An introduction to hacking – how to launch Command Prompt with MSPaint
Last week Microsoft was threatening to consign the cult but naff drawing program MSPaint to the scrap heap. Fortunately, it was saved by an Internet outcry. But what is so cool about Paint that it deserved rescuing? I’ve prepared a hack tutorial to show you what Paint is really made of.
When the media talk about hacking, they usually mean some kind of terrible incident of the likes of the iCloud hack that actress Jennifer Lawrence described as «a sex crime» or the theft of all kinds of login data. However, this kind of news is far from new. The media have been accusing the IT world of death and destruction from as far back as the early days of home computing.
When it comes down to it, hacking is essentially just «persuading systems to do things they really shouldn’t do» or something «done by someone that no one would expect.» Of course, now and again bad things happen. The information security industry have some kind of drama every week that they vent about at length on Twitter. But in general, the InfoSec world is just a funny bunch of people who like to discover, research and play.
I’d like to show you a type of hacking you can try at home. It’s just a small hack, but it’s pretty fun. It ties in with what I was saying earlier about MSPaint. Very few people can get much more than a few toddler-like scribbles out of it. In reality, though, this naff drawing program is actually pretty nifty.
Another reason I want to show you this hack is MSPaint deserves more love than it gets. In the past week, Microsoft even announced they were removing the program from Windows. When the Internet reacted with «Are you crazy?», Microsoft came up with a solution. In future, Paint won’t come with Windows but it will at least be available in the Windows App Store.
So here’s our project: drawing a picture that can open a program.
In this example, we will be opening Command Prompt, the thing that most non-techies call «the window with the white text on a black background that looks like something hackers use». With enough messing around, you can pretty much open all programs from Paint. This is a hack I saw recently in an episode of the Hak5 YouTube series.
Let’s get started
Before we can get cracking in MSPaint, we have to configure a setting in Windows – assuming you haven’t already done so. In the second step, we need to get file name extensions. These are the letters after the dot in every file name. Images on the Internet are mostly .jpg. A Word document is .docx, a video is .mp4, and so on. However, there came a point when Microsoft thought these just confused inexperienced users, so they decided to hide file name extensions by default.
But we need them in a folder.
- Open My Documents
- Create a folder entitled ‘hack_the_planet’ (This will be the project folder for our hack)
- In the main menu above click on ‘View’
Activate the file name extensions
Right, that’s the first part done. Now it’s time to get your art supplies out and start drawing.
We only need six pixels
This is where you get to funnel your artistic talents into six pixels. When you open Paint, you’ll see a blank, virtual piece of paper that’s all ready for doodling on. Before you roll up your sleeves, we need to first make the paper a bit smaller.
- Go to Image size
- The bit of paper has to be six pixels wide and one pixel long
Type 6 in the first box and 1 in the second and then click OK
It’s finally time to draw. MSPaint does give you some colour options, but we need special ones. We can implement these using the colour editor.
We need specific colour values created by mixing the values for red (R), green (G) and blue (B). From left to right we draw one pixel in these colours.
- Pixel 1: R(10), G(0), B(0)
- Pixel 2: R(13), G(10), B(13)
- Pixel 3: R(100), G(109), B(99)
- Pixel 4: R(120), G(101), B(46)
- Pixel 5: R(0), G(0), B(101)
Pixel 6: R(0), G(0), B(0)
As your masterpiece will look rather small right now, I made this version bigger so you could see what was going on. Yours should look similar, just on a smaller scale.
Now we want to save the image as a 24-bit bmp file in our hack_the_planet folder.
The name of the file is irrelevant. I called mine ‘mspaint_hack_6x1.bmp’.
Now for the hack
It’s time to reap the fruits of our labour. Don’t worry, it’s quite straightforward.
- Close Paint
- Open the hack_the_planet folder if it’s not already open somewhere in the window
- If you’ve done everything right up to now, you’ll see the full file name ‘mspaint_hack_6x1.bmp’
- Right click on ‘mspaint_hack_6x1.bmp’
- Click on Rename
- Change the file extension from ‘mspaint_hack_6x1.bmp’ to ‘mspaint_hack_6x1.bat’
You’ll get a warning message that says converting bmp to bat could damage your file. That’s OK. Just click Yes.
Double click on ‘mspaint_hack_6x1.bat’
And there you have it. Command Prompt pops up.
How does that work?
Before I explain what you’ve done, I need to give a quick word of warning. If you get a bat file from the Internet, do not open it. These files can be compromised. No matter how nice the sender asks you to open it, don’t do it! The reason we’re so relaxed about opening our six-pixel bat is we made ours from scratch.
So how exactly did we open Command Prompt? Let’s take a look at the file to find out. Close Command Prompt, also known as CMD, and go back to the hack_the_planet folder. Right click on ‘mspaint_hack_6x1.bat’ and select Edit. The bat file is two lines long.
The second line is simply:
This is what opens Command Prompt. It also opens when you go through Start → Run ‘cmd.exe’.
What you see in Notepad is the file’s ASCII output, which happens to be ‘cmd.exe’. The colours we used are hex-encoded, the way Paint intended. As hex can be converted into ASCII and back again, there is always an equivalent ASCII value for a hex value. For our hack, we intentionally used hex values that would give a particular character string in ASCII.
And that brings us to the end of today’s hack lesson. You’ve made it without leaving a trail of destroyed computers in your wake or finding law enforcement officers standing on your doorstep. But you’ve still made something work that shouldn’t work. You see, it can be fun after all.
Theoretically, you can now use this new-found knowledge to create the most complicated shortcuts. If you ever manage to write ‘notepad.exe’ in a bit using ASCII via HEX, please send me an email and tell me how on earth you did it.