Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Reading the Internet Explorer Protected Mode registry

I'm learning the registry with vbscript on the side. I would like to know would I check the strValuname and dwValue of the internet explorer protected mode feature through the use of vbscript?

I tried searching the registry on the strKeyPath to no avail. I was also not able to find the registry path for

"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableMIC"

I was using windows7 when i couldn't find the above registry location.

Thanks

like image 651
yoshi594 Avatar asked Nov 29 '22 04:11

yoshi594


2 Answers

Here is a small vbs script which disables the protected mode for all four areas:

Const HKEY_CURRENT_USER = &H80000001

strComputer = "."

Set ScriptMe=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _
    strComputer & "\root\default:StdRegProv")

'Disable protected mode for local intranet'
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\"
strValueName = "2500"
dwValue = 1
ScriptMe.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue

'Disable protected mode for trusted pages'
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\"
strValueName = "2500"
dwValue = 3
ScriptMe.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue

'Disable protected mode for internet'
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\"
strValueName = "2500"
dwValue = 3
ScriptMe.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue

'Disable protected mode for restricted sites'
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\"
strValueName = "2500"
dwValue = 3
ScriptMe.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue

Save it to a *.vbs and double click it to run it. From commandline use this command:

cscript.exe PATH_TO_THE_VBS_FILE

Finally if you want to do it manually in the registry with regedit, 0 to enable, 3 to disable, the DWORD with the name 2500 in following folders:

protected mode for local intranet

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\

protected mode for trusted pages

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\

protected mode for internet

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\

protected mode for restricted sites

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\
like image 139
Sven Ruchti Avatar answered Dec 01 '22 19:12

Sven Ruchti


You can do this by reading the '2500' key at

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3

Where 3 means protected mode is disabled and 0 means enabled.

like image 29
Martijn Lentink Avatar answered Dec 01 '22 18:12

Martijn Lentink