Block access to safe mode

Disable F8 Key to Block Access to Safe Mode during Windows Startup

Disabling Windows Safe Mode is not the perfect way of prevent the computer from being messed around but it goes give some extra security.

The last time I found out that we can disable access to safe mode by changing the Minimal and Network keys in registry to cause the computer to blue screen whenever you try to boot in to Safe Mode. It’s a fairly simple trick that works, maybe a little too simple that when the attacker knows about this trick, he/she can reverse the changes by editing the registry.
No worries, I found two more methods on how to disable the F8 key before booting up Windows.

The first and widely known method is to hexedit the hidden NTLDR file in the root of the drive where the operating system is installed. Please take note that this method only works on XP and not Vista since Vista no longer has NTLDR. Just follow the steps below on how to do it.

1. Assuming that you installed Windows in C: drive, type this in run attrib -r -s -h -a c:\ntldr
If you installed Windows in D: drive, then change o d:\ntldr

2. Backup ntldr file in C: drive to another name. You can do that by copying and pasting to the same location to get a new file “Copy of ntldr”

3. Download a free portable hex editor, extract and run Hedit.exe

4. Go to File > Open, select C:\ drive on the right hand side and look for ntldr file on the left box. Select the ntldr file and click OK.

5. Scroll down a little and look for the line 00000770 and change the values 0f 85 09 to 90 90 90.
disable F8 in Vista
6. Click File > Save and close Hedit.

7. Type this command in run attrib +r +s +h +a c:\ntldr

You can now restart your computer and both F8 and F5 key no longer works before starting up Windows! This hack totally disable keyboard input so that when you hit F8 or F5 before starting up Windows, there is no effect at all. If you have multiple operating system installed, this method would not be the best choice because you can’t move up or down to select which operating system to boot in to. When you want to boot in to Safe Mode when Windows is unable to start, you can boot up the computer with UBCD, linux live cd or even windows installation disc for recovery console and rename the “Copy of ntldr” file to ntldr. This way you can use the F8 key again.