Yes, already completed all requests - only one thing missing - tightvnc writes keys under the HKEY_USERS - what is the equivalent under PE?
Regshot 1.7
Datetime:2007/7/18 22:45:05 , 2007/7/18 22:45:21
Computer:RG2-ADMIN , RG2-ADMIN
Username: ,
----------------------------------
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed"=hex(3):AB,AA,50,EB,78,5E,19,CE,2D,58,A9,A5,24,C0,B9,3A,A5,00,E7,3E,B7,20,\
60,4E,1D,27,3B,59,9C,E8,C8,B7,50,C9,F8,9A,AC,40,AC,E8,3F,73,66,BB,B9,FC,16,CA,\
3E,C0,D2,D2,CF,C5,84,94,5E,19,08,47,BE,0B,F6,C8,92,7B,F6,F7,A9,9D,88,12,49,8A,\
0A,B0,E7,C5,6C,2C
[HKEY_USERS\S-1-5-21-1957994488-725345543-839522115-500\Software\ORL\WinVNC3]
"Password"=hex(3):49,40,15,F9,A3,5E,8B,22
"PasswordViewOnly"=hex(3):49,40,15,F9,A3,5E,8B,22
[HKEY_USERS\S-1-5-21-1957994488-725345543-839522115-500\SessionInformation]
"ProgramCount"=dword:00000004
----------------------------------
Values modified:4
----------------------------------
----------------------------------
Total changes:4
----------------------------------
Regshot outputed these values and they match the crypted key - I'm also not sure if this HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG key is also needed to be added.
Added a small custom exe to process the output from the decription tool and write the value back inside the script, the result looks a bit messy but works - guess it would be easier to pick the source code and let this custom exe do all work by itself to keep things clean.
Only missing to add the registry values and autostart.