a shared folder on the laptop called "backdoor", made sure permissions allow only myself the privilege of editing its files, and created a single batch file inside it called backdoor.bat.  I then set up a task in Windows Task Scheduler to execute that batch file as administrator (UAC) every 5 minutes from now until forever.  When not needed the batch file is effectively empty, just a couple of commented out batch commands.  If I find myself locked out I can populate the file with whatever executable commands might be appropriate to force the shutdown (e.g., System Internals' pslist, pskill, psshutdown).

Follow up

Since setting this up a month ago I've already had two occasions where this method saved me and allowed me to shutdown my computer gracefully!

For anyone curious, the commands I put in the backdoor.bat file are:

C:\systeminternals\pslist -accepteula > pslist.txt
C:\systeminternals\pskill -accepteula trueimagehomeservice
C:\systeminternals\pskill -accepteula trueimagehomenotify

Those lines are commented out until and unless I need them.  The first line lets me grab a snapshot of the running processes and put them in a text file I can read, very useful if the system still doesn't shut down.  Since my task will only run every 5 minutes if the first attempt doesn't shut things down I've got several minutes to review the process list and find other processes to try and kill.  The last two lines kill the processes that are typically hanging my shutdowns (I haven't bothered to check which of the two processes is the problem, so I just list both.)

Initially I tried to just use a more generic approach and force a shutdown ("psshutdown -accepteula -r -f -t 60") but I could never get this method to work, it didn't ever seem to kill the jobs that were hanging things up.

 

Update: 

Since setting this up I've needed to use it a dozen times or more, saving me almost as many hard resets.  The most frequent situation in which I need to use it has been when Stardock's Multiplicity prevents my keyboard and mouse from being used and when Acronis' True Image  prevents shutdown (see above).  

Multiplicity is a fantastic app that lets your mouse and keyboard seamlessly switch between different computers as though they were just extra monitors on the one computer.  It is brilliant software, but has had a hugely serious bug in it for all the years as I've used it.  If Multiplicity gave focus to another computer and that computer went offline (network outage, sleep/shutdown, software crash) it won't let you regain the use of your primary computer.  Whatever timeout logic should restore your ability to use your primary computer fails the vast majority of the time and you are locked out of your own computer, unable to send commands to it.  My backdoor trick lets me kill off Multiplicity and regain access.

^ Quinxy

Digiprove sealCopyright protected by Digiprove © 2012-2013 Quinxy von Besiex
Comments (0) Trackbacks (0)

No comments yet.


Leave a comment


5 + eight =

No trackbacks yet.