' ------------------------------------------------------------------------- ' Bestand : FlexSpoofLOGON.vbs ' ---------- ' ' Doel : Profile Spoofing ' ' Werking : Profile State wordt op DWORD waarde 256 gezet. Windows denkt daarmee dat het gaat om een roaming profile ' en personal certificaten kunnen worden gebruikt. ' ' Afhankelijkheden : ' ' Versiebeheer ' ============ ' Datum Versie Door Wijziging ' ------------------------------------------------------------------------- ' 4:25 PM 3/3/2006. 0.1 S.Huijgen Initiele versie ' ' ------------------------------------------------------------------------- On Error Resume Next Set WshShell = WScript.CreateObject("WScript.Shell") Set wshNetwork = WScript.CreateObject("WScript.Network") Set ObjEnv = WshShell.Environment("Process") Set WshArgs = WScript.Arguments Set ObjFSO = CreateObject("Scripting.FileSystemObject") Set ObjADinfo = createobject("ADSystemInfo") strUserAdPath = ObjADinfo.userName Set objADObject = GetObject("LDAP://" & strUserAdPath) tempsid = objADobject.objectsid hexsid = OctetToHexStr(tempsid) decsid = HexStrToDecStr(hexsid) Set RegExObject = New RegExp With RegExObject .Pattern = "%.+%" .IgnoreCase = True .Global = True End With OnOff = WshArgs.Item(0) 'Flex_Config = WshArgs.Item(1) Frameworkini = WshArgs.Item(2) Temp = ObjEnv("TEMP") UserDnsDomain = ObjEnv("USERDNSDOMAIN") HomeDrive = ObjEnv("HOMEDRIVE") HomePath = ObjEnv("HOMEPATH") USERDOMAIN = ObjEnv("USERDOMAIN") COMPUTERNAME = ObjEnv("COMPUTERNAME") UserProfile = ObjEnv("USERPROFILE") TS_EXE = ObjEnv("TS_EXE") WshShell.RegWrite "HKLM\Software\Microsoft\Windows NT\Currentversion\Profilelist\" & decsid & "\STATE",256,"REG_DWORD" '------------------------------------------------------------------------------------------------- '------------------------------------------Functions---------------------------------------------- '------------------------------------------------------------------------------------------------- Function OctetToHexStr(arrbytOctet) ' Function to convert OctetString (byte array) to Hex string. dim st Dim k OctetToHexStr = "" For k = 1 To Lenb(arrbytOctet) OctetToHexStr = OctetToHexStr _ & Right("0" & Hex(Ascb(Midb(arrbytOctet, k, 1))), 2) Next End Function Function HexStrToDecStr(strSid) Dim arrbytSid, lngTemp, j ReDim arrbytSid(Len(strSid)/2 - 1) For j = 0 To UBound(arrbytSid) arrbytSid(j) = CInt("&H" & Mid(strSid, 2*j + 1, 2)) Next HexStrToDecStr = "S-" & arrbytSid(0) & "-" _ & arrbytSid(1) & "-" & arrbytSid(8) lngTemp = arrbytSid(15) lngTemp = lngTemp * 256 + arrbytSid(14) lngTemp = lngTemp * 256 + arrbytSid(13) lngTemp = lngTemp * 256 + arrbytSid(12) HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp) lngTemp = arrbytSid(19) lngTemp = lngTemp * 256 + arrbytSid(18) lngTemp = lngTemp * 256 + arrbytSid(17) lngTemp = lngTemp * 256 + arrbytSid(16) HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp) lngTemp = arrbytSid(23) lngTemp = lngTemp * 256 + arrbytSid(22) lngTemp = lngTemp * 256 + arrbytSid(21) lngTemp = lngTemp * 256 + arrbytSid(20) HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp) lngTemp = arrbytSid(27) lngTemp = lngTemp * 256 + arrbytSid(26) lngTemp = lngTemp * 256 + arrbytSid(25) lngTemp = lngTemp * 256 + arrbytSid(24) HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp) End Function