Page 1 of 1
Command line to write registry keys bypassing any prompt
Posted: 20 Sep 2020 18:19
by hacxx
I have this code for years that basically takes advantage of Internet Explorer to prompt the user if it wants to execute a ActiveX Object. This Object stealthly write registry keys to the system.
Code: Select all
<script> var exec = 'calc.exe'; var Shell = new ActiveXObject('WScript.Shell'); Shell.RegWrite('HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\calc',exec); </script>
Yesterday while reviewing this forum i got the idea to improve the code above and convert to a mshta command line to be execute on cmd.exe. Basically what i was looking for is a way to write registry keys without using
reg add and bypassing any windows limited rule.
Here is the code that i wrote but it doesn't work. Can anyone spot the error?
Code: Select all
mshta vbscript:(CreateObject("WScript.Shell").RegWrite("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\calc","calc.exe"))(Window.Close)
Thanks
Re: Command line to write registry keys bypassing any prompt
Posted: 21 Sep 2020 11:07
by aGerman
At least you have to escape the comma with a caret because it's a separator for arguments in a command line. And I'm pretty sure the double backslashes are wrong in the VBS syntax. I haven't tested though.
Steffen
Re: Command line to write registry keys bypassing any prompt
Posted: 21 Sep 2020 12:27
by hacxx
The double backslash works in the original code, that's why i was using them. Can you provide with a sample after you test it out.
Thanks
Re: Command line to write registry keys bypassing any prompt
Posted: 21 Sep 2020 13:36
by aGerman
The double backslash works in the original code
The original code is JScript. Your recent code is VBScript. They are not the same thing.
Can you provide with a sample ...
What was wrong with my explanation?
Code: Select all
mshta vbscript:(CreateObject("WScript.Shell").RegWrite("HKCU\Software\Microsoft\Windows\CurrentVersion\Run\calc"^,"calc.exe"))(Window.Close)
... after you test it out.
Testing is your task.
Steffen
Re: Command line to write registry keys bypassing any prompt
Posted: 22 Sep 2020 04:44
by hacxx
aGerman wrote: ↑21 Sep 2020 13:36
Testing is your task.
After initial testing, it didn't work. Syntax error on Char 99.
After reviewing the code i tested again and i spot the error you left on purpose
More info here:
http://raidcommunity.forumup.it/viewtop ... mmunity#72
Re: Command line to write registry keys bypassing any prompt
Posted: 22 Sep 2020 12:13
by aGerman
hacxx wrote: ↑22 Sep 2020 04:44
After initial testing, it didn't work. Syntax error on Char 99.
After reviewing the code i tested again and i spot the error you left on purpose
Tested now and it works out of the box in a cmd shell as well as in a batch file.
FWIW No idea what this should be even good for. A simple REG ADD would have done the job for you, but ... nevermind.
Steffen
Re: Command line to write registry keys bypassing any prompt
Posted: 17 Jul 2021 11:04
by hacxx
The idea was to find a way to write a registry key without admin privileges.
Check my Batches
http://www.cyberlord.at/forum/?id=10589
Re: Command line to write registry keys bypassing any prompt
Posted: 17 Jul 2021 17:21
by aGerman
Registry keys which require elevation can't be updated without admin privileges.
Steffen
(Stop promoting your site in each and every post! Otherwise, I'll ban your account.)