Did You Know You Can Unlock YOUR User’s XP Workstation?

So…I’ve always wondered if there was a way to remotely unlock a users workstation. I mean c’mon, who wouldn’t want to sneak up and see what your employees are typing about you in an email, or things they have open and are doing!

Naw really, this really shouldn’t be used in malicious ways. It can be a very useful tool, and for me it was, being in IT it meant I could quickly check up on an employees machine if I needed to find an IP address or if they had something open from the network that someone else needed to get in.

There are a ton of legitimate reasons that this would be useful.

So after hours and hours of scouring the Internet many months ago, I managed to find a tool somehow by a man named Dan Farino. Props go to this guy! He users a process to create a service on the remote machine and inject a DLL into the Winlogon process. Of course you need the administrator password to the machine or the domain. You could use that password to log into the machine directly – but it will log off the current user killing any documents they have opened and in a un-saved state.

I won’t go too much into detail, because most of the overview can be found here. I highly encourage you to read the little that there is behind how this thing works. It’s basically a shell command you run in a command prompt.

The format is: RemoteUnlock.exe computername

Please Note: This only works on XP workstations as far as my testing goes. It’s a no go on Windows 2000, specially anything earlier. Vista I’m unsure about as well.

Also, a fundamental step you must not forget in this process is to relock the workstation after your through with it. You type in that command, do what you need to do on the computer, then you need to hit ENTER. Good Luck!!