What's the format of the DefaultConnectionSettings value in the Windows registry?

Solution 4

Just want to expand upon Zain Ali's answer (as an answer, since I don't have enough reputation points to comment), and of Course, thank Zain for posting the information that they did as it helped me greatly when I was trying to figure the rest out.

Number 8 is a little more complicated than just showing that the proxy is disabled or not. It also sets two other checkboxes in the settings.

Setting number 8 to "01" unchecks the box to enable the proxy, and unchecks the box to "Automatically Detect Settings" and the box to use a script.

Setting number 8 to "0f" however enables everything.

To be clear, this 8th byte is basically setting flags. The least significant bit of the byte is always a "1" so far as i can tell. The second least significant bit is "1" if the manual proxy settings checkbox is checked. The 3rd least significant bit is a "1" if the box for using a script is checked and you provide an address for the script. The 4th least significant bit is to set the checkbox "Automatically Detect Settings" (basically, setting these bits to 1 checks the box, and 0 unchecks them)

I have gone for setting it to "03" which enables only the manual proxy

Also, "Other stuff with unknown length" doesn't seem to be correct as the length is known. Stuff after that is being referred to is the exception list for the proxy delimited by a semi-colon. The length of this list is the byte right after the "proxyserver:port". That, combined withe the 3 "00"s of padding accounts for the difference of 4 bytes that was mentioned as being different depending on what else you had.

0.  keep this value
1.  "00" placeholder
2.  "00" placeholder
3.  "00" placeholder
4.  "xx" increments if changed
5.  "xx" increments if 4. is "FF"
6.  "00" placeholder
7.  "00" placeholder
8.  "03"=enable proxy, enable auto detect settings, auto script etc
9.  "00" placeholder
10. "00" placeholder
11. "00" placeholder
12. "xx" length of "proxyserver:port"
13. "00" placeholder
14. "00" placeholder
15. "00" placeholder
"proxyserver:port"
    "xx" length of proxy exception list
    "00" placeholder
    "00" placeholder
    "00" placeholder
Proxy Exception list delimited by semi-colons (use "<local>" to exclude local addresses)
36 times "00"

I have spent quite some time trying to figure this all out so hopefully I haven't missed something.

I have made a batch script where you can give it the proxy server and port, along with your list of exceptions and it will automatically create the binary code and stick it into the registry where it needs to be (assuming that the 8th byte is "03").

It would be trivial to change the code to just print out the binary instead by just replacing the whole "reg add" line with "echo %data%".

Also note that the script i have provided below is changing the HKLM key as I was using the script to set a machine-wide proxy in conjunction with GPOs. Changing to HKCU instead should fix that.

That can be found here (if you are good with batch, feel free to make the script better as I am not greatly familiar with it and I think it will probably show in the code): https://gist.github.com/hallzy/b7dfba5f71c0251f1139f8c531cd7817

Solution 5

Steven Hall and Zain Ali's answers are really good, but they are not accurate.

I tried my best to get it as accurate as I can, but as you know with reverse engineering an API which has no documentation of, there could be mistakes:

1. 46
2. 00
3. 00
4. 00

5. Increments when you click the OK button on Lan Settings window
6. Inc overflow of 5
7. Inc overflow of 6
8. Inc overflow of 7

9. Toggle proxy* (This can have different values, read below)
10. 00
11. 00
12. 00

13. Length of server addresses and ports
14. Inc overflow of the length of server addresses and ports
15. Inc overflow of the length of server addresses and ports of above
16. Inc overflow of the length of server addresses and ports of above
17. Server addresses and ports (Omitted if length was 0)

??. Length of Exception addresses / Bypass local
??. Inc overflow of the length of Exception addresses / Bypass local
??. Inc overflow of the length of Exception addresses / Bypass local of above
??. Inc overflow of the length of Exception addresses / Bypass local of above
??. Exception addresses / Bypass local (Omitted if length was 0)

??. Length of Automatic Configuration Script Address and port
??. Inc overflow of the Length of Automatic Configuration Script Address and port
??. Inc overflow of the Length of Automatic Configuration Script Address and port of above
??. Inc overflow of the Length of Automatic Configuration Script Address and port of above
??. Automatic Configuration Script Address and port (Omitted if length was 0)

??. Mysterious 01: It only appears when: Automatically detect settings should be off and settings applied, now tick both Auto detect settings and auto config address (doesn't matter if it's empty). There's no way to get rid of this 01.
??. 31 00's at the end

Proxy toggle binary: Depending on what the value is, it could toggle the Proxy server, the Automatically detect settings and the Use automatic configuration script tick boxes.

Disabled
1
5 autoconf
9 autodetect
4 autoconf
8 autodetect
0c (12) autoconf, autodetect
0d (13) autoconf, autodetect

Enabled
2
3
6 autoconf
7 autoconf
0a (10) autodetect
0b (11) autodetect
0e (14) autoconf, autodetect
0f (15) autoconf, autodetect

I went about figuring out all of this because I'm making a proxy manager AHK script on Github, once it's done I'll share the link here so you can use. And if I figure out what the rest of those 00's are, or any other finding, I'll update this answer.