Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ThomasThelen/Disable-Task-Manager

Example of disabling the task manager via registry manipulation
https://github.com/ThomasThelen/Disable-Task-Manager

hacking registry registry-manipulation task-manager windows-hacking windows-registry

Last synced: 3 months ago
JSON representation

Example of disabling the task manager via registry manipulation

Host: GitHub
URL: https://github.com/ThomasThelen/Disable-Task-Manager
Owner: ThomasThelen
Archived: true
Created: 2020-01-09T16:50:00.000Z (almost 5 years ago)
Default Branch: master
Last Pushed: 2020-08-17T03:52:09.000Z (over 4 years ago)
Last Synced: 2024-06-04T23:00:39.214Z (6 months ago)
Topics: hacking, registry, registry-manipulation, task-manager, windows-hacking, windows-registry
Language: Python
Size: 11.7 KB
Stars: 10
Watchers: 3
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

jimsghstars - ThomasThelen/Disable-Task-Manager - Example of disabling the task manager via registry manipulation (Python)

README

# Disabling the Task Manager
[![Codacy Badge](https://app.codacy.com/project/badge/Grade/159ce710186b46b1a41a9804b6f6b959)](https://www.codacy.com/manual/ThomasThelen/Disable-Task-Manager?utm_source=github.com&utm_medium=referral&utm_content=ThomasThelen/Disable-Task-Manager&utm_campaign=Badge_Grade)
[![made-with-python](https://img.shields.io/badge/Made%20with-Python-1f425f.svg)](https://www.python.org/)
[![Maintenance](https://img.shields.io/badge/Maintained%3F-yes-green.svg)](https://GitHub.com/Naereen/StrapDown.js/graphs/commit-activity)

Example of modifying Windows registry values. This example disables the Windows Task Manager.
## Background

For whatever reason, some people have reason to restrict access to the task manager. Maybe you're a researcher running a long computation and don't want anyone killing your process. Maybe you're a sysadmin trying to lock a computer down. Maybe you're an asshole and don't want people killing your fake av process. An incredible obtrusive way to disable it is by modifying the value of the `SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr` key.
Note that [Malwarebytes](https://blog.malwarebytes.com/detections/pum-optional-disabletaskmgr/) flags this.

The key in question resides at

Key Location: `SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System`

with

Key Name: `DisableTaskMgr`

Setting this to `1` (true) should be a first order approximation to preventing access to the control panel

## Code

The code is fairly simple. It doesn't take into account that the Key Location doesn't exist. It uses the `winreg` module to first open, then write, and close the registry.