« Home | My first impressions of the new Backtrack » | Beta Version of the Final Release of Back Track no... » | The new Internet Explorer 0-day createTextRange on... » | Nmap Idle Scanning and Linux » | Exploiting X-11 forwarding in SSH » | Bypassing Windows DEP » | Using socketNinja.pl with the Metasploit Framework... » | About the body Onload Internet Explorer Vunerabili... » | Obfuscating The Mozilla Recent Firefox DOS » | Obfuscating Web Pages » 

Tuesday, May 23, 2006

Fun with WSH

WSH stands for Windows Script Host. It is a way of automating various Windows tasks.

I was playing around with it today and thought I'd post something on how useful it is.

For example, you can open IE and make it open a certain web page like this:

' ie.vbs

' version 0.1 justfriends4n0w@yahoo.com
'Opens Internet explorer and goes to foo.com
set WshShell = CreateObject("WScript.Shell")
WshShell.Run "iexplore.exe"
WScript.Sleep 800

WshShell.SendKeys "%f{down}{enter}"

' Enter a url to go to and OK
WshShell.SendKeys "www.rhce2b.com{enter}"

All this does is open Internet Explorer and send a bunch of keystrokes to it. I was thinking of maybe using this approach to write a simple HTML fuzzer. I could generate a file and then use this to open the file.

Another thing you can automate is sending an e-mail in Micrsoft Outlook. Interestingly enough, if you have the option set to automatically sign outgoing mail, and you have recently sent mail, this script will sent mail that is signed by you.

' outlook.vbs

' version 0.1 justfriends4n0w@yahoo.com
'Opens outlook and sends a mail

set WshShell = CreateObject("WScript.Shell")
WshShell.Run "outlook.exe"
WScript.Sleep 1500

WshShell.SendKeys "%nm"
WScript.Sleep 200

WshShell.SendKeys "foo@foobar.com{tab}"
'note: the first time you hit tab in an address field it just resolves names and doesn't tab out of the field...
WScript.Sleep 200
WshShell.SendKeys "{tab}{tab}"
WshShell.SendKeys "Test{tab}"
'text of message:
WshShell.SendKeys "This was sent by a script impersonating Randy..."

'Here is how to insert a file

WshShell.SendKeys "%il"

'file name

WshShell.SendKeys "C:\Documents and Settings\icarus\Desktop\ol.txt{enter}"

'Send message
WshShell.SendKeys "%s"

I saw a paper somewhere about using scripts like this to open personal firewall configuration programs and send the keystrokes to disable them, or even add new firewall rules.

Anyway, there is a lot of fun things to do with this. And after about 5 minutes of playing with it, you will get the hang of it.

E-mail this post

Remenber me (?)

All personal information that you provide here will be governed by the Privacy Policy of Blogger.com. More...

Add a comment