### A small collection of unobfuscated code-execution primitives in different languages

A handy collection of small primitives/templates useulf for code-execution, downloading or otherwise offensive purposes. Whenever a quick sample of VBScript/JScript/C# code is needed - this directory should bring you one.

Windows Script Host (WSH) subsystem can execute VBScript/JScript scritplets using two pre-installed interpreters:

- `cscript.exe` - to be used for command-line, dynamic script execution. **Doesn't load AMSI**

- `wscript.exe` - For general scripts execution. **This one loads AMSI**


---

#### VBScript

- **`download-file-and-exec.vbs`** - Downloads a binary file using `Msxml2.ServerXMLHTTP`, stores it to the disk `Adodb.Stream` and then launches it via `Wscript.Shell Run`

- **`download-powershell-and-exec-via-stdin`** - Downloads a Powershell script/commands from a given URL and passes them to _Powershell_'s `StdIn`

- **`drop-binary-file-and-launch.vbs`** - Drops embedded base64 encoded binary file to disk and then launches it.

- **`wmi-exec-command.vbs`** - Example of VBScript code execution via WMI class' `Win32_Process` static method `Create`

- **`wscript-shell-code-exec.vbs`** - Code execution via `WScript.Shell` in a hidden window.

- **`wscript-shell-stdin-code-exec.vbs`** - Code execution via `WScript.Shell` in a hidden window through a command passed from StdIn to `powershell`


---

#### JScript


---

#### XSL

XSL files can be executed in the following ways:

- Using `wmic.exe`:
```
wmic os get /format:"jscript-xslt-template.xsl"
```

Templates:

- **`hello-world-jscript-xslt.xsl`** - A sample backbone for XSLT file with JScript code showing a simple message box.

- **`wscript-shell-run-jscript-xslt.xsl`** - JScript XSLT with `WScript.Shell.Run` method



---

#### COM Scriptlets

Sample code execution with `regsvr32` can be following:
```
regsvr32 /u /n /s /i:wscript-shell-run-jscript-scriptlet.sct scrobj.dll
```

- **`wscript-shell-run-jscript-scriptlet.sct`** - SCT file with JSCript code execution via `WScript.Shell.Run`


---

#### HTA

HTA files are HTML Applications

- **`wscript-shell-run-vbscript.hta`** - A backbone for `WScript.Shell.Run` via _VBScript_