What is a LOLBIN? Does it need to be signed?<\/p>\n\n\n\n
These questions are not important really. If you can find a clean executable and make it run another program then it is already a… lolwin.<\/p>\n\n\n\n
The unsigned SetupProxy.exe<\/em> program does exactly that. All you have to do is to provide a setup.ini <\/em>file that the setup program expects to see. Inside this .ini<\/em> file you have to specify what programs to run for 32- and 64- bit systems e.g.:<\/p>\n\n\n\n [SETUP] You need to use a directory traversal trick as the program expects paths relative to the one it is ran from.<\/p>\n\n\n\n That’s it really.<\/p>\n\n\n\n Okay, one more thing… the program stores a verbose info about the setup progress inside a %TEMP%\\LxProxy.log<\/em> file:<\/p>\n\n\n\n \/———————————————————————–\\ Sample:<\/p>\n\n\n\n 1DFFF3F5934AB61C861620CF2C6BC81FF8AF9A1E5F6A3D31B3315F8BE8BC3360<\/p>\n","protected":false},"excerpt":{"rendered":" What is a LOLBIN? Does it need to be signed? These questions are not important really. If you can find a clean executable and make it run another program then it is already a… lolwin. The unsigned SetupProxy.exe program does … Continue reading
InstallPath=..\\..\\windows\\system32\\notepad.exe
InstallPath64=..\\..\\windows\\system32\\notepad.exe<\/p><\/blockquote>\n\n\n\n
| Friday, September 06, 2019 14:31:42
| Setup.exe
| Version:
|
| SetupProxy: to Launch Install GUI.
———————————————————————–\/
OSInfo::initialize: invalid NT version (major: 6, minor 1)
SetupProxy::read registry for the language: Software\\inkjet\\install
SetupProxy::language from the regstry:
OSInfo::initialize: invalid NT version (major: 6, minor 1)
SetupProxy:: the setup.ini exists; Launch InstallGUI: C:\\foo\\bar….\\windows\\system32\\notepad.exe
Finished SetupProxy : Friday, September 06, 2019 14:31:44<\/p><\/blockquote>\n\n\n\n