 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 322
 Members: 0
 Total: 322
|
|
|
|
|
|
Full disclosure |
|
CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS
apis.google.com - Insecure redirect via __lu parameter(exploited in the wild)
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal
[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files
CVE-2025-59397 - Open Web Analytics SQL Injection
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11
Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow
|
|
|
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
Protocol handler? |
|
 Posted: Mon Feb 02, 2009 5:06 pm |
 |
|
| UXo |
| Beginner |
 |
|
| Joined: Feb 02, 2009 |
| Posts: 4 |
|
|
|
 |
|
 |
|
| Hi waraxe , Im wondering how I can find the URL/Protocol handling, like on chrome *chromehtml:* , so I need to find the Protocol Handler of antoher prog? |
|
|
|
|
|
|
|
|
| Posted: Mon Feb 02, 2009 9:35 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
URI handlers are located in registry. You can commit manual search for "URL Protocol" or use this vbs script:
http://erik.cabetas.com/stuff/lameware/DUH.vbs
| Code: |
' Dump URL Handlers (DUH! v1) Tested on win2k and winXP should work on other windows as well
' enumerates all the URL handlers registed on the system, by Erik Cabetas March 2007
'
' You should run this command once and never again!
' cscript.exe //H:CScript
'
' Now run this command to execute the script, you can run it multiple times
' cscript.exe //Nologo DUH.vbs
'
' Change the Const delim to be some sort of delimter, default is tab
' Then import the output into Openoffice or Excel for a nice data view
'
' satebackire
On Error Resume Next
Const HKCR = &H80000000
Dim wsh
Dim comment
Dim command
Dim isHandler
Const delim = &H09
Set wsh = WScript.CreateObject("WScript.Shell")
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
ret = oReg.EnumKey(HKCR, "/", arrSubKeys)
if ret<>0 Then
ret = oReg.EnumKey(HKCR, "", arrSubKeys)
end if
if ret=0 and IsArray(arrSubKeys) Then
For Each subkey In arrSubKeys
isHandler = wsh.RegRead("HKCR\" & subkey & "\URL Protocol")
if Err=0 Then
comment = wsh.RegRead("HKCR\" & subkey & "\")
command = wsh.RegRead("HKCR\" & subkey & "\shell\open\command\")
Wscript.Echo subkey & Chr(delim) & comment & Chr(delim) & command
else
Err = 0
end if
Next
else
WScript.Echo "Something got messed up ret=" & ret & " err=" & Err & " " & IsArray(arrSubKeys)
WScript.Echo "Look for the ret code in winerror.h and debug the problem yourself"
WScript.Echo "or you can try and run it again...sometimes it does not work correctly on the first run"
end if
|
|
|
|
|
|
|
|
Re: Protocol handler? |
|
| Posted: Fri Feb 06, 2009 2:13 am |
|
|
| johnnycannuk |
| Beginner |
|
|
| Joined: Feb 02, 2009 |
| Posts: 3 |
|
|
|
|
|
|
|
| UXo wrote: | | Hi waraxe , Im wondering how I can find the URL/Protocol handling, like on chrome *chromehtml:* , so I need to find the Protocol Handler of antoher prog? |
UXo,
Checkout this:
http://msdn.microsoft.com/en-us/library/aa767914(VS.85).aspx
It give an overview of how URL and URI protocol handlers are registered.
And as waraxe's script indicates, all the handlers are in HKEY_CLASSES_ROOT
Checkout HKEY_CLASSES_ROOT\ftp or HKEY_CLASSES_ROOT\http to see how they work. Then you can look for your particular handler.
(thanks to waraxe, I was looking at this because I didn't have the chromehtml: URI handler on my system to the exploit didn't work.) |
|
|
|
|
|
www.waraxe.us Forum Index -> All other security holes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
