EDUCATIONAL PURPOSES ONLY
I first posted ESN changer script way back 2009 (Filhacks) basically it connects though telnet and using "SendKeys" to
simulate keyboard strokes, i've incorporated this with my Canopy Tools but im using TCP connections to connect to port 23
I will give you tips on how you can make your own 1 click VBscript using COM and WMI calls basically the steps depends on you, this can be also use with other network devices like changing MAC address of your Wi-max devices.
so let's start.
1. Check SM Canopy Availability
this code will check if SM is up by using ping.
Dim oShell, strPing, strHost, Pong
' Ip of canopy SM
strHost = "169.254.1.1"
' creates object
Set oShell = CreateObject("WScript.Shell")
' set a variable with ping command and concatenate with strHost.
strPing = "ping -n 1 -w 200 " & strHost
' run the command
Pong = oShell.Run(strPing, 0, True)
If Pong = 0 Then
' this is where you put your code
MsgBox("Host available")
Else
MsgBox("Host not available")
End If
2. Change ESN
Connect using Telnet - we will use "SendKeys" to simulate key strokes.
we create an Object
Set oShell = CreateObject("WScript.Shell")
oShell.run"cmd.exe"
' you can adjust the sleep value to your liking
WScript.Sleep 500
' Telnet the given IP
oShell.SendKeys "telnet 169.254.1.1"
' (~) same as clicking the enter key
oShell.SendKeys "~"
WScript.Sleep 1000
' we supply a username
oShell.SendKeys "USERNAME"
oShell.SendKeys "~"
WScript.Sleep 500
' we supply a Password
oShell.SendKeys "PASSWORD"
oShell.SendKeys "~"
' we then send the mac command
oShell.SendKeys "mac XX:XX:XX"
oShell.SendKeys "~"
WScript.Sleep 500
oShell.SendKeys "exit"
oShell.SendKeys "~"
The only downside of this if the cmd window lose focus then it won't work since "Sendkeys" can only send keystrokes
if the windows is active or in focus.
3. Logging On
Log-on to canopy page using a hidden internet explorer instance to enable Aim-On then Aim-Off. i like this better than "Rescan AP".
' creates IE instance
Set objIE = CreateObject("InternetExplorer.Application")
' you can change value to "true" to show IE window.
objIE.Visible = false
you can use
objIE.document.getElementByID("CanopyUsername").value = "USERNAME"
objIE.document.getElementByID("CanopyPassword").value = "PASSWORD"
objIE.document.getElementByID("Ok").click()
but this one is better
' we navigate using login.cgi shortcut to supply username and password.
objIE.navigate "http://169.254.1.1/login.cgi?CanopyUsername=USERNAME&CanopyPassword=PASSWORD"
or
http://169.254.1.1/login.cgi?CanopyUsername=USERNAME&CanopyPassword=PASSWORD&webguisubmit=submit&login=Ok' we will wait till it loads with this loop.
While objIE.Busy
WScript.Sleep 1000
Wend
' navigates to the Tools > Alignment Tab to enable and then disable Aiming.
' enabling aiming mode will disconnect you from AP
' you can use
objIE.navigate "http://169.254.1.1/main.cgi?mac_esn=0a003exxxxxx&catindex=3&pageindex=1"
WScript.Sleep 2000
objIE.document.getElementByID("AimOn").click()
WScript.Sleep 2000
objIE.document.getElementByID("AimOff").click()
but then again this one is better
' enabling Aiming
objIE.navigate "http://169.254.1.1/himom.cgi?AimOn=Enable&webguisubmit=submit"
WScript.Sleep 2000
' disable Aiming
objIE.navigate "http://169.254.1.1/himom.cgi?AimOff=Disable&webguisubmit=submit"
While objIE.Busy
WScript.Sleep 1000
Wend
4. Change NIC MAC address
using WMI Win32_NetworkAdapter and Registry provider for registry writing , you can also use WshShell "Regwrite" method.
Set objGet = GetObject("winmgmts:\\" & "." & "\root\cimv2")
' we set a variable supply with "Local Area Connection", depends on what's your NetConnectionID.
