Last active
May 26, 2016 06:25
-
-
Save kostyll/27a1210bfc8435e385f2befee9ac1c25 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {1!} | |
| cscript /nologo wget.js http://example.com | |
| This is the code: | |
| [in vbs] | |
| var WinHttpReq = new ActiveXObject("WinHttp.WinHttpRequest.5.1"); | |
| WinHttpReq.Open("GET", WScript.Arguments(0), /*async=*/false); | |
| WinHttpReq.Send(); | |
| WScript.Echo(WinHttpReq.ResponseText); | |
| /* To save a binary file use this code instead of previous line | |
| BinStream = new ActiveXObject("ADODB.Stream"); | |
| BinStream.Type = 1; | |
| BinStream.Open(); | |
| BinStream.Write(WinHttpReq.ResponseBody); | |
| BinStream.SaveToFile("out.bin"); | |
| */ | |
| {2!} | |
| There's a standard Windows component which can achieve what you're trying to do: BITS. It has been included in Windows since XP and 2000 SP3. | |
| Run: | |
| bitsadmin.exe /transfer "JobName" http://download.url/here.exe C:\destination\here.exe | |
| The job name is simply the display name for the download job - set it to something that describes what you're doing. | |
| {3!} | |
| AFAIK, Windows doesn't have a built-in commandline tool to download a file. But you can do it from a VBScript, and you can generate the VBScript file from batch using echo and output redirection: | |
| @echo off | |
| rem Windows has no built-in wget or curl, so generate a VBS script to do it: | |
| rem ------------------------------------------------------------------------- | |
| set DLOAD_SCRIPT=download.vbs | |
| echo Option Explicit > %DLOAD_SCRIPT% | |
| echo Dim args, http, fileSystem, adoStream, url, target, status >> %DLOAD_SCRIPT% | |
| echo. >> %DLOAD_SCRIPT% | |
| echo Set args = Wscript.Arguments >> %DLOAD_SCRIPT% | |
| echo Set http = CreateObject("WinHttp.WinHttpRequest.5.1") >> %DLOAD_SCRIPT% | |
| echo url = args(0) >> %DLOAD_SCRIPT% | |
| echo target = args(1) >> %DLOAD_SCRIPT% | |
| echo WScript.Echo "Getting '" ^& target ^& "' from '" ^& url ^& "'..." >> %DLOAD_SCRIPT% | |
| echo. >> %DLOAD_SCRIPT% | |
| echo http.Open "GET", url, False >> %DLOAD_SCRIPT% | |
| echo http.Send >> %DLOAD_SCRIPT% | |
| echo status = http.Status >> %DLOAD_SCRIPT% | |
| echo. >> %DLOAD_SCRIPT% | |
| echo If status ^<^> 200 Then >> %DLOAD_SCRIPT% | |
| echo WScript.Echo "FAILED to download: HTTP Status " ^& status >> %DLOAD_SCRIPT% | |
| echo WScript.Quit 1 >> %DLOAD_SCRIPT% | |
| echo End If >> %DLOAD_SCRIPT% | |
| echo. >> %DLOAD_SCRIPT% | |
| echo Set adoStream = CreateObject("ADODB.Stream") >> %DLOAD_SCRIPT% | |
| echo adoStream.Open >> %DLOAD_SCRIPT% | |
| echo adoStream.Type = 1 >> %DLOAD_SCRIPT% | |
| echo adoStream.Write http.ResponseBody >> %DLOAD_SCRIPT% | |
| echo adoStream.Position = 0 >> %DLOAD_SCRIPT% | |
| echo. >> %DLOAD_SCRIPT% | |
| echo Set fileSystem = CreateObject("Scripting.FileSystemObject") >> %DLOAD_SCRIPT% | |
| echo If fileSystem.FileExists(target) Then fileSystem.DeleteFile target >> %DLOAD_SCRIPT% | |
| echo adoStream.SaveToFile target >> %DLOAD_SCRIPT% | |
| echo adoStream.Close >> %DLOAD_SCRIPT% | |
| echo. >> %DLOAD_SCRIPT% | |
| rem ------------------------------------------------------------------------- | |
| cscript //Nologo %DLOAD_SCRIPT% http://example.com targetPathAndFile.html | |
| {4!} | |
| This script can be executed to inject a vbs file into the HKLM\startup path or the HKCU\startup path. The difference being that HKLM applies to all users, where as HKCU only applies to you, the current user activating this script. | |
| [vbs] | |
| Const cHKLM = &H80000002 | |
| Const cComp = "." | |
| Set objReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_ | |
| cComp & "\root\default:StdRegProv") | |
| strKeyPath = "SOFTWARE\Microsoft\Windows\CurrentVersion\Run" | |
| strValueName = "ScriptName" | |
| strValue = "Drive:\PathTo\Myscript.vbs" | |
| objReg.SetStringValue cHKLM, strKeyPath, strValueName, strValue | |
| Good Luck | |
| {http://www.nthelp.com/40/autorun.htm} | |
| Use Regedt32.exe (in your \system32 sub directory) to edit | |
| HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows | |
| load REG_SZ and | |
| run REG_SZ | |
| Remove the offending value. | |
| also the below are some places programs put their startup commands: | |
| - In the Startup folder for the current user and for all users. | |
| - In the registry: | |
| HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | |
| HKLM\Software\Microsoft\Windows\CurrentVersion\Run | |
| HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce | |
| HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices | |
| HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce | |
| HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | |
| HKCU\Software\Microsoft\Windows\CurrentVersion\Run | |
| HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce | |
| HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices | |
| HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce | |
| HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows, the "run" and Load" keys. | |
| reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v "StupidMS" /t REG_SZ /d "%stupidMS%" | |
| reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v "CTFMON.EXE" /t REG_SZ /d "%c:\Windows\system32\ctfmon.exe" | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment