Sign in to follow this  
Followers 0
lod3n

VirusScan SuperDAT downloader

5 posts in this topic

Originally posted in response to this:

http://www.autoitscript.com/forum/index.php?showtopic=48518

I figured it'd probably be useful to a wider audience, and it demonstrates some neat concepts.

;set parameters for using
Global $UseIntegratedSecurity = True
Global $ProxyServer = "10.0.0.1:8080"
Global $ProxyUser = "username" ;if $UseIntegratedSecurity is true (and working), these can be blank
Global $ProxyPass = "password"

;create WinHttpRequest object for downloading config info
Global $oHttp = ObjCreate ("WinHttp.WinHttpRequest.5.1")
Global $oBinaryStream = ObjCreate("ADODB.Stream")
$oHttp.SetProxy(2,$ProxyServer) ; PRECONFIG = 0 (default), DIRECT = 1, PROXY = 2

ConsoleWrite("Downloading update.ini..." & @TAB)
$sINI = httpget("http://download.nai.com/products/datfiles/4.x/nai/update.ini")
ConsoleWrite("Complete" & @CRLF)
FileDelete("update.ini")
FileWrite("update.ini",$sINI)

$curSdat = IniRead("update.ini","SuperDat-IA32","FileName","")
$sdatUrl = "http://download.nai.com/products/licensed/superdat/english/intel/" & $curSdat
ConsoleWrite("Downloading " & $curSdat & "..." & @TAB)
$sdataBin = httpget($sdatUrl,@ScriptDir & "\" & $curSdat)
ConsoleWrite("Complete" & @CRLF)


func httpget($url,$filename="")
    $COMerrnotify = false
   
    If $UseIntegratedSecurity Then
        $oHttp.SetAutoLogonPolicy(0) ; Always = 0, OnlyIfBypassProxy = 1, Never = 2
    Else
        $oHttp.SetAutoLogonPolicy(2) ; Always = 0, OnlyIfBypassProxy = 1, Never = 2
    EndIf
   
    $status = $oHttp.Open("GET", $url,false)
   
    If Not $UseIntegratedSecurity Then
        $oHttp.SetCredentials($ProxyUser,$ProxyPass,0) ; HTTPREQUEST_SETCREDENTIALS_FOR_SERVER = 0
    EndIf
   
   
    $oHttp.Send()
    if $oHttp.Status <> "200" then
        $status = $oHttp.Status
        $StatusText = $oHttp.StatusText
        Consolewrite("Status: " & $status & @crlf)
        Consolewrite("StatusText: " & $StatusText & @crlf)
        $COMerrnotify = true
        SetError(1)
        return $status & " - " & $StatusText       
    Else
        $COMerrnotify = true
        SetError(0)
        Consolewrite("Response Headers: " & $oHttp.GetAllResponseHeaders & @crlf)
        
        If $filename <> "" Then
            $adTypeBinary = 1
            $adSaveCreateOverWrite = 2          
            FileDelete($filename)
            $oBinaryStream.Type = $adTypeBinary
            $oBinaryStream.Open
            $oBinaryStream.Write($oHttp.ResponseBody)
            $oBinaryStream.SaveToFile($filename, $adSaveCreateOverWrite)
            Return $oHttp.Status
        EndIf
        
        return $oHttp.ResponseText
    EndIf
   
EndFunc



;_IEErrorHandlerRegister("ComErrFunc")
$oIEErrorHandler = ObjEvent("AutoIt.Error","ComErrFunc")
global $COMerrnotify = true
Func ComErrFunc()
    If IsObj($oIEErrorHandler) Then
        if $COMerrnotify then
            ConsoleWrite("--> ComErrFunc: COM Error Encountered in " & @ScriptName & @CR)
            ConsoleWrite("----> Scriptline = " & $oIEErrorHandler.scriptline & @CR)
            ConsoleWrite("----> Number Hex = " & Hex($oIEErrorHandler.number, 8) & @CR)
            ConsoleWrite("----> Number = " & $oIEErrorHandler.number & @CR)
            ConsoleWrite("----> Win Description = " & StringStripWS($oIEErrorHandler.WinDescription, 2) & @CR)
            ConsoleWrite("----> Description = " & StringStripWS($oIEErrorHandler.description, 2) & @CR)
            ConsoleWrite("----> Source = " & $oIEErrorHandler.Source & @CR)
            ConsoleWrite("----> Help File = " & $oIEErrorHandler.HelpFile & @CR)
            ConsoleWrite("----> Help Context = " & $oIEErrorHandler.HelpContext & @CR)
            ConsoleWrite("----> Last Dll Error = " & $oIEErrorHandler.LastDllError & @crlf)
        EndIf
        $HexNumber = Hex($oIEErrorHandler.number, 8)
        SetError($HexNumber)
    Else
        SetError(1)
    EndIf
    Return 0
EndFunc

[font="Fixedsys"][list][*]All of my AutoIt Example Scripts[*]http://saneasylum.com[/list][/font]

Share this post


Link to post
Share on other sites



simply awesome

the only solution i found to bypass our proxy

really well done

thx


-- Arck System _ Soon -- Ideas make everything

"La critique est facile, l'art est difficile"

Projects :

[list] [*]Au3Service : Run your exe as service V3 / Updated 29/07/2013 Get it Here [/list]

Share this post


Link to post
Share on other sites

THANKS to whichever script kiddie decided this would be a good chunk of code to add to their "VBS/Psyme" trojan. Now I can't use this on any machines with VirusScan on it. FOAD.


[font="Fixedsys"][list][*]All of my AutoIt Example Scripts[*]http://saneasylum.com[/list][/font]

Share this post


Link to post
Share on other sites

[Hi,

Do you know how can I measure upload trafic in a internet server? Something like an Au3 script running and getting from time to time the number of uploaded bytes to Internet?

Thanks

Jose

Share this post


Link to post
Share on other sites

Thanks a lot for sharing this...


Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0