NetID = "Local Area Connection"
' we query the object using simple WQL to return the NIC with the same Net Connnection ID.
set objArray = objGet.ExecQuery _
("Select * from Win32_NetworkAdapter where NetConnectionID = """ & NetID & """")
' loop through collections
For Each objItem in objArray
' strIndex variable to store the Index of NIC since we need to identify which index to modify.
strIndex = objItem.Index
Next
const HKEY_LOCAL_MACHINE = &H80000002
' this registry key is where we edit our MAC.
strKeyPath = "SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}"
' we call registry provider which located at \root\default, FYI: \root\cimv2 is the default namespace.
Set objReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & "." & "\root\default:StdRegProv")
' we set a variable and this is where we supply our MAC address.
strMAC = "XXXXXXXXXXXX"
' we will check the length of the index
if Len(strIndex) = 1 Then
Index = "\000 & strIndex
Else
Index = "\00 & strIndex
End if
' writes the registry and we will concatenate Index variable with strKeypath.
objReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath & Index,"NetworkAddress",strMAC
5. Reboot NIC
our MAC address will not reflect until we reboot our NIC, if you're using Vista or Win7 it's much easier to code
since we can just call WMI Win32_NetworkAdapter Enable/Disable method
WIN7
set objGet = GetObject("winmgmts:\\" & "." & "\root\cimv2")
' we query using WQL and we need the strIndex variable from previous code to identify w/c NIC to Toggle
set objToggle = objGet.ExecQuery("Select * From Win32_NetworkAdapter Where Index = """ & strIndex & """")
For each objItem in objToggle
' invokes the Disable method
objItem.Disable
Wscript.Sleep 1000
' invokes the Enable method
objItem.Enable
Next
in XP we cannot use the same method since it's not available in this OS version. we will use Invoke Verbs to enable/disable the
NIC, you can use Function procedure with the reboot toggle code.
XP
Function RebootNIC ()
set objShell = CreateObject("Shell.Application")
set objFolder = objShell.Namespace(3)
For Each objFolderItem in objFolder.items
if objFolderItem.name = "Network Connections" then
set objfolderNC = objFolderItem.getfolder
Exit For
End if
Next
For Each objFolderItem in objfolderNC.items
' we need the NetID variable from previous code to know w/c ID to reboot
If Instr(objFolderItem.name,NetID) Then
set objfolLAC = objFolderItem
Exit For
End if
Next
For Each objVerb in objfolLAC.verbs
' the downside of this if you're using non-english windows XP verb name is different and this won't work.
if objVerb.name = "Disa&ble" then
' Invoke DoIt method
objVerb.DoIt
' return value to the function you can use the value to call the function again on your code
' please refer to my MAC address Vbscript code on how i used it.
RebootNIC = "En&able"
Exit for
End if
if objVerb.name = "En&able" then
objVerb.DoIt
Exit for
End if
Next
wscript.sleep 2000
End Function
6. Release/Renew DHCP Lease
you can also use Ipconfig to release/renew
Set objGet = GetObject("winmgmts:\\" & "." & "\root\cimv2")
' we need strIndex variable form previous code.
Set objNetArray = objGet.ExecQuery _
("Select * from Win32_NetworkAdapterConfiguration where Index = """ & strIndex & """")
For Each objNetAdapter in objNetArray
' will release DHCP lease
objNetAdapter.ReleaseDHCPLease
wscript.sleep 500
' will renew DHCP lease
objNetAdapter.RenewDHCPLease
Next
These samples does not include error checking code so it's up to you code the error checking procedures, my version is
a little complicated you just click on it even without an ESN+MAC, it will do the fetching via BTBL but i'm afraid i won't release
it... but who knows maybe one day :)
NOTE: please be responsible and do not in anyway tinker with the AP or CMM without a single know how.
Enjoy!
7 comments:
this is great man keep up the good work but im am bothered if how you made this code into exe file can you gave us an idea how to do it.
well you can convert vbs to exe, google "vbs to exe" :)
it mean a lot for us master assasin slmat s sagot mo appreciated.
salamat mr. asasin. at na update ko mga vbs ko d2.
Thanks a lot for sharing these script codes and for the explanation. More power!!
maraming salamat boss A ...
ito mga master gamit ko bigay ng sang master sakin nun
http://www.4shared.com/file/BLLHm-2G/Abyssmedia-ScriptCryptor-Compi.htm
@Assasin
or use visual studio (VB) and compile to make it executable.
Post a Comment