Kali Linux

FakeLogonScreen : Fake Windows Logon Screen To Steal Passwords

FakeLogonScreen is a utility to fake the Windows logon screen in order to obtain the user’s password. The password entered is validated against the Active Directory or local machine to make sure it is correct and is then displayed to the console or saved to disk.

It can either be executed by simply running the .exe file, or using for example Cobalt Strike’s execute-assembly command.

Binaries available from the Releases page.

  • FakeLogonScreen.exe: Writes output to console which for example is compatible with Cobalt Strike
  • FakeLogonScreenToFile.exe: Writes output to console and %LOCALAPPDATA%\Microsoft\user.db

Folders:

  • / (root): Built against .NET Framework 4.5 which is installed by default in Windows 8, 8.1 and 10
  • DOTNET35: Built against .NET Framework 3.5 which is installed by default in Windows 7

Features

  • Primary display shows a Windows 10 login screen while additional screens turn black
  • If custom background is configured by the user, shows that background instead of the default one
  • Validates entered password before closing the screen
  • Username and passwords entered are outputted to console or stored in a file
  • Blocks many shortkeys to prevent circumventing the screen
  • Minimizes all existing windows to avoid other windows staying on top

Screenshot

R K

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

1 day ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

2 days ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

2 days ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

2 days ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

2 days ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

2 days ago