I am working on implementing something similar (optional) for my Dud Dashboard module.
To enable such a thing, you would need
- To create a small exe to handle the process
- To have users install it
The .exe role would be to:
- Install itself on the client machine
- Register a Custom protocol handler
- Handles requests made to it.
.
From there, anytime someone would click an URL with a link corresponding to the new url protocol handler, the request would be sent to the exe, from which you can do anything you want.
If you wanted to allow running script or launching process, you just have to implement it.
For demonstration purpiose only,
here’s a way to register a new custom URL protocol handler on your machine right now.
You just need to save the code below as a *.reg file than run it to register a protocol called dud that will take any web links that match his protocol and run the following “C:\test\DudLauncher.exe” %1"
With that code and provided you have an exe called DudLauncher.exe at the designed location on your system, clicking the following link dud:dklfsdjklf3k42324 would send that information to your exe. The portion before the semi column is the protocol and after his the actual encrypted command.
Registering a custom URL protocol handler
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\dud]
@="URL: SIP Protocol handler"
"URL Protocol"=""
[HKEY_CLASSES_ROOT\dud\DefaultIcon]
@="C:\\\test\\sc-logo.ico"
[HKEY_CLASSES_ROOT\dud\shell]
[HKEY_CLASSES_ROOT\dud\shell\open]
[HKEY_CLASSES_ROOT\dud\shell\open\command]
@="\"C:\\test\\DudLauncher.exe\" %1"
Vb .net code for the exe :
Private Sub Application_Startup(sender As Object, e As StartupEventArgs) Handles Me.Startup
Dim command As String
If e.Args.Count > 0 Then
If e.Args(0).StartsWith("dud:") Then
Command = Command.Substring(4, Command.Length - 4)
End If
End If
MessageBox.Show(command)
Application.Current.Shutdown()
End Sub
This example just actually display a message box with the command it received but you can do whatever processing you want (ie: open exe / scripts)
If you are familiar with torrents, that is exactly what does the magnet links.
Instead of saving the *.torrent file on your computer then loading it in your client, you click the magnet link, which your client torrent pick up (because it registered itself as a protocol handler) and launch itself with the torrent information loaded in your screen.
Take into consideration when doing this the security aspect of the thing.
If you want to be able to execute processes, run script or other, you should have some procedure in place to ensure that nobody can forge a malicious link by constraining what your handler can do.
On my implementation (work in progress), I implemented an encryption to prevent just any link to be crafted and the exe will need to validate against my server through an api call that the command is authorized.