So CAPICOM was one of the project I was responsible for while at Microsoft, its been discontinued but I always find it useful – it is kind of a Swiss Army knife for CryptoAPI certificate stores when paired with its VBS samples.
One of it’s problems is we never shipped with x64 bit version, you can do similar things with PowerShell and the .NET classes (this is why it was discontinued) but I still find this the quickest way to do stuff sometimes so I keep it in my toolbelt.
Here is what you need to know to make it work:
- Windows can run 32bit things in 64bit environments.
- You cannot have a 64bit thing call a 32bit thing.
- Windows ships a 32bit cmd prompt.
- Windows ships a 32bit regsrv32.
To use CAPICOM you need to:
- Download CAPICOM – http://www.microsoft.com/en-us/download/details.aspx?id=25281
- Install CAPICOM
- Register CAPICOM
- Open an administrative command prompt
- cd to “C:\Program Files (x86)\Microsoft CAPICOM 18.104.22.168 SDK\Lib\X86”
- copy CAPICOM.DLL %windir%\syswow64
- %windir%\syswow64\regsvr32.exe %windir%\syswow64\capicom.dll
- “exit” the command prompt
So what can you do? There are lots of things, tonight I used it to enumerate the extensions included in a PFX file, you can do this with OpenSSL too by looking at the ASN.1 but this way you get some of the Microsoft specific stuff expanded out to human readable things.
I should note that its old, its unsupported and it may have vulnerabilities in it — as such I unregister it when its not in use and I recomend you do the same.
Hope this helps someone,