I received a lot of positive feedback on my previous post on accessing the clipboard from the lock screen using the wireless password field.
https://msitpros.com/?p=3746
Just out of curiosity I tried other combinations on doing the same thing, and I found out another cool trick to do the same using the Narrator feature in Windows.
You heard me (#LOL – Narrator is the component that reads stuff out loud) I did the same with Narrator. So, you are probably wondering how I did it using the Narrator. It is shown in the following video:
I also tried to «fuzz» the different fields to see if it is possible to break out of the Narrator application. I was not able to find any method.
Well, hope you enjoyed it and I hope Microsoft does something about this in the future. A quick fix to disable the narrator is to change the ACL on the Narrator.exe and deny read and execute to everyone. I have not found a Group Policy settings that disables this yet. I will update this post if I do.
Hope you enjoyed this post and find this exciting as I do. (I am such a geek)
Update 27.01.2017:
A good point from Papagon in the comments. You can also change the content of the clipboard using CTRL+C.
[…] Security, Windows 10 clipboard, lock screen, security, Windows 10 Differencing disks and virtual machines on Windows 10 Access clipboard from lock screen in Windows 10 #2 […]
[…] by /u/oddvarmoe [link] […]
Hi,
Thanks for sharing this trick.
From my point of view, this new method is more dangerous than using the wireless password field, because you can now change the clipboard content, simply with ctrl c on the narrator command search field.
By changing the content, you can imagine other attacks scenarios…
Wow. I did not think of that at all. Awesome feedback man. I will update the post.
Nice find! And hard to believe MS is downplaying this.
Also (shameless plug!) I just released an update to my ClipTTL system tool to instantly clear the clipboard when the session lock is detected.
[…] I saw the posts by Hasain Alshakarti on Facebook, Hasain had posted a link to Accessing the clipboard from the lockscreen into Windows 10 # 2. Interestingly, Microsoft should have already blocked that security […]
Why not just set up a scheduled task to clear the clipboard at logoff?
Program/Script: C:\Windows\System32\cmd.exe
Arguments: /c “echo off | clip”
That would solve the problem for sure. What I would like is that Microsoft fixes this in the OS.
I found another method that does not require networking screen or narrator.
You can use the “Password Recovery” tool to expose and replace clipboard data. I’ve posted a quick demo of the method here: https://youtu.be/XdbFGjOOel0?t=4m