finding the registered URL protocols
来源:互联网 发布:php 上海时区 编辑:程序博客网 时间:2024/06/12 01:25
****************************************************************************************
URIFind is a small tool for finding all of the registered URL protocols in your system,
it is useful for reviewing security vulnerabilities about URL protocols, do you remember
the recent Firefox's "FirefoxURL" command injection vulnerability?:)
Example for using:
URIFind.exe > output.txt
The output file may like follows:
[callto]
rundll32.exe msconf.dll,CallToProtocolHandler %l
[file]
[FirefoxURL]
C:/PROGRA~1/MOZILL~1/FIREFOX.EXE -requestPending -osint -url "%1"
[ftp]
"C:/Program Files/Internet Explorer/iexplore.exe" %1
...
Find 21 URL Protocols
by cocoruder(frankruder_at_hotmail.com), 2007.09
****************************************************************************************/
#include
#include
void main(void)
{
HKEY hKey,hKeyQ,hKeyCmd;
DWORD cbName = MAX_PATH;
TCHAR achKey[MAX_PATH];
DWORD cSubKeys;
FILETIME ftime;
DWORD cbData = MAX_PATH;
DWORD j = 0;
DWORD tp,tp1=0,retVal;
BYTE rData[MAX_PATH],tmpBuff[MAX_PATH];
char szRecvCmdData[1024];
DWORD cbRecvCmdData;
RegOpenKeyEx(HKEY_CLASSES_ROOT, "", 0, KEY_READ, &hKey);
RegQueryInfoKey(
hKey, // key handle
NULL, // buffer for class name
NULL, // size of class string
NULL, // reserved
&cSubKeys, // number of subkeys
NULL, // longest subkey size
NULL, // longest class string
NULL, // number of values for this key
NULL, // longest value name
NULL, // longest value data
NULL, // security descriptor
NULL // last write time
);
DWORD dwAllProtocols=0;
for (j = 0; j
{
cbName=MAX_PATH;
achKey[0] = '/0';
memset(achKey,0,sizeof(achKey));
RegEnumKeyEx(hKey,
j,
achKey,
&cbName,
NULL,
NULL,
NULL,
&ftime);
if (achKey[0]==0x00)
{
continue;
}
RegOpenKeyEx(HKEY_CLASSES_ROOT, achKey, 0, KEY_QUERY_VALUE, &hKeyQ );
cbData = MAX_PATH;
memset(rData,0,sizeof(rData));
retVal=RegQueryValueEx(hKeyQ,"URL Protocol",NULL,&tp,rData,&cbData );
if (retVal == ERROR_SUCCESS)
{
sprintf((char *)tmpBuff,"%s//shell//open//command",achKey);
//get the command line
RegOpenKeyEx(HKEY_CLASSES_ROOT, (char *)tmpBuff, 0, KEY_QUERY_VALUE, &hKeyCmd);
memset(szRecvCmdData,0,sizeof(szRecvCmdData));
cbRecvCmdData=sizeof(szRecvCmdData);
retVal=RegQueryValueEx(hKeyCmd,NULL,NULL,&tp1,(unsigned char *)szRecvCmdData,&cbRecvCmdData);
printf("[%s]/n%s/n/n",achKey,szRecvCmdData);
dwAllProtocols++;
RegCloseKey(hKeyCmd);
}
RegCloseKey(hKeyQ);
}
RegCloseKey(hKey);
printf("/nFind %d URL Protocols",dwAllProtocols);
}
URIFind is a small tool for finding all of the registered URL protocols in your system,
it is useful for reviewing security vulnerabilities about URL protocols, do you remember
the recent Firefox's "FirefoxURL" command injection vulnerability?:)
Example for using:
URIFind.exe > output.txt
The output file may like follows:
[callto]
rundll32.exe msconf.dll,CallToProtocolHandler %l
[file]
[FirefoxURL]
C:/PROGRA~1/MOZILL~1/FIREFOX.EXE -requestPending -osint -url "%1"
[ftp]
"C:/Program Files/Internet Explorer/iexplore.exe" %1
...
