JCBuck/WindowsDiscoveries.md

## WindowsDiscoveries.md

      
    Raw
  

              WindowsDiscoveries.md
            
          
    connect.dll CLSID GUID symbols (some may be used for xwizard.exe RunWizard [GUID] )
(10.0.14393.0)
00007FFF0C1FE398  Export  CLSID_ConnectToInternetCreationHookPage           {7071ECA5-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE3A8  Export  CLSID_ConnectToInternetFinishPage                 {7071ECAF-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE3B8  Export  CLSID_ConnectToInternetDetectionHookPage          {7071ECA3-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE3C8  Export  CLSID_ConnectToInternetHookPage                   {7071ECA8-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE3D8  Export  CLSID_DisplayWorkExistingConnectionsPage          {7071EC62-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE3E8  Export  CLSID_NetworkTasksHost                            {7071ECFA-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE3F8  Export  CLSID_ConnectToWorkExistingConnectionsPage        {7071ECB4-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE408  Export  CLSID_CreateVPNTask                               {7071EC75-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE418  Export  CLSID_ConnectToNetworkTask                        {7071ECE0-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE428  Export  CLSID_ConnectToWorkCreationHookPage               {7071ECB5-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE438  Export  CLSID_CreateDialupTask                            {7071EC71-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE448  Export  CLSID_BuildConnectionsOptionsPage                 {7071EC01-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE458  Export  CLSID_ConnectToWorkHookPage                       {7071ECB8-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE468  Export  CLSID_ISPConfirmPage                              {7071EC32-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE478  Export  CLSID_HandleDiagnosticsPage                       {7071EC07-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE488  Export  CLSID_ISPCDPage                                   {7071EC33-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE498  Export  CLSID_MessagePage                                 {7071ECF1-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE4A8  Export  CLSID_ISPOffersPage                               {7071EC31-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE4B8  Export  CLSID_ConnectToWorkDetectionHookPage              {7071ECB3-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE4C8  Export  CLSID_ConnectToWorkTask                           {7071ECB0-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE4D8  Export  CLSID_DisplayInternetExistingConnectionsPage      {7071EC61-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE4E8  Export  CLSID_ConnectToInternetTask                       {7071ECA0-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE4F8  Export  CLSID_ConnectToWorkFinishPage                     {7071ECBF-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE508  Export  CLSID_ConnectToWorkTestingHookPage                {7071ECB7-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE518  Export  CLSID_DisplayConnectionOptionsPage                {7071EC05-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE528  Export  CLSID_ConnectToInternetDiagnosticsHookPage        {7071ECA9-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE538  Export  CLSID_ConnectToWorkConnectToInternetPage          {7071EC13-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE548  Export  CLSID_ConnectToNetworkPage                        {7071ECE5-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C1FE558  Export  CLSID_ConnectToInternetTestingHookPage            {7071ECA7-663B-4BC1-A1FA-B97F3B917C55}
00007FFF0C208918  Export  CLSID_StdGlobalInterfaceTable                     {00000323-0000-0000-C000-000000000046}
00007FFF0C209460  Export  CLSID_WcnTaskGcw                                  {D1A42999-0ADF-11DA-B070-0011856571DE}
00007FFF0C209470  Export  CLSID_InfraCreateTask                             {6DB29A9B-10D0-4B93-B86A-188FC998EFF8}
00007FFF0C209E40  Export  CLSID_CXWizard                                    {777BA87C-2498-4875-933A-3067DE883070}
00007FFF0C209E70  Export  CLSID_ConnectionManager                           {BA126AD1-2166-11D1-B1D0-00805FC1270E}
00007FFF0C209ED0  Export  CLSID_NetworkListManager                          {DCB00C01-570F-4A9B-8D69-199FDBA5723B}
00007FFF0C209F20  Export  CLSID_DOMDocument60                               {88D96A05-F192-11D4-A65F-0040963251E5}
00007FFF0C209F90  Export  CLSID_AppVisibility                               {7E5FE3D9-985F-4908-91F9-EE19F9FD1514}
Discovered through a x64dbg session (control /name Microsoft.NetworkAndSharingCenter, clicked on Set up a new connection or network breakpoints on CreateThread and dllentry to find CLSID_CXWizard on the stack randomly with occurences to CoCreateInstance and XWizards.dll)

There are ways of automating searching for this...
To connect to wireless
Wireless: xwizard RunWizard {6DB29A9B-10D0-4B93-B86A-188FC998EFF8}
Internet Options
Connect to the Internet: %windir%\system32\xwizard.exe RunWizard {7071ECA0-663B-4bc1-A1FA-B97F3B917C55}

Network and Sharing Center
Windows Network Diagnostics: %windir%\system32\Rundll32.exe ndfapi,NdfRunDllDiagnoseIncident
Create a Dial-Up Connection: %windir%\system32\xwizard.exe RunWizard {7071EC71-663B-4bc1-A1FA-B97F3B917C55}
Create a VPN Connection: %windir%\system32\xwizard.exe RunWizard {7071EC75-663B-4bc1-A1FA-B97F3B917C55}
Set Up a Connection or Network: %windir%\system32\xwizard.exe RunWizard {7071ECE0-663B-4bc1-A1FA-B97F3B917C55}
Create a Broadband Connection: %windir%\system32\xwizard.exe RunWizard {C03E8585-781E-49a1-8190-CE902D0B2CE7}
View Network Connections: %windir%\system32\control.exe netconnections
from here
http://wiki.robotz.com/index.php/Talk:Windows_Control_Panel_Applet_Commands
connect to wireless via wlanapi.dll http://www.pinvoke.net/default.aspx/wlanapi.WlanConnect