-
-
Save rvrsh3ll/fa6825664378e9d2226c61b3dd628e37 to your computer and use it in GitHub Desktop.
A PoC in C# to enable WebClient Programmatically
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System.Runtime.InteropServices; | |
| using System; | |
| /* | |
| * Simple C# PoC to enable WebClient Service Programmatically | |
| * Based on the C++ version from @tirannido (James Forshaw) | |
| * Twitter: https://twitter.com/tiraniddo | |
| * URL: https://www.tiraniddo.dev/2015/03/starting-webclient-service.html | |
| * | |
| * Compile with: | |
| * - 32-bit: C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe .\EtwStartWebClient.cs /unsafe | |
| * - 64-bit: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe .\EtwStartWebClient.cs /unsafe | |
| */ | |
| namespace EtwStartWebClient | |
| { | |
| class EtwStartWebClient | |
| { | |
| static void Main(string[] args) | |
| { | |
| if (StartWebClientService()) { | |
| Console.WriteLine("[+] WebClient Service started successfully"); | |
| } | |
| else { | |
| Console.WriteLine("[-] Failed to start WebClient Service"); | |
| } | |
| } | |
| static bool StartWebClientService() | |
| { | |
| Guid _MS_Windows_WebClntLookupServiceTrigger_Provider = new Guid(0x22B6D684, 0xFA63, 0x4578, 0x87, 0xC9, 0xEF, 0xFC, 0xBE, 0x66, 0x43, 0xC7); | |
| Win32.EVENT_DESCRIPTOR eventDescriptor = new Win32.EVENT_DESCRIPTOR(); | |
| ulong regHandle = 0; | |
| Win32.WINERROR winError = Win32.EventRegister( | |
| ref _MS_Windows_WebClntLookupServiceTrigger_Provider, | |
| IntPtr.Zero, | |
| IntPtr.Zero, | |
| ref regHandle | |
| ); | |
| if (winError == ((ulong)Win32.WINERROR.ERROR_SUCCESS)) | |
| { | |
| unsafe { | |
| if (Win32.EventWrite( | |
| regHandle, | |
| ref eventDescriptor, | |
| 0, | |
| null | |
| ) == Win32.WINERROR.ERROR_SUCCESS) { | |
| Win32.EventUnregister(regHandle); | |
| return true; | |
| } | |
| } | |
| } | |
| return false; | |
| } | |
| } | |
| class Win32 | |
| { | |
| public enum WINERROR : ulong { | |
| ERROR_SUCCESS = 0x0, | |
| ERROR_INVALID_PARAMETER = 0x57, | |
| ERROR_INVALID_HANDLE = 0x6, | |
| ERROR_ARITHMETIC_OVERFLOW = 0x216, | |
| ERROR_MORE_DATA = 0xEA, | |
| ERROR_NOT_ENOUGH_MEMORY = 0x8, | |
| STATUS_LOG_FILE_FULL = 0xC0000188, | |
| } | |
| [StructLayout(LayoutKind.Explicit, Size = 16)] | |
| public class EVENT_DESCRIPTOR | |
| { | |
| [FieldOffset(0)] ushort Id = 1; | |
| [FieldOffset(2)] byte Version = 0; | |
| [FieldOffset(3)] byte Channel = 0; | |
| [FieldOffset(4)] byte Level = 4; | |
| [FieldOffset(5)] byte Opcode = 0; | |
| [FieldOffset(6)] ushort Task = 0; | |
| [FieldOffset(8)] long Keyword = 0; | |
| } | |
| [StructLayout(LayoutKind.Explicit, Size = 16)] | |
| public struct EVENT_DATA_DESCRIPTOR | |
| { | |
| [FieldOffset(0)] | |
| internal UInt64 DataPointer; | |
| [FieldOffset(8)] | |
| internal uint Size; | |
| [FieldOffset(12)] | |
| internal int Reserved; | |
| } | |
| [DllImport("Advapi32.dll", SetLastError = true)] | |
| public static extern WINERROR EventRegister(ref Guid guid, [Optional] IntPtr EnableCallback, [Optional] IntPtr CallbackContext, [In][Out] ref ulong RegHandle); | |
| [DllImport("Advapi32.dll", SetLastError = true)] | |
| public static extern unsafe WINERROR EventWrite(ulong RegHandle, ref EVENT_DESCRIPTOR EventDescriptor, uint UserDataCount, EVENT_DATA_DESCRIPTOR* UserData); | |
| [DllImport("Advapi32.dll", SetLastError = true)] | |
| public static extern WINERROR EventUnregister(ulong RegHandle); | |
| } | |
| } |
Done999 is an online gaming application that offers a diverse collection of casino-style entertainment, ranging from classic card games to modern virtual slots. The platform is designed with a user-friendly interface that caters to both beginners and experienced players, emphasizing quick access to various betting rooms. It has gained a reputation for its promotional offers and daily bonuses, which are intended to keep the player base engaged. Like many similar apps in the region, Done999 focuses on providing a seamless mobile experience, allowing users to participate in real-time gaming and wagering from anywhere at any time.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
PK365 Game is a prominent online betting platform that offers a wide array of gaming options, including cricket betting, football wagering, and live dealer casino games. As the name suggests, it aims to provide a "365-day" entertainment cycle, ensuring there is always a live event or a card table available for users to join. The platform is highly regarded for its real-time updates and competitive odds, making it a favorite for sports enthusiasts who also enjoy the thrill of casino gaming. Its robust security protocols and dedicated customer support make it a reliable choice for players seeking a professional-grade gambling environment.