Find 21 URL Protocols
by cocoruder(frankruder_at_hotmail.com), 2007.09
****************************************************************************************/
#include
#include
void main(void)
{
HKEY hKey,hKeyQ,hKeyCmd;
DWORD cbName = MAX_PATH;
TCHAR achKey[MAX_PATH];
DWORD cSubKeys;
FILETIME ftime;
DWORD cbData = MAX_PATH;
DWORD j = 0;
DWORD tp,tp1=0,retVal;
BYTE rData[MAX_PATH],tmpBuff[MAX_PATH];
char szRecvCmdData[1024];
DWORD cbRecvCmdData;
RegOpenKeyEx(HKEY_CLASSES_ROOT, "", 0, KEY_READ, &hKey);
RegQueryInfoKey(
hKey, // key handle
NULL, // buffer for class name
NULL, // size of class string
NULL, // reserved
&cSubKeys, // number of subkeys
NULL, // longest subkey size
NULL, // longest class string
NULL, // number of values for this key
NULL, // longest value name
NULL, // longest value data
NULL, // security descriptor
NULL // last write time
);
DWORD dwAllProtocols=0;
for (j = 0; j
{
cbName=MAX_PATH;
achKey[0] = '/0';
memset(achKey,0,sizeof(achKey));
RegEnumKeyEx(hKey,
j,
achKey,
&cbName,
NULL,
NULL,
NULL,
&ftime);
if (achKey[0]==0x00)
{
continue;
}
RegOpenKeyEx(HKEY_CLASSES_ROOT, achKey, 0, KEY_QUERY_VALUE, &hKeyQ );
cbData = MAX_PATH;
memset(rData,0,sizeof(rData));
retVal=RegQueryValueEx(hKeyQ,"URL Protocol",NULL,&tp,rData,&cbData );
if (retVal == ERROR_SUCCESS)
{
sprintf((char *)tmpBuff,"%s//shell//open//command",achKey);
//get the command line
RegOpenKeyEx(HKEY_CLASSES_ROOT, (char *)tmpBuff, 0, KEY_QUERY_VALUE, &hKeyCmd);
memset(szRecvCmdData,0,sizeof(szRecvCmdData));
cbRecvCmdData=sizeof(szRecvCmdData);
retVal=RegQueryValueEx(hKeyCmd,NULL,NULL,&tp1,(unsigned char *)szRecvCmdData,&cbRecvCmdData);
printf("[%s]/n%s/n/n",achKey,szRecvCmdData);
dwAllProtocols++;
RegCloseKey(hKeyCmd);
}
RegCloseKey(hKeyQ);
}
RegCloseKey(hKey);
printf("/nFind %d URL Protocols",dwAllProtocols);
}
- finding the registered URL protocols
- The protocols - Python
- Using the Basic Internet Protocols
- Finding a Custom Object Id (01I…) to get the Setup page URL
- POJ3681-Finding the Rectangle
- Protocols
- Finding the longest Increasing subsequence
- what is the WIFI protocols set?
- RFC3117 - On the Design of Application Protocols
- 《TCP/IP Illustrated Volume 1:The Protocols》
- Android中的Webview加载URL支持其他协议Protocols
- <The Design Philosophy of the DARPA Internet Protocols>读后感
- 简译The Design Philosophy of the DARPA Internet Protocols
- BUG:The channel 'tcp' is already registered.
- The system is not registered with rhn
- The Value of Forums - Finding Forums
- Finding SQL Servers on the Network
- Finding crash information using the MAP file
- 两正点电荷产生电场线
- Checked Exception与Runtime Exception 的区别
- 创业
- 通用磁盘格式文件系统研究
- 信息安全的职业生涯
- finding the registered URL protocols
- 泡泡屏保
- 使用 Oracle Instead of 触发器
- RPM安装的总结
- 示波器小动画
- 网上银行如何防盗成关键
- 请教问题:关于网络--关于一根网线有两个静态IP
- 各位老大请帮我解决一个问题 谢谢
- 关于TS流的解析