Fun with WSH
WSH stands for Windows Script Host. It is a way of automating various Windows tasks.
I was playing around with it today and thought I'd post something on how useful it is.
For example, you can open IE and make it open a certain web page like this:
' ie.vbs
' version 0.1 justfriends4n0w@yahoo.com
'Opens Internet explorer and goes to foo.com
set WshShell = CreateObject("WScript.Shell")
WshShell.Run "iexplore.exe"
WScript.Sleep 800
WshShell.SendKeys "%f{down}{enter}"
' Enter a url to go to and OK
WshShell.SendKeys "www.rhce2b.com{enter}"
All this does is open Internet Explorer and send a bunch of keystrokes to it. I was thinking of maybe using this approach to write a simple HTML fuzzer. I could generate a file and then use this to open the file.
Another thing you can automate is sending an e-mail in Micrsoft Outlook. Interestingly enough, if you have the option set to automatically sign outgoing mail, and you have recently sent mail, this script will sent mail that is signed by you.
' outlook.vbs
' version 0.1 justfriends4n0w@yahoo.com
'Opens outlook and sends a mail
set WshShell = CreateObject("WScript.Shell")
WshShell.Run "outlook.exe"
WScript.Sleep 1500
WshShell.SendKeys "%nm"
WScript.Sleep 200
'to:
WshShell.SendKeys "foo@foobar.com{tab}"
'note: the first time you hit tab in an address field it just resolves names and doesn't tab out of the field...
WScript.Sleep 200
'CC:
WshShell.SendKeys "{tab}{tab}"
'subject:
WshShell.SendKeys "Test{tab}"
'text of message:
WshShell.SendKeys "This was sent by a script impersonating Randy..."
'Here is how to insert a file
WshShell.SendKeys "%il"
'file name
WshShell.SendKeys "C:\Documents and Settings\icarus\Desktop\ol.txt{enter}"
'Send message
WshShell.SendKeys "%s"
I saw a paper somewhere about using scripts like this to open personal firewall configuration programs and send the keystrokes to disable them, or even add new firewall rules.
Anyway, there is a lot of fun things to do with this. And after about 5 minutes of playing with it, you will get the hang of it.
I was playing around with it today and thought I'd post something on how useful it is.
For example, you can open IE and make it open a certain web page like this:
' ie.vbs
' version 0.1 justfriends4n0w@yahoo.com
'Opens Internet explorer and goes to foo.com
set WshShell = CreateObject("WScript.Shell")
WshShell.Run "iexplore.exe"
WScript.Sleep 800
WshShell.SendKeys "%f{down}{enter}"
' Enter a url to go to and OK
WshShell.SendKeys "www.rhce2b.com{enter}"
All this does is open Internet Explorer and send a bunch of keystrokes to it. I was thinking of maybe using this approach to write a simple HTML fuzzer. I could generate a file and then use this to open the file.
Another thing you can automate is sending an e-mail in Micrsoft Outlook. Interestingly enough, if you have the option set to automatically sign outgoing mail, and you have recently sent mail, this script will sent mail that is signed by you.
' outlook.vbs
' version 0.1 justfriends4n0w@yahoo.com
'Opens outlook and sends a mail
set WshShell = CreateObject("WScript.Shell")
WshShell.Run "outlook.exe"
WScript.Sleep 1500
WshShell.SendKeys "%nm"
WScript.Sleep 200
'to:
WshShell.SendKeys "foo@foobar.com{tab}"
'note: the first time you hit tab in an address field it just resolves names and doesn't tab out of the field...
WScript.Sleep 200
'CC:
WshShell.SendKeys "{tab}{tab}"
'subject:
WshShell.SendKeys "Test{tab}"
'text of message:
WshShell.SendKeys "This was sent by a script impersonating Randy..."
'Here is how to insert a file
WshShell.SendKeys "%il"
'file name
WshShell.SendKeys "C:\Documents and Settings\icarus\Desktop\ol.txt{enter}"
'Send message
WshShell.SendKeys "%s"
I saw a paper somewhere about using scripts like this to open personal firewall configuration programs and send the keystrokes to disable them, or even add new firewall rules.
Anyway, there is a lot of fun things to do with this. And after about 5 minutes of playing with it, you will get the hang of it.
| Permalink | E-mail this post